In VXLAN Course content you will learn about how to configure, deploy and implement VXLAN in Datacenter Fabric in multi-tire environment. The VXLAN Technology is supported on multivendor products like Cisco, Juniper, VMWARE, however the implementation and configuration along with design of VXLAN can vary from products to products.
This Course enables you to learn VXLAN in deep details like VXLAN perquisite, VXLAN Bridging, VXLAN Routing, VXLAN over Multicast and also how to configure VXLAN on MPBGP-EVPN scenario. For each Section you will learn the Traffic flow, Control plane build, and then How Data Plane flows. VXALN is Overlay technology and knowledge on Underlay protocol like EIGRP, OSPF is must. Here we have implemented VXLAN via Multicast and MPBGP-EVPN on Nexus 9000 Series switches platform.
The Course Pedagogy will help you to learn the following concepts on configuring VXLAN on different Cisco Switches Hardware Platform.
- VXLAN Introduction in details
- VXLAN Packet Forwarding in Multicast Environment
- How to configure VXLAN over redundant VPC domain on Nexus 9K
- Introduction to VXLAN MPBGP-EVPN
- What is VXLAN BGP-EVPN Multitenancy and how it is configured.
- Components of MPBGP-EVPN VXLAN
- Traffic Flow on VXLAN over MPBGP-EVPN (Unicast Bridging)
- Non-IP traffic forwarding over VXLAN
- MPBGP-EVPN VXLAN Traffic Flow on Intersubnet
- VXLAN Bridging LAB over Multicast environment
- VXLAN MPBGP-EVPN LAB
VXLAN stands for Virtual eXtensible local Area Network because it extends the L2 Boundary beyond 4K over L3 medium.VXLAN is MAC over IP/UDP overlay scheme which increases Layer2 network from 4K to 16 Million.VXLAN allow Layer2 traffic to be extended over or across datacenters via using same L3 network.
Advantage of VXLAN:
Following are the major motivation factors that led to the invention of VXLAN.
- STP Issue: Layer 2 Network are well known supported by STP to avoid loop in Layer2 domain, due to STP, sometime it’s very difficult to troubleshoot and STP also took long time to converge. Also it blocks large number of redundant connection making links unusable for forwarding data traffic. Due to this there are large number of resource wastage and ECMP idea is least implemented. But with Layer 3 Network, utilization of redundant path can be done by ECMP and issue of STP can be minimized.
- Multitenancy: In cloud Environment or Multitenancy environment, 4000 VLAN is not enough to support, due to which it was to increase the number of VLAN, VXALN increase this from 4K to 16 Million.
- IP core Network: While implementing VXLAN, there is no requirement for new Layrer3 network, So VXALN uses same IP connectivity (Point to point, MPLS, VPN) across DC for traffic to send.
- TOR MAC table scalability: With virtualization, the number of MAC addresses per port can be quite large (say, 50 to a 100 VMs per server). This coupled with the learning of addresses for remote in-conversation hosts puts a huge burden on the ToR Layer 2 hardware tables. The numbers become worse with Fabric Extender (FEX) and blade chassis deployments. After the ToR tables become full, more and more Layer 2 traffic will be treated as unknown unicast, resulting in a large amount of floods in the network.
- Virtual network Identifier: This is referred as VNI also called as VXLAN Segment ID , system uses this VNI along with mapped VLAN ID to identify layer 2 segment in VXLAN overlay network
- VXLAN Segment: It is the layer 2 overlay network over which endpoints communicates through direct layer2 adjacency.
- VTEP: VTEP is VXLAN Tunnel End points. All VXLAN overlay tunnels are originated and terminated over these VTEPs. The VTEPs are responsible for encapsulation and decapsulation of VXLAN packet.
It has a unique IP address that identifies the VTEP device on the transport IP network known as the infrastructure VLAN. The Ethernet frames are encapsulated by using this IP address by VTEP device and is transmitted to Transport network through th IP Interface. Remote VTEPs are also discovered by this VTEP device for its VXLAN segments and also learns MAC address to VTEP mapping by this IP interface only.
There are two types of VTEPS:
- Virtual VTEPS: It is the software based VTEPS, like VXLAN capable Hypervisor switch with in hypervisor host.
- Physical VTEPS: Hardware based switch such as cisco 9300, 9500 switch performs well for VTEP function.
- VXLAN Gateway: A VXLAN gateway connects to VXLAN and traditional VLAN segment. A physical VTEP device can provide this functionality. The below figure shows that a hypervisor VTEP initiates VXLAN tunnels on one side and a physical VTEP device on the other side provides VXLAN gateway service to terminate the VXLAN tunnel and map the VXLAN VNI to a traditional VLAN.
- VXLAN Bridging: This function is provided by VTEP device to extend the VLAN or VXLAN VNI over layer 3 Infrastructure. Below Figure shows VLAN-to-VLAN and VXLAN-to-VXLAN bridging.
- VXLAN Routing: It is called as Inter-VXLAN routing, it provides IP routing between two VXLAN VNI in the overlay network in a way similar to inter-vlan routing. Figure shows the logical concept of VXLAN routing.
Hardware and Software Support
The solutions described in this section use Cisco Nexus 9300 platform switches as physical VXLAN VTEPs. They require the following hardware and software:
- Cisco Nexus 9300 platform switches should or must be used as the VTEP devices in any VXLAN topology.
- Cisco NX-OS Release 6.1(2) I2 (2b) or later on the Cisco Nexus 9300 VTEP switches is recommended. Although from Cisco NX-OS Release 6.1(29) I2 (1) the Cisco Nexus 9300 platform has started supporting VXLAN functions but later many enhancements were added in Release 6.1(2)I2(2b).
- The VXLAN function doesn’t require an additional license. However, the underlay network which is required to support VXLAN function requires the appropriate licenses for Interior Gateway Protocol (IGP) routing and IP multicast functions.
- Cisco Nexus 9500 platform switches which provides 10 and 40 Gigabit Ethernet port density and performance are used as as the spine.
VXLAN Header Format:
VXLAN provides a MAC-in-UDP encapsulation scheme where the original Layer 2 frame has a VXLAN header added before it and is further placed in a UDP-IP packet. By this MAC-in-UDP encapsulation, VXLAN tunnels Layer 2 network over Layer 3 network.
- VXLAN Header: It is 24-bit VNID field in the VXLAN header identifies or defines the VXLAN segments. It also provides a expanded address spaces for Layer 2 networks.
- UDP header: The destination port mentioned in the UDP header indicates that the packet is a VXLAN encapsulated packet which is port 4789. The source UDP port is calculated by a hashing result based on the original Layer 2 frame head, so the source port number will always vary and depends upon on a per-flow basis. By this approach it allows a better per-flow load sharing of VXLAN traffic across the underlay network.
- Outer IP header: The source IP address in the outer IP header is the local VTEP address from where VXLAN traffic is sourced. The destination IP address is the remote VTEP address for known unicast traffic and for broadcast, unknown unicast, and multicast traffic , the associated multicast group address is used.The VXLAN encapsulated packets will be than routed through the underlay transport network based on the outer header IP addresses.
- Outer MAC address or Layer 2 header: This header has MAC address and is used to forward the encapsulated packets to the immediate next-hop device.
Maximum Transmission Unit Adjustment in the Underlay Network
VXLAN adds a 50-byte overhead in total, including:
- 8-byte VXLAN header
- 8-byte UDP header
- 20-byte outer IP header
- 14-byte outer MAC header
To avoid exceeding the maximum transmission unit (MTU) size while sending VXLAN encapsulated packets through the underlay network, you should increase the MTU size in the underlay network by 50 bytes, or enable jumbo frames.