Vyatta Network OS Documentation

Learn how to install, configure and operate the Vyatta NOS, which helps drive our virtual networking & physical platforms portfolio.

VXLAN as an overlay network

VXLAN is often described as an overlay technology because it allows you to stretch Layer 2 connections over an intervening Layer 3 network.

This works by encapsulation (tunneling) of Ethernet frames in a VXLAN packet that includes IP addresses.

Devices that support VXLANs are called virtual tunnel endpoints (VTEPs) — they can be end hosts or network switches or routers. VTEPs encapsulate VXLAN traffic and de-encapsulate that traffic when it leaves the VXLAN tunnel.

To encapsulate an Ethernet frame, VTEPs add a number of fields, such as:

  • Outer media access control (MAC) destination address (MAC address of the tunnel endpoint VTEP).
  • Outer MAC source address (MAC address of the tunnel source VTEP).
  • Outer IP destination address (IP address of the tunnel endpoint VTEP).
  • Outer IP source address (IP address of the tunnel source VTEP).
  • Outer UDP header.
  • A VXLAN header that includes a 24-bit field — called the VXLAN network identifier (VNI) — that is used to uniquely identify the VXLAN. The VNI is similar to a VLAN ID, but as it has 24 bits it allows you to create many more VXLANs than VLANs. The VXLAN header also contains 8 bits for VXLAN flags and reserved fields.
Figure 1. VXLAN encapsulated frame diagram
Note: Because VXLAN adds 50 to 54 bytes of additional header information to the original Ethernet frame, you might want to increase the MTU of the underlying network. In this case, configure the MTU of the physical interfaces that participate in the VXLAN network, not the MTU of the logical VTEP source interface, which is ignored.