VXLAN BGP-EVPN Multitenancy
Bridge Domains: Bridge Domain is said to be a broadcast domain that represents the scope of L2 network. In VXLAN network the Bridge domain extends up to 16 Million, segments of VNI. So with respect to VLAN, there are two types of encapsulation exits to allow mapping from VLAN to VNI and vice versa. This mapping is always configured on edge device or VTEP.
In VXLAN, the bridge domain consists of three components:
- The classical ethernet domain with the VLAN namespace
- VXLAN domain with the VNI name space
- Network switch with hardware/software bridge domain resource.
VLAN in VXLAN: Most Servers send ethernet traffic which is encapsulated in certain VLAN. In ethernet segment VLAN must be spread across networks switch inorder to send the VLAN traffic from one switch to another with a limitation of 4K VLAN boundary.
With VXLAN, the VLAN became the Local identifier and VXLAN VNI becomes the Global identifier. All ends points that needs to communicate to each other must be in same Layer 2 VNI.
On a given edge device, 1:1 mapping between VLAN and VXLAN must be done.
In this way, the VLAN is the local identifier, and the VNI becomes the global identifier. The VLAN is now significant to that edge device only. In this way, different VLANs on different edge devices can map to the same VNI
Per-port VLAN uses the VLAN ID arriving on the wire that is stored in the dot1q header. The edge device immediately maps this wire VLAN to an encapsulation independent identifier without creating this VLAN on the switch and maps the wire VLAN to a VNI.
In the below figure the same VLAN 10 on two different ports (Ethernet 1/1 and Ethernet 1/2) maps to VNIs 20001 and 20002 respectively.
Sample Layer 2 VNI Configuration with per-Port VLAN Significance