Loading...
 

Advertisement

Russian Dolls  

VxLAN Headers

Encapsulation

In the world of VxLAN, encapsulation plays an important role. As traffic reaches a VTEP, it will add several new headers.

We start with an ordinary layer-2 frame that a host might send. This is the Inner MAC Frame. The hosts are unaware of VxLAN, so there is nothing special about this. It's just a normal Ethernet frame like the one shown below.


VxLAN Headers   Ethernet 1  

 

The switch will add several headers, starting with the VxLAN header. Before sending the data across the IP network, it also needs to add:

  • An outer UDP header
  • An outer IP header
  • An Ethernet header

 

Aside from adding headers, this process also removes the FCS from the inner MAC frame.

Throughout this article, we will look at the headers that VxLAN uses. We're going to assume IPv4, but the same principles apply to IPv6.

 


 

ND Logo
VxLAN Overview

Get the bigger VxLAN picture!

VxLAN

 

 

 


Headers

VxLAN

If traffic is part of a VLAN, a small field in the Ethernet frame holds the VLAN ID.

VxLAN does this a little differently. It adds a whole new header to the frame. Mostly, this is just used to hold the VNI ID.




 

There are four parts to the VxLAN header:

  • Reserved (8 bits) - Currently unused information. This is set to zero on transmission and ignored when received
  • VNI (24 bits) - The VNI ID number. 24 bits allows for about 16 million possible VNI's
  • Reserved (24 bits) - As before, this is currently unused
  • Flags (8 bits) - Currently only bit 3 is used. This is the I flag, and indicates if this is a valid VNI

 

This adds up to an additional 8 bytes.


VxLAN Headers   VxLAN  

 

 

UDP

After the VxLAN header, the VTEP adds a UDP header. This uses a destination port of 4789, and a random source port.

The random source port adds entropy. When using ECMP, switches will allocate traffic to a particular link. The random source port helps to spread the traffic across different links.

The length field is a normal UDP field. VxLAN does not do anything specific with this field.

The checksum field must be set to zero if the destination VTEP is to accept and decapsulate the traffic. A valid checksum is not needed here anyway, as there are other error detection functions like FCS.


VxLAN Headers   UDP  

 

IP

Next, the VTEP adds an IP header. This includes all the usual fields, but the ones we're interested in for VxLAN are the source and destination addresses.

The source address is the IP address of the VTEP that send the packet over the transport network.

The destination address is the VTEP at the other end of the network. The destination may be a unicast or multicast address. For multicast, it will be the group address that maps to the VNI.


VxLAN Headers   IP

 

 

Ethernet

Finally, the switch or router adds an ethernet header. This is swapped out with every device that the traffic passes through.

Essentially, this is the normal Ethernet header that is applied to any IP traffic. VxLAN does not change any fields here.


VxLAN Headers   Ethernet 2  

 

 

Twitter: @NetwrkDirection
 


Suggested Articles

 


 

 

References

IETF - Virtual eXtensible Local Area Network (VXLAN): A Framework for Overlaying Virtualized Layer 2 Networks over Layer 3 Networks


 


Last update 2018-05-10 12:16


Advertisement