Simplifying Underlay - Overlay Networks, VxLAN and Packet Walk: A Journey of Networks

Simplifying Underlay - Overlay Networks, VxLAN and Packet Walk: A Journey of Networks

In the intricate world of networking, there are two crucial concepts: Underlay Networks and Overlay Networks. These concepts play a vital role in establishing efficient and secure data transmission. Let's unravel these concepts and explore their significance in our interconnected world.

What is an Underlay Network?

An Underlay Network forms the physical infrastructure on which overlay networks are built. It acts as the foundational layer responsible for delivering data packets across networks. Underlay networks operate at different layers of the OSI model, such as Layer 2 (Data Link Layer) or Layer 3 (Network Layer). For example, Ethernet-based Layer 2 underlay networks use Virtual Local Area Networks (VLANs) for segmentation. The Internet itself serves as a familiar example of a Layer 3 underlay network, providing the foundation for various overlay networks to operate.

Delving into Overlay Networks

Overlay Networks are virtual networks constructed on top of the underlying network infrastructure, i.e., the underlay network. They abstract the physical network, creating a virtualized environment where overlay nodes (e.g., routers) communicate over the physical network. Overlay networks implement network virtualization concepts and employ Layer 2 and Layer 3 tunneling encapsulation protocols like VXLAN, GRE, and IPSec. These protocols enable the transportation of data packets across the overlay network, bridging the gap between different network segments or sites that may not natively support direct communication.

Making the Connection Between Underlay and Overlay Networks:

To better grasp the relationship between underlay and overlay networks, let's use a relatable example. Imagine embarking on a road trip from New York to Los Angeles. The physical highways, streets, bridges, and tunnels that you traverse represent the underlay network—the tangible pathways guiding your journey.

Now, consider relying on a GPS navigation system throughout your trip. The GPS system utilizes the physical road infrastructure (the underlay network) but creates a virtual pathway (the overlay network) specifically guiding you from your starting point to your destination. The GPS system is not concerned with the physical attributes of the roads; its focus is on virtually connecting your origin and endpoint.

In the context of computer networks:

  • The Underlay Network resembles the physical highways and roads comprising physical routers, switches, and cables. Data packets use this infrastructure to travel across the network.

  • The Overlay Network acts like the GPS system. It is a virtual network built on top of the underlay network, providing a specific, optimized path for data packets to travel from source to destination.

To summarize, the Underlay Network represents the physical infrastructure facilitating data packet movement, while the Overlay Network creates virtual pathways within the underlying physical network to optimize data transmission.

VxLAN: Extending Layer 2 Networks Beyond Limits

VxLAN, short for Virtual Extensible LAN, revolutionizes network virtualization by extending Layer 2 networks across Layer 3 infrastructures. This technology proves invaluable in dynamic data centers with multi-tenant Virtual Machines (VMs). VxLAN segments, or overlays, establish virtual communication paths, enabling VMs within the same segment to communicate seamlessly, even across different physical networks. Each segment is identified by a unique VNI (VxLAN Network Identifier), allowing for up to 16 million segments within the same administrative domain.

VNI: Unleashing Network Virtualization Potential

The VxLAN Network Identifier (VNI) unlocks network virtualization capabilities by providing a vast address space. Unlike VLANs, VxLAN's 24-bit ID space allows for approximately 16 million unique VNIs. Each VNI acts as a unique identifier, similar to a postcode, ensuring data reaches the intended destination accurately. This extensive range of VNIs guarantees uniqueness across the entire network, enhancing flexibility and scalability.

VTEP: Orchestrating Traffic Encapsulation

VxLAN traffic encapsulation and direction are handled by VTEP (VxLAN Tunnel End Point), acting as the orchestrator. VTEPs create stateless tunnels across the network, encapsulating traffic from the source switch and delivering it to the destination switch. Equipped with an IP address in the underlay network and associated with one or more VNIs, VTEPs perform the intricate task of adding and removing headers to ensure seamless frame delivery across the network.

Making Sense of VxLAN, VNI, and VTEP with an Engaging Analogy

Imagine you're sending letters to friends residing in different cities. Your goal is to make it seem like all these letters originate from your home city. In this scenario, VxLAN acts as a clever post office system that enables precisely that!

VxLAN: The Clever Post Office

VxLAN, the virtual post office, empowers your computer (representing your home city) to send data to different parts of a network (different cities) as if they were part of your local network. This technology proves especially useful in large data centers where numerous computers (or VMs) need to communicate as if they were in the same location, regardless of their physical separation.

VNI: The Unique Postcodes

Each letter (or data piece) requires a unique postcode to reach the correct friend (or VM). The VNI or VxLAN Network Identifier, fulfills this role. Operating as a unique identifier, similar to a postcode, the VNI ensures data reaches its intended destination accurately. With VxLAN, you have the capability to employ up to 16 million unique postcodes, far surpassing the limitations of traditional VLAN systems.

VTEP: The Reliable Postman

The diligent postman, VTEP (VxLