Virtual Extensible LAN - Decision Insights

Virtual Extensible LAN (VXLAN) is a Network Virtualization (NV) technology that encapsulates Layer 2 Ethernet frames in Layer 3 User Datagram Protocol (UDP) packets to create logically isolated Layer 2 overlays across Layer 3 IP networks.

Expanded Explanation

1. Technical Function and Core Characteristics

VXLAN uses MAC-in-IP/UDP encapsulation to transport Ethernet frames over an IP underlay network, which enables Layer 2 connectivity across Layer 3 boundaries. It uses a 24-bit VXLAN Network Identifier (VNI) that supports up to 16 million logical segments, which exceeds the 4,096 Virtual LAN (VLAN) limit. VXLAN requires tunnel endpoints, often called VXLAN tunnel endpoints, that perform encapsulation and decapsulation at the edge of the overlay.

VXLAN operates over standard IP networks and commonly uses UDP port 4789, which allows equal-cost multipath routing and multicast or unicast-based flooding and learning. It maintains isolation between VXLAN segments through distinct VNIs, which supports multi-tenant environments and segmented workloads.

2. Enterprise Usage and Architectural Context

Enterprises use VXLAN in data center fabrics, private clouds, and multitenant environments to extend Layer 2 domains without expanding Spanning Tree Protocol (STP). It supports Virtual Machine (VM) mobility and workload placement across racks and pods while retaining Layer 2 adjacency.

Architects deploy VXLAN overlays on top of IP-based leaf-spine or routed core designs to separate logical network design from physical topology. VXLAN integrates with NV controllers and routing protocols and can interoperate with Border Gateway Protocol (BGP) Ethernet Virtual Private Network (VPN) for control-plane-based Monitoring-as-Code (MaC) and IP distribution.

3. Related or Adjacent Technologies

VXLAN relates to other network overlay technologies such as Network Virtualization using Generic Routing Encapsulation (NVGRE) and Geneve, which also encapsulate Layer 2 traffic over Layer 3 networks. It often appears with Ethernet VPN, which provides a control plane for distributing MaC and IP reachability information for VXLAN segments.

It coexists with traditional VLANs, MPLS-based Layer 2 VPNs, and IP routing technologies in hybrid data center and Wide Area Network (WAN) designs. Network platforms may support VXLAN in both hardware and software switches, as well as in virtual switches within hypervisors.

4. Business and Operational Significance

For enterprises, VXLAN enables multi-tenant segmentation, workload mobility, and data center consolidation without large Layer 2 broadcast domains in the physical fabric. It allows network teams to use IP routing for scalability and to maintain isolation between business units or customers.

VXLAN supports automation and policy-driven networking in software-defined data center architectures by decoupling logical segments from physical topology. It also supports integration with security controls, traffic steering, and observability tools that operate on both overlay and underlay networks.

Expanded Explanation

1. Technical Function and Core Characteristics

2. Enterprise Usage and Architectural Context

3. Related or Adjacent Technologies

4. Business and Operational Significance

Aviz ONES 4.2 details decoupled compute sharing with isolated GPU allocation

Aviz Networks details how vasn_tap captures and forwards traffic

Aviz Packet Broker details SONiC-based white box traffic visibility

Aviz Packet Broker 2.12 details dynamic LAG hashing and decapsulation

Aviz Service Nodes add NVIDIA ConnectX support

Aviz Networks details APB 2.11 support for 400G, GRE and ZTP