About VXLANs


Traditional network segmentation is provided by Virtual Local Area Networks (VLANs) standardized under the IEEE 802.1Q group. VLANs provide logical segmentation of the network at Layer 2 or broadcast domains. Due to less than optimal use of available network links with VLANs, there are rigid requirements on the placement of devices in the network and the scalability is limited to a maximum of 4096 VLANs. Using VLANs is a limiting factor when building large multi-tenant data centers.


Virtual Extensible LANs (VXLAN) are designed to provide the same Ethernet Layer 2 network services as VLANs but with greater extensibility and flexibility. When compared to VLANs, VXLANs offer the following benefits:


  • Flexible placement of multi-tenant segments through the data center, because it provides a solution to extend Layer 2 segments over the underlying shared network infrastructure and tenant workload can be load balanced across physical pods in the data center.
  • Increased scalability to address more Layer 2 segments as VXLANs use a 24-bit segment ID known as the VXLAN Identifier (VNID) which enables up to 16 million segments to coexist in the same administrative domain.
  • Improved utilization of available network paths in the underlying infrastructure since VXLAN packets are transferred through the underlying network based on the Layer3 header. This takes advantage of Layer 3 routing, equal-cost multipath (ECMP) routing, and link aggregation protocols to use all available paths.


VXLAN is a Layer 2 overlay scheme over a Layer 3 network. It uses MAC Address-in-User Datagram Protocol (MAC-in-UDP) encapsulation to provide a means to extend Layer 2 segments across the data center network. VXLAN is a solution to support a flexible, large-scale multi-tenant environment over a shared common physical infrastructure. The transport protocol over the physical data center network is IP plus UDP.


VXLAN is supported on non-redundant and redundant spine-leaf topology. VXLAN configuration at high level involves 5 major steps in addition to VLAN, trunk, vLAG, and vRouter configuration as needed.