3 minutes to get the vlan and vxlan

Traditional VLAN technology cannot support the strict requirements of cloud providers because it can only support a maximum of 4096 VLANs. This technology can effectively overcome the limitation of extension brought by VLAN.

So what is vlan?

VLAN (Virtual Local Area Network) means virtual local area network, which is a concept involved in the implementation of switches, and is defined by the 802.1Q standard.

Since the switch is a network device that works at the link layer, the terminals connected to the same switch are in the same Layer 3 network and are also in the same broadcast domain. When a switch accesses a large number of terminals, when any terminal sends a broadcast message (for example, an ARP request), the message will be transmitted throughout the network.

Vlan is divided into static and dynamic. The static VLAN is fixed when the VLAN administrator first configures the correspondence between the switch port and the VLAN ID, that is, this port can only correspond to this VLAN ID, and cannot be changed afterwards unless the administrator reconfigures it. A dynamic vlan is a switch that automatically configures the port as the VLAN to which the host belongs. There are three categories: MAC-based, IP-based, and user-based.

For large-scale networking scenarios, the flood of broadcast packets will greatly affect network communications. VLAN technology provides a solution to this problem. A VLAN divides the same network into multiple logical virtual subnets, and stipulates that when a broadcast packet is received, it only broadcasts in its VLAN to prevent the flood of broadcast packets. . VLAN technology implements broadcast domain isolation at the link layer level.

The development of virtualization technology has prompted big data and cloud computing technology companies to use a single physical device to virtualize multiple virtual machines for networking. Therefore, the number of supported VLANs is also increasing, and VLAN technology supports a maximum of 4,094 VLANs. As a result, the demand can no longer be met.

What is Vxlan?

VXLAN (Virtual eXtensible Local Area Network) is one of the NVO3 (Network Virtualization over Layer 3) standard technologies defined by the IETF. Layer 3 packets are encapsulated with a layer 3 protocol, which can expand the layer 2 network within the range of layer 3, and at the same time meet the needs of data center large layer 2 virtual migration and multi-tenancy.

VXLAN technology can build a layer 2 virtual network based on a layer 3 network structure. Through VLAN technology, network devices on different network segments can be integrated into the same logical link layer network. To end users, these network devices seem to be "really "Deployed in the same link-layer network.

NVO3 is a collective name for the technology of building a virtual network based on a three-layer IP overlay network. VXLAN is just one of the NVO3 technologies. In addition, the more representative ones are NVGRE and STT.

Compared with VLAN technology, VXLAN technology has the following advantages:

The 24-bit length VNI field value can support a larger number of virtual networks, which solves the limitation of the maximum number of VLANs of 4094.

VXLAN technology uses a tunneling technology to virtualize a Layer 2 network in a physical Layer 3 network. Terminals in the VXLAN network cannot detect the VXLAN communication process. This allows the logical network topology and the physical network topology to be decoupled to a certain extent. The configuration of the topology is less dependent on the configuration of the physical device, and the configuration is more flexible and convenient.

VLAN technology only solves the problem of splitting the broadcast domain of the Layer 2 network, and VXLAN technology also has the characteristics of multi-tenant support. With VXLAN segmentation, each tenant can independently network, communicate, address allocation, and address conflicts between multiple tenants. The problem was also resolved.

In order to ensure the correctness of the VXLAN mechanism communication process, the rfc7348 standard stipulates that IP packets related to VXLAN communication are not allowed to be fragmented. This requires that the link layer implementation of the physical network must provide a sufficiently large MTU value to ensure VXLAN. The smooth transmission of messages can be understood as the limitation of current VXLAN technology.

Generally speaking, the default MTU of a virtual machine is 1500 Bytes, which means that the original Ethernet packet is a maximum of 1500 bytes. When this packet passes VTEP, it will be encapsulated with a new packet header of 50 bytes (VXLAN header 8 bytes + UDP header 8 bytes + external IP header 20 bytes + external MAC header 14 bytes). , The entire message length reached 1550 bytes.

For existing VTEP devices, generally, when decapsulating VXLAN packets, VXLAN packets cannot be fragmented, otherwise they cannot be decapsulated correctly. This requires that the MTU of all network devices between VTEPs be at least 1550 bytes.

If it is not convenient to change the MTU value of the intermediate device, then setting the MTU value of the virtual machine to 1450 can also temporarily solve this problem.

The above is the news sharing from the PASSHOT. I hope it can be inspired you. If you think today' s content is not too bad, you are welcome to share it with other friends. There are more latest Linux dumps, CCNA 200-301 dumps and CCIE Written dumps waiting for you.