VXLAN Overview
So what is VXLAN ? Simply put, a protocol allowing to encapsulate L2 frames into it's own header and then carry those across L3 underlay network.
Looking at the above diagram we can see two Virtual Tunnel End Points (VTEPs) having a Layer 3 connectivity between each other and a few hosts connected to those VTEPs (each on their own broadcast domain). As was mentioned before, normally we won't be able to extend those broadcast domains across the L3 core, but with a little bit of help from VXLAN we, in fact, can.
Let's have a look at what is going to happen to the frame when it's traversing the network:
- Host A (VLAN 10) is going to send a frame to VTEP 1
- VTEP 1 will receive the frame, look for the VLAN ID it belongs to and, then, check the VLAN to VNI mapping before sending the new frame out
A few words on VNIs here - VNI or Virtual Network Identifier is yet another numeric field of 24 bits and is a part of VXLAN header that gets added on top of the original Ethernet header.
VNIs can be statically mapped to a VLAN in a Flood and Learn deployment or they can be dynamically learned with a bit of help from an additional protocol (more on this in the EVPN chapter)
VNIs are also allowing for two ways of scoping - either network significant meaning that the same VNI mapping needs to exist on all VTEPs throughout the network (which creates additional overhead from the management perspective) or they can be locally significant to the switch.
Now back to our frame
- VTEP 1 will encapsulate the frame into the VXLAN header and then send it over.
As was briefly mentioned, the VTEP will either rely on the control plane protocol like EVPN to identify the VTEP to send the frame to or it will flood the packets to all other VTEPs using the multicast address group. There is also an option of ingress replication where you would have to statically maps all VNIs to VTEPs but that is not very scalable as you could think.
- VTEP 2 will decapsulate the VXLAN frame and send an Ethernet frame over to Host B on VLAN 10