VXLAN in the Contemporary Data Center

Sept 24, 2014

Anthony Chow (@vCloudernBeer)

A contemporary data center is a virtualized data center: Server virtualization

Storage virtualization

Network virtualization

A dynamic and agile environment. It increases demand for the network. Uses various solutions to alleviate the

increase demand for the network.

What is a Contemporary Data Center?

• Are these the solutions? Software Defined Networking (SDN)

Network Function Virtualization (NFV)

Network Virtualization (NV)

• IT vendor quick to claim to have a SDN solution.

SDN, NFV and NV

A framework Separation of control and data plane Commercial SDN Controllers:

Cisco - Application Policy Infrastructure Controller HP - Virtual Application Networks (VAN) Controller NEC - ProgrammableFlow PF6800 Controller Nuage Networks - Virtualized Services Controller VMware - NSX Controller

Software Defined Network (SDN)

Closely related to SDN Network Services (Layer-4 to Layer-7)

FirewallLoad BalancerVPNIDS/IPS

Run as virtual machine Dynamic network provisioning and

orchestration. Service chaining

Network Function Virtualization (NFV).

Network virtualization abstracts networking from the physical network.

Provides logical isolation on a physical network

Network Virtualization technologies: VLAN for Layer-2 networks

VRF for Layer-3 networks

Network Overlays

Network Virtualization

One form of Network Virtualization Tunnels between end points are created on

existing physical networks (usually an IP infrastructure).

Using existing network infrastructure. Common Types of network overlay:

Virtual Extensible LAN (VXAN) Network Virtualization using Generic Encapsulation

(NVGRE) Stateless Transport Tunneling (STT) Network Virtualization Overlay 3 (NVO3)

Network Overlay

Encapsulation VTEP VNI VTEP Gateway IP Multicast

VXLAN Terminology

VXLAN Encapsulation

VTEP, VNI and VTEP Gateway

IP Multicast

VXLAN address learning

Virtual eXtensible Local Area Network (VXLAN): A Framework for Overlaying Virtualized Layer 2 Networks over Layer 3 Networks

Problems VXLAN is designed to solve Limitations Imposed by Spanning Tree and VLAN

Ranges

Multi-tenant Environment

Inadequate Table Sizes at ToR Switch

RFC 7348

RFC 7348 outlines the following rules for VXLAN: Each overlay is termed a VXLAN segment. Only VMs within the same VXLAN segment can communicate with each other Each VXLAN segment is identified by a 24-bit segment ID (VNI). VNI identifies the scope of the inner MAC frame originated by the individual

VM VNI is an outer header that encapsulates the inner MAC frame originated by

the individual VM. VXLAN segment and VXLAN overlay network are interchangeable in the RFC. VXLAN tunnels are stateless connection between 2 end points. Each end point is called a VXLAN Tunnel End Point (VTEP) VTEP can be implemented on a virtual switch, physical switch or physical

server either on hardware or software. Use of data plane learning. Multicast is used for carrying unknown destination, broadcast and multicast

frames (BUM traffic). VTEPs MUST NOT fragment VXLAN packets.

RFC 7348 (continued)