The VXLAN technology introduced by Cisco and VMware this week is intended to scale VLANs to accommodate the exploding number of virtual machines in the virtualized data center. In addition to Cisco and VMware, Broadcom, Arista, Citrix and Red Hat also co-wrote the VXLAN specification.
As VMs proliferate in virtualized data centers, there's a need to expand MAC address table entries to support the burgeoning population of VMs - hundreds of thousands of them in some cases. Since Layer 2 and Spanning Tree are the predominant modes of communication in data centers, the limitations of those techniques have to be overcome in order to support virtualization.
Spanning Tree, though, deactivates links and ports to avoid loops which makes those links and ports useless and expensive. Spanning Tree also lacks the ability to multipath for resiliency, though this is being addressed by TRILL, Shortest Path Bridging and other recent developments.
Layer 2 networks also employ VLANs for broadcast isolation. But the current limit of 4,094 VLANs is inadequate to support large data center environments where VMs are being widely adopted, authors of the VXLAN specification assert. And the limitations of Spanning Tree often limit the number of VLANs to be configured well short of that 4,094 ceiling.
Also, serving multiple data center and cloud tenants over the same shared infrastructure creates unique demands on data centers that VXLAN is also looking to address. Each tenant requires an isolated network domain, and may independently assign MAC addresses and VLAN identifiers that duplicate others on the physical network. And because cloud providers serve large numbers of tenants, the 4,094 VLAN limit is insufficient, especially if there are multiple VLANs per tenant, according to the VXLAN authors.
These and other scenarios require an overlay network to encapsulate and tunnel the MAC traffic from the individual VMs over an IP network, the VXLAN specification proposes. Each overlay is a VXLAN segment, and each segment has a 24-bit identifier that "scopes" the inner MAC frame originated by the individual VM. This allows for overlapping MAC addresses across VXLAN segments since VM traffic associated with a specifc VXLAN segment stays in that segment, isolated from the others by the identifier.
As a result, up to 16 million VXLAN segments can coexist within the same administrative domain, according to the IETF spec.
It will be interesting to see if VXLAN takes off. There's likely to be resistance from Cisco's data center rivals, notably, HP, IBM, Brocade, Dell and Juniper. Then again, Cisco did attain 65% to 70% switching market share without their endorsement. The concept seems to make sense - let's see if execution, acceptance and adoption follow.
More from Cisco Subnet:
The Cisco Subnet blog is written by Network World managing editor Jim Duffy Visit the Cisco Subnet home page daily and while you are there, subscribe to the Cisco Alert e-mail newsletter, which includes news and views generated by the Cisco Subnet community as well as Cisco-related stories on Network World and elsewhere on the Web.
Follow Jim Duffy on Twitter