What is VxLAN
What is VxLAN
VxLAN stands for Virtual eXtensible LAN. To understand what it does one must take the X out of VxLAN and then you are left with VLAN.
A VLAN defines a network where every computer on the network can talk to each other without needing a router. It defines a single broadcast domain. Now letβs add extensible back to the VLAN and we have VxLAN. We can then deduce that VxLAN is a tunnelling protocol that enables us to extend broadcast domains or extend VLANs.
VxLANs enable VLANs to do things that was not possible in datacenters (without a custom hardware or software implementation) 10-15 years ago. One valid question is extend over what? The answer is Layer 3 domains.
Someone might say well we already have MPLS, or IPsec for network virtualisation. Why can't I use those in a Datacenter? This is a valid question. Subsequent paragraphs will address this question.
Datacenter's of 20 years ago ran fine without VxLAN, but public cloud computing was not a thing back then and in private clouds 4096 VLAN ID's provided by traditional VLANs was typically good enough. However, with the advent of public cloud computing(and it's inherent multi-tenancy) and modern datacenter's where customers might need more than one isolated network has created the need for more scalable datacentre network design options.
So the first answer is Scalability! MPLS L2VPNs scale to 2^20 labels(1 million labels) but VxLAN provides 2^24 (16 million VNIs).
Another factor is cost. It costs more to deploy a network device that supports MPLS compared to deploying a network device that supports VxLAN. This cost adds up fast when building large scale datacenter's.
What about IPsec?
IPsec is not a viable practical option. Network throughput is a big limiting factor for IPsec in datacenter's. Additionally, itβs more costly to deploy a physical network device that supports IPsec compared to one that supports VxLAN.
Additionally, VMs are turned up and down in public cloud datacenter's all the time. Managing the IPsec keys for all these VMs and dealing with the rekeying overhead would create operational complexity which would in turn make newly provisioned VMs slower to become network ready.
What scales better than VxLAN?
Well, you can design your own light weight tunnelling protocol similar to VxLAN but with more "VNIs" that runs on your DC servers. But you need to have the expertise to design, build and maintain such a custom solution, so most small-to-mid tier cloud providers would simply use VxLAN.
Call to action!
To learn more about VxLAN, check out this VxLAN course below: