What is a VNI

In a previous article, we looked at VxLAN's origins, what problem it solves and how it compares to other tunnelling approaches. We also covered how VxLAN enables multi-tenancy in a datacenter through network virtualisation.

With multi-tenancy, various network tenants(customers, or teams within the same company) can share the same physical Infrastructure but still create virtual networks where MAC addresses or IP addresses overlap. This article covers how the Virtual Network Identifier(VNI) field in the VxLAN header enables this capability.

The VNI identifies a VxLAN, it is analogous to the VLAN ID in non virtualised layer 2 networks. The VNI is found in the VxLAN header and is a part of the overall encapsulation of the original L2 frame of a tenant. The entire VxLAN encapsulation consists of VxLAN header, UDP encap, Underlay IP header and Underlay MAC header. See image below:

Depicted in green is the VxLAN encapsulation added by the VTEP(VxLAN tunnel endpoint). The VTEP encapsulation and de-encapsulation functionality can be implemented on a switch or a server. The VxLAN header depicted in yellow consists of Flags, VNI and 32 reserved bits. The VNI is 24 bits long, this means it supports 16million(2^24) VxLAN segments.

Regarding flags, If the 5th bit of the flag is set to 1 it means the VNI is valid. If it is set to 0 it means the VNI is invalid. all other flag bits are reserved.

In conclusion, the VNI field is ultimately what enables the magic of VxLAN. It's one of the key pieces that allows Tenant A's 10.10.0.1 to coexist with Tenant B's 10.10.0.1 on the same physical infrastructure without any conflicts as each tenant gets their own isolated network segment identified by a unique VNI.