![Icon [all products]](https://www.thunder-link.com/tl-content/uploads/2022/05/Icon-all-products-1.svg "Icon [all products]"){kind=icon}
All productsVXLAN is an NVO3 network virtualization technology that encapsulates data packets sent from original hosts into UDP packets and encapsulates IP and MAC addresses used on the physical network in outer headers before sending the packets over an IP network. The virtual tunnel endpoint (VTEP) then decapsulates the packets and sends the packets to the destination host.
By leveraging VXLAN, a virtual network can accommodate a large number of tenants. Tenants can plan their own virtual networks without being limited by physical network IP addresses or broadcast domains. This technology significantly simplifies network management, allows VMs to migrate over a large Layer 2 network, and isolates tenants in a virtual.
On a VXLAN network, VNIs are mapped to BDs in 1:1 mode. After a packet reaches a VTEP, the VTEP can identify the BD to which the packet belongs, then select a correct tunnel to forward the packet. VXLAN Identification by VLAN.
The 1:1 or N:1 mapping between VLANs and BDs is configured on VTEPs based on network planning. After a VTEP receives a service packet, it correctly selects a VXLAN tunnel to forward the packet based on the mapping between VLANs and BDs and the mapping between BDs and VNIs.
In the below picture, VLAN 10 and VLAN 20 belong to BD 10. The mapping between VLANs 10 and 20 and BD 10, as well as the mapping between BD 10 and VNI 1000 are configured on the VTEP. After the VTEP receives a packet from PC_1 or PC_2, the VTEP forwards the packet over the VXLAN tunnel for VNI 1000.
The following table lists the differences between VXLAN and VLAN.
| Item | VLAN | VXLAN |
| Concept | Virtual local area network | Virtual extensible local area network |
| Implementation Method | A physical LAN is divided into multiple BDs logically to limit the network to a small geographic range. | Layer 2 virtual networks are established between networks with reachable routes. Such networks are not subject to geographical restrictions and can deliver a large-scale scalability. |
| Supported capacity | VLAN is the most commonly used network isolation technology. The VLAN field in packets is only 12 bits in length, which means that only a maximum of 4096 VLANs can be used on a network. In public cloud or other cloud computing scenarios involving tens of thousands or even more tenants, VLAN technology can no longer meet network isolation requirements. | VXLAN is a new network isolation technology defined in IETF RFC 7348. It has a 24-bit segment identifier (VNI) and can isolate up to 16 million tenants. This technology effectively enables isolation of mass tenants in cloud computing. |
| Network division mode | VLAN IDs are used to divide broadcast domains. Hosts within a BD can communicate at Layer 2. | BDs are used to divide broadcast domains. VMs within a BD can communicate at Layer 2. |
| Encapsulation mode | A VLAN tag is added to packets. | During VXLAN encapsulation, a VXLAN header, UDP header, IP header, and outer MAC header are added in sequence to an original packet. |
| Network communication mode | Inter-VLAN communication is implemented by VLANIF interfaces. As Layer 3 logical interfaces, VLANIF interfaces enable Layer 3 communication between VLANs. | Communication between VXLANs or between VXLANs and non-VXLANs is implemented by VBDIF interfaces.
VBDIF interfaces are configured on VXLAN Layer 3 gateways and are Layer 3 logical interfaces based on BDs. |
| Benefits | Limits broadcast domains: A broadcast domain is limited in a VLAN, which saves bandwidth and improves network processing capabilities.
Enhances LAN security: Packets from different VLANs are separately transmitted. Hosts in a VLAN cannot directly communicate with hosts in another VLAN. |
Location-independent capability: Services can be deployed flexibly at any location, solving network expansion issues related to server virtualization.
Flexible network deployment: VXLANs are constructed over the traditional network. They are easy to deploy and highly scalable while preventing broadcast storms on a large Layer 2 network. Cloud service adaptation: A VXLAN is able to isolate ten millions of tenants and support large-scale deployment of cloud services. Technical advantage: VXLAN uses MAC-in-UDP encapsulation. Such encapsulation mode does not rely on MAC addresses of VMs, reducing the number of MAC address entries required on a large Layer 2 network. |
Huawei S6730 switch supports VXLAN function, but you have to purchase the VXLAN license or N1 Advanced Software Package if you want to use this function.
