Data centers face growth challenges as demand rapidly scales for cloud computing services. Network expansion has been a consistent obstacle to meet this demand head-on.
Virtual Extensible LANs (VXLANs) can enable organizations to solve these scaling needs, even for increasingly complex, large-scale cloud deployments, like those often seen in data centers. VXLANs are a promising evolution of network virtualization technology, particularly for data centers that need to scale their networks rapidly to keep pace with demand.
As more providers and standardizations support VXLAN, it becomes even easier to deploy and operate. Data center managers can look to VXLANs for network deployments and connect networks between data centers at scale.
What is a VXLAN?
A VXLAN aims to help network engineers extend and scale out a cloud computing environment by running an overlay network on existing infrastructure.
An overlay network is a virtual network built on top of network Layer 2 and Layer 3 technologies. A virtual LAN (VLAN) uses a similar overlay encapsulation protocol to isolate apps and tenants in a cloud computing environment. VLANs can only assign up to 4,096 individual network IDs. VXLANs greatly expand the number of IDs available -- up to a whopping 16 million logical networks.
With VXLANs, millions of isolated Layer 2 networks can coexist on a common Layer 3 infrastructure. This enables organizations to support elastic compute architectures at scale. It also helps network engineers migrate VMs across long distances and isolate tenants with their own logical networks across large cloud computing environments.
For data centers, VXLANs offer many advantages. VXLANs enable data centers to do the following:
- access the segmentation needed for virtual networks at scale;
- dramatically increase agility and flexibility;
- simplify the management, automation and orchestration of virtual networks;
- support a large number of tenants for multi-tenant cloud computing environments;
- allocate resources between data centers and migrate VMs between servers; and
- overcome the limitations of VLANs.
In short, VXLANs are an evolution of VLANs and have become an industry-standard overlay network virtualization technology. They are supported by a variety of vendors and play an important role in software-defined networking.
VXLAN vs. WAN vs. VLAN
To understand what distinguishes VXLANs from other network technologies and protocols, let's first look at the three main types of network technologies:
- LAN. A LAN is a network that connects devices within close proximity. It enables network nodes to communicate and share resources. There are two primary ways to set up a LAN: wired and wireless connections. Organizations can deploy a wired LAN with Ethernet cables and a Layer 2 switch, which enables devices to connect and communicate through Ethernet.
- Metropolitan area network (MAN). A MAN is a network that interconnects LANs across a geographic region that spans the size of a metropolitan area. Organizations that comprise several buildings within a city may use MANs to provide data communication to all locations.
- WAN. A WAN further extends the reach of the network -- sometimes spanning states, countries or even the globe. It is not restricted to a metropolitan area or the proximity of a LAN. Organizations can set up a LAN and connect it to a WAN with a router or similar device, but the WAN infrastructure is typically privately owned or leased from a third-party provider, like a telecommunications carrier. Because of this, WANs are not the most secure option, especially when used over shared or public Wi-Fi. Organizations can implement a wired or wireless WAN or LAN. Wired typically provides better security. Within a WAN, users can access shared applications, services and other centrally located resources.
LANs are limited in their reach, MANs likely won't meet the needs of a globalized environment and WANs come with some security and traffic concerns.
A VLAN is a logical overlay network that sits on top of a physical LAN. Network switches identify a VLAN by an ID, and each port on a switch can have multiple VLAN IDs. Hosts connected to a switch port with a VLAN ID can then access data through the virtual network.
By partitioning a single switched network into a set of overlaid virtual networks, VLANs isolate each group of devices connected to the network. This provides an enhanced level of security and enables better provisioning of network resources, as each network can devote its resources to relevant traffic only, reducing the amount of traffic processed. However, the number of VLAN IDs is limited, which is the biggest drawback for data centers that need to support large-scale computing environments.
VXLANs are an expansion of VLANs that greatly scales the number of IDs available, extending the reach of the network and the benefits of VLANs.
Deploying and operating VXLANs for a data center network
VXLAN deployment and configuration can be complex, but once the network is up and running, admins can automate orchestration in a variety of ways to simplify the management burden.
To start, have a clear understanding of the network design, especially if building on an existing network. Consider how to optimize the physical infrastructure, including the location of each gateway, switch, virtual tunnel endpoint and adapter to carry VXLAN traffic. With the VXLAN overlay and the underlay in mind, design the network hierarchically to keep the architecture simple and easy to scale.
Organizations that want to interconnect different data centers across disperse geographies can use a template-based, multisite Ethernet VPN. Take this into account when configuring the network, and extend the network across data centers with a single overlay.
Once the system is set up and deployed, programmatically create virtual networks as needed, and assign each a new ID. Then, make changes to the configuration that reflect across every switch to reduce administrative and operational overhead.