Aviz Packet Broker details VXLAN encapsulation and stripping

Aviz Packet Broker now processes Virtual Extensible LAN (VXLAN) traffic with encapsulation, decapsulation, and header stripping to restore visibility across virtualized data centers, enabling centralized monitoring and distribution of traffic for security and operational tools.

Research overview

VXLAN is used to extend Layer 2 segments over Layer 3 networks to support scalable virtual networks in distributed data centers. The vendor post explains how Aviz Packet Broker handles VXLAN flows to centralize capture, filtering, and delivery of monitoring traffic.

Key findings

Aviz Packet Broker provides VXLAN encapsulation and decapsulation, advanced header stripping, VNI-aware routing, and simultaneous IPv4 and IPv6 VXLAN handling. The product leverages Application-Specific Integrated Circuit (ASIC) parsing within its Network Optimization Suite (NOS) to perform line-rate VXLAN header removal and uses VNI and Monitoring-as-Code (MaC) address matching to route traffic to designated tools.

Technical breakdown

Encapsulation

Encapsulation places original Ethernet frames inside VXLAN, User Datagram Protocol (UDP) and IP headers and assigns a VXLAN Network Identifier for transport across the IP fabric. The broker applies packet selection rules before encapsulation and forwards encapsulated flows to destination VTEPs it manages.

Decapsulation

Decapsulation strips IP, UDP and VXLAN headers when the broker finds matching VNI and MaC addresses, exposing the inner Ethernet frame for policy evaluation. After processing, the broker forwards the recovered traffic to monitoring tools, security appliances, or network segments according to configured policies.

Configuration and management

Administrators use Command-Line Interface (CLI) or GUI controls to create VXLAN tunnels, map tunnels to tool or network ports, and define which packets are encapsulated or decapsulated. Header stripping can be applied to tapped VXLAN traffic so monitoring tools receive inner payloads without requiring VXLAN tunnels in the monitoring fabric.

Operational impact

These capabilities let operations and security teams aggregate, filter, and distribute traffic centrally while preserving visibility across layered virtual networks. Support for multi-tenant environments and both IP versions keeps monitoring consistent across mixed infrastructure deployments.

Aviz Packet Broker's VXLAN processing restores packet-level visibility for monitoring and security across virtualized data center fabrics. This “Blog Signals brief” is a fact-based summary of the vendor blog.