Skip to main content

Overlay Network

An overlay network is a virtual network that runs on top of an existing network infrastructure, using encapsulation and logical addressing to create separate, software-defined connectivity between endpoints.

Expanded Explanation

1. Technical Function and Core Characteristics

An overlay network consists of virtual links and nodes that it maps onto an underlying physical or Layer 3 network. It uses tunneling or encapsulation protocols to carry overlay packets across the underlay without changing the underlay’s routing behavior.

Overlay networks commonly use techniques such as IP tunneling, Generic Routing Encapsulation (GRE), Virtual Extensible LAN (VXLAN), Network Virtualization using Generic Routing Encapsulation (NVGRE), or Geneve to encapsulate tenant or application traffic. They provide logical isolation, independent addressing, and policy control that operate separately from the physical network topology.

2. Enterprise Usage and Architectural Context

Enterprises use overlay networks in data centers, clouds, and wide-area networks to provide virtual networks, multi-tenancy, and segmented connectivity. Network Virtualization (NV) overlays allow operators to deploy and adjust logical networks without reconfiguring physical switches and routers.

Architectures such as Software Defined Networking (SDN), Network Functions Virtualization (NFV), and software-defined Wide Area Network (WAN) implement overlay networks to abstract transport from services and applications. Overlays support migration of workloads, hybrid cloud connectivity, and Traffic Engineering (TE) across heterogeneous infrastructures.

3. Related or Adjacent Technologies

Overlay networks relate closely to underlay networks, which provide the physical or IP transport on which overlays depend. Technologies such as Multiprotocol Label Switching (MPLS), Segment Routing, and IP routing protocols operate in the underlay, while the overlay adds separate logical control and policy.

Virtual private networks, VXLAN-based NV, and software-defined WAN services implement overlay concepts for isolation and connectivity. Control-plane mechanisms such as SDN controllers or BGP-based control distribution often manage overlay endpoint information and tunnel setup.

4. Business and Operational Significance

For enterprises, overlay networks provide a way to deploy network segmentation, multi-tenant environments, and workload mobility within existing infrastructure. They enable network teams to implement policy and connectivity changes through software control rather than only through physical reconfiguration.

Overlay architectures allow organizations to operate consistent logical networks across on-premises (on-prem) data centers, public clouds, and WAN providers. This supports standardized security policies, consistent addressing schemes, and lifecycle management for applications and services across diverse network domains.