VXLAN tunnel overview
A virtual extensible LAN (VXLAN) tunnel allows you to run an overlay Layer 2 network over an existing IPv4 or IPv6 transport network.
VXLAN tunnels were originally developed to increase scalability in data center and cloud computing environments through increase of the number of isolated L2 networks from 4096 (limited by a 12-bit VLAN ID) to 16 million (through a 24-bit VXLAN ID).
Traffic that belongs to the overlay network is encapsulated in a Layer 3 UDP packet that is routed over the underlying transport network.
The entity that performs the encapsulation and de-encapsulation is called a VXLAN tunnel endpoint (VTEP).
A VXLAN network identifier (VNI) uniquely identifies each Layer 2 subnet or segment. Virtual machines on the same VNI can communicate directly with each other, whereas virtual machines on different VNIs need a router to communicate with each other.
Benefits of VXLAN tunnels
- In theory, you can create as many as 16 million VXLANs.
- You can enable migration of virtual machines between servers that exist in separate Layer 2 domains by tunneling the traffic over Layer 3 networks. This functionality allows you to dynamically allocate resources within or between data centers without being constrained by Layer 2 boundaries or being forced to create large or geographically stretched Layer 2 domains.
- Use of VXLANs to create smaller Layer 2 domains that are connected over a Layer 3 network means that you do not need to use Spanning Tree Protocol (STP) to converge the topology but can use more robust routing protocols in the Layer 3 network instead. In the absence of STP, none of your links are blocked, which means you can get full value from all the ports.
- Use of routing protocols to connect Layer 2 domains allows you to load-balance the traffic to allow you to make the best use of your available bandwidth.