Virtual Extensible LAN (VXLAN) is a network virtualization technology that attempts to address the scalability problems associated with large cloud computing deployments.
It uses a VLAN-like encapsulation technique to encapsulate OSI layer 2 Ethernet frames within layer 4 UDP datagrams, using 4789 as the default IANA-assigned destination UDP port number.
VXLAN endpoints, which terminate VXLAN tunnels and may be either virtual or physical switch ports, are known as VXLAN tunnel endpoints (VTEPs)
VXLAN is an evolution of efforts to standardize on an overlay encapsulation protocol.
VXLAN is an evolution of efforts to standardize on an overlay encapsulation protocol. It increases scalability up to 16 million logical networks and allows for layer 2 adjacency across IP networks. Multicast or unicast with head-end replication (HER) is used to flood broadcast, unknown unicast, and multicast (BUM) traffic.
Open vSwitch is an example of a software-based virtual network switch that supports VXLAN overlay networks.
VXLAN is a network virtualization scheme that enables users to create a logical network for virtual machines (VMs) across different networks. That is to say, it allows you to create a layer 2 network on top of layer 3 through encapsulation. What to emphasize is that you could potentially create 16 million networks using VXLAN, compared to the 4096 VLANs. In this case, VXLAN technology enables network to support far more VLANs.
VXLAN vs VLAN: Why Choose VXLAN Instead of VLAN?
VXLAN allows you to create smaller layer 2 domains that are connected over a layer 3 network. Which eliminates the need to use Spanning Tree Protocol (STP) to converge the topology – but with a more robust routing protocols in the layer 3 network. Without STP, none of your links are blocked, so you can obtain full value from all the ports you purchased. VXLAN also enables you to load-balance the traffic to get the best use of your available bandwidth. These all makes sense to maximize data center performance.
http://www.fiber-optic-transceiver-module.com/vxlan-vs-vlan-which-is-best-fit-for-cloud.html
every VLAN has unique id this ID is added to frame
12bit long,2^12,4096 VLANs
each VxLAN has an identifier called VNI,
VNI, VxLAN network identifier
24bits long,2^24,16777216 segments Multitenant SDN allows customers to allocate their own VLANs VxLAN creates virtual networks on top of existing infrastructure, is called overlay technology
infrastructure runs on underlay
underlay network at layer3
all ports are routed,no need trunking or spanning tree
some sort of dynamic routing is used,Equal-cost multi-path routing (ECMP)
ECMP's use of load-sharing and fastrecovery
choices for underlay:OSPF,EIGRP,ISIS,BGP
Open Shortest Path First (OSPF)
Enhanced Interior Gateway Routing Protocol (EIGRP)
Intermediate System to Intermediate System (ISIS)
Border Gateway Protocol (BGP)
VxLAN itself overlay network
each VNI is a seperate virtual network that runs over the underlay VNI is called bridge domain
to create virtual network, traffic is encapsulated with UDP and IP,when it reaches destination switch, it is decapsulated underlay can be changed without redesigning overlay
VTEPs,encapsulation
VTEP provides connection between overlay and underlay
each VTEP has an IP address in underlay network and has one or more VNIs
source and destination VTEPs create stateless tunnels to deliver traffic from one host to another host
tunnel exists long enough to deliver VxLAN frame
MPBGP is control lane protocol over VxLAN
VxLAN overlay feature advantages:
scale up to approx 16M segments
address and traffic isolation
why MPBGP?
risks for data center and cloud deployments:
limited scale
centralised
admin dependent
BGP EVPN control plane over VXLAN:What does it solve for VxLAN?
Optimize/eliminate flooding of BUM traffic
virtual machine mobility with optimal forwarding
Decentralization of VTEPS
Large scale multi-tenancy in control plane
Route filtering and constrained route distribution
Ingress replication of multi-destination traffic
multicast free underlay
MP-BGP
MULTIPROTOCOL BGP Multiprotocol Extensions for BGP (MBGP) Multicast BGP
extension to Border Gateway Protocol (BGP) that allows different types of addresses (known as address families) to be distributed in parallel.
standard BGP supports only IPv4unicast addresses Multiprotocol BGP supports IPv4 and IPv6 addresses Multiprotocol BGP supports unicast and multicast variants of each Multiprotocol BGP allows information about the topology of IP multicast-capable routers to be exchanged separately from the topology of normal IPv4unicast routers Multiprotocol BGP allows a multicast routing topology different from the unicast routing topology.
