VXLAN is an overlay data plane encapsulation scheme developed to address the various issues seen in layer 2 networks.
It can extend Layer 2 and Layer 3 overlay networks over a Layer 3 underlay network, using MAC-in-IP/UDP tunnelling. Each overlay is known as a VXLAN segment.
IANA (Internet Assigned Numbers Authority) gave VXLAN the UDP destination port of 4789, or 8472 in Linux. It is different in Linux as when first developed for Linux, it did not use an officially designated port as there was not one defined.
VXLAN has a 24-bit VXLAN Network Identifier (VNI) which allows up to 16 million VXLAN segments. Much more than 12 bits/4000 VLANs.
The VXLAN Network Identifier is part of a VXLAN shim header that encapsulates the original inner MAC address originated from an endpoint.
The VNI provides the segmentation for Layer 2 and Layer 3 traffic.
To allow discovery of VNIs, a technology called VTEPs, virtual tunnel endpoints, are used. A Virtual Tunnel Endpoint originates or terminates a VXLAN tunnel.
VTEPs map Layer 2 and Layer 3 packets to a VXLAN to be used in the overlay network, there are two interfaces to a VTEP, the local LAN interface and the IP interface.
The local LAN interface provides a bridging interface between local hosts.
The IP interface is a core facing network interface for VXLAN. The IP address associated with the interface helps identify the VTEP on the network. It is used for encapsulating and decapsulating traffic.
A VXLAN gateway can connect devices that do not support VXLAN into a normal a common layer 2 domain with both VLAN and VXLAN.
The standard of VXLAN does not define a control plane, but only a data plane protocol. This means that VXLAN is left open to be used with multiple different types of control plane. Cisco devices support four different types:
- VXLAN with a Multicast underlay
- VXLAN with static unicast VXLAN tunnels
- VXLAN with MP-BGP EVPN control plane
- VXLAN with a LISP control plane
MP-BGP EVPN and Multicast are the most popular control planes in use for data centre and private cloud environments.