VXLAN concept (part I)-5 minutes a day to play OpenStack (108)

650) this.width=650; "Src=" http://7xo6kd.com1.z0.glb.clouddn.com/ Upload-ueditor-image-20161103-1478177731810020509.jpg "/>

In addition to the network of local, flat, and VLANs discussed earlier, OpenStack supports both the Vxlan and GRE overlay networks.

Overlay network refers to networks that are built on other networks. The nodes in the network can be thought of as being connected through a virtual (or logical) link. The overlay network may consist of several physical links at the bottom, but for nodes there is no need to care about these underlying implementations.

For example, the network is overlay networks, the tunnel is also. Both Vxlan and GRE are based on tunneling technology, and they are all overlay network.

Currently, Linux Bridge supports only Vxlan and does not support Gre;open vswitch both. Vxlan is very similar to GRE implementations, and Vxlan is used more often, so this tutorial only covers Vxlan.

VXLAN Full name Virtual extensible Local area Network.

As the name describes, VXLAN provides the same Ethernet Layer two service as the VLAN, but with greater scalability and flexibility. Compared to VLANs, VXLAN has several advantages:

1. Support for more than two layers of network segments. VLANs use 12-bit to flag VLAN IDs and support up to 4,094 VLANs, which can be a bottleneck for large cloud deployments. The ID of the VXLAN (VNI or Vnid) is tagged with 24-bit and supports 16,777,216 two-tier network segments.

2. Can make better use of existing network paths. VLANs Use the Spanning Tree Protocol to avoid loops, which can cause half of the network path to be dropped. VXLAN packets are encapsulated to UDP via three-tier transport and forwarding, and all paths can be used.

3. Avoid running out of physical switch MAC tables. Because of the tunneling mechanism, the TOR (Top on Rack) switch does not need to record the virtual machine information in the MAC table.

VXLAN Package and package formats

VXLAN is a network of two layers built on the three floor. Extends the number of two-tier network segments in the datacenter by encapsulating the two-tier data into UDP. VXLAN is a solution that supports large-scale multi-tenant network environments in existing physical network facilities. The VXLAN transport protocol is IP + UDP.

VXLAN defines a MAC-IN-UDP encapsulation format. Add the VXLAN header to the original Layer 2 network package and place it in UDP and IP packets. With the MAC-IN-UDP package, the VXLAN is able to create a Layer 2 tunnel on the Layer 3 network.

The format of the VXLAN package is as follows:

650) this.width=650; "Src=" http://7xo6kd.com1.z0.glb.clouddn.com/ Upload-ueditor-image-20161103-1478177734995003237.jpg "/>

As shown, VXLAN introduced the 8-byte VXLAN header, where VNI accounted for 24-bit. VXLAN and the original L2 frame are encapsulated in a UDP packet.

This 24-bit VNI is used to mark different two-layer segments and can support 16,777,216 LANs.

VXLAN Tunnel Endpoint

The VXLAN uses the VXLAN tunnel endpoint (VTEP) device to handle the encapsulation and closure of the VXLAN. Each VTEP has an IP interface that is configured with an IP address. VTEP uses this IP to encapsulate Layer 2 frame and transmit and receive encapsulated VXLAN packets through the IP interface.

Here are the VTEP:

650) this.width=650; "Src=" http://7xo6kd.com1.z0.glb.clouddn.com/ Upload-ueditor-image-20161103-1478177737006004603.jpg "/>

VXLAN is independent of the underlying network topology, and in turn, the underlying IP network between the two VTEP is independent of VXLAN. The VXLAN packet is routed based on the IP header of the outer layer, which takes the VTEP IP at both ends as the source and destination IP.

In the next section we further understand the process of VXLAN encapsulation and forwarding packages through examples and explore Linux support for VXLAN.

650) this.width=650; "Src=" http://7xo6kd.com1.z0.glb.clouddn.com/ Upload-ueditor-image-20161103-1478177737737082301.jpg "alt=" Blob.png "/>

VXLAN concept (part I)-5 minutes a day to play OpenStack (108)