Although MBGP enables the exchange of inter-domain multicast routing information, other protocols such as the Protocol Independent Multicast family are needed to build trees and forward multicast traffic.
As an enhancement of BGP-4, MP-BGP provides routing information for various protocols, such as IPv6 (BGP4+) and multicast:
Multiprotocol BGP is also widely deployed in case of MPLS L3 VPN, to exchange VPN labels learned for the routes from the customer sites over the MPLS network, in order to distinguish between different customer sites when the traffic from the other customer sites comes to the Provider Edge router (PE router) for routing.
leased line connections are expensive;
traditional router-based networks connect via dedicated point-to-point links.
leased line solution are replaced by VPN type solutions
VPN;
service provider provides layer2 connection between two sites
VPN models;
Overlay VPN;service provider does not participate, provides layer2 virtual connection between two endpoints, virtual point-to-point connection
peer-to-peer VPN;service provider participates in customer routing,
MPLS VPN
forward packets based on label instead of IP
combines overlay and peer-to-peer model VPN
virtual route forwarding(VRF)
Provider Edge Device in MPLS domain maintains routes in seperate VRF routing table for each customer
VPN is established between Provider Edge Devices, from one end to another end, VPN label is added
Understanding VXLAN
Virtual extensible LANs (VXLANs) introduced an overlay scheme that expands the Layer 2 network address space from 4K to 16 million, largely solving the scaling issues seen in VLAN-based environments.
Network overlays are created by encapsulating traffic and tunneling the traffic over a physical network.
You can use a number of tunneling protocols in the data center to create network overlays—the most common protocol is VXLAN.
VXLAN tunneling protocol encapsulates Layer 2 Ethernet frames in Layer 3 UDP packets.
This encapsulation enables you to create virtual Layer 2 subnets or segments that can span physical Layer 3 networks.
https://www.juniper.net/documentation/en_US/junos/topics/concept/evpn-vxlan-data-plane-encapsulation.html
Overlay networking (aka SDN overlay) is a method of using software to create layers of network abstraction that can be used to run multiple separate, discrete virtualized network layers on top of the physical network, often providing new applications or security benefits.
In data centers, VXLAN is the most commonly used protocol to create overlay networks that sit on top of the physical network, enabling the use of a virtual network of switches, routers, firewalls, load balancers, and so on.
Comparison: VXLAN vs NVGRE vs STT vs LISP - Overlay Network Technologies
VXLAN: Virtual Extensible LAN
OTV: Overlay Transport Virtualization
LISP: Locator/Identifier Separation Protocol
NVGRE: Network Virtualization Using Generic Routing Encapsulation
STT: Stateless Transport Tunneling
Apart from the underlay network(IP network), Network overlays are virtual networks of interconnected nodes that share an underlying physical network, allowing deployment of applications that require specific network topologies without the need to modify the underlying network.
In the case of network-based overlays, this function is implemented on the first switch (at the top of the rack). With the help of Ovelay networks you can achieve and provide scalable Layer II networks for a multitenant cloud that extends beyond 4000 VLANs. This capability is very important for private and public cloud hosted environments.
Geneve is a simple, flexible tunnel format designed for the overlay network case in a data center fabric, specifically when the underlay is IP — but probably applicable to just about any tunneling situation (other than the quasi-MPLS tunnel)
in the data networking world is the absolute plethora of tunneling technologies we have available. Going way back to the beginning, there was SNA, GRE, IP-in-IP, and a host of others. In the midterm was have MPLS (though some will argue this isn’t a tunneling protocol — but the point is it can be used as a tunneling encapsulation) and 802.1q, and then more recently VxLAN, LISP, NVGRE, and — yet again — a host of others.
https://packetpushers.net/geneve/
What is GENEVE?
in the current age of large multi-tenant clouds. A new network virtualization standard has emerged: GENEVE (Generic Network Virtualization Encapsulation) which promises to address the perceived limitations of the earlier specifications and support all of the capabilities of VXLAN, NVGRE and STT. Many believe GENEVE could eventually replace these earlier formats entirely.
The stated goal of GENEVE is to define an encapsulation data format only. Unlike the earlier formats, it does not include any information or specification for the control plane
https://www.redhat.com/en/blog/what-geneve
No comments:
Post a Comment