VXLAN is often described as an overlay technology because it allows you to stretch Layer 2 connections over an intervening Layer 3 network.

This works by encapsulation (tunneling) of Ethernet frames in a VXLAN packet that includes IP addresses.

Devices that support VXLANs are called virtual tunnel endpoints (VTEPs) — they can be end hosts or network switches or routers. VTEPs encapsulate VXLAN traffic and de-encapsulate that traffic when it leaves the VXLAN tunnel.

To encapsulate an Ethernet frame, VTEPs add a number of fields, such as:

• Outer media access control (MAC) destination address (MAC address of the tunnel endpoint VTEP).
• Outer MAC source address (MAC address of the tunnel source VTEP).
• Outer IP destination address (IP address of the tunnel endpoint VTEP).
• Outer IP source address (IP address of the tunnel source VTEP).
• Outer UDP header.
• A VXLAN header that includes a 24-bit field — called the VXLAN network identifier (VNI) — that is used to uniquely identify the VXLAN. The VNI is similar to a VLAN ID, but as it has 24 bits it allows you to create many more VXLANs than VLANs. The VXLAN header also contains 8 bits for VXLAN flags and reserved fields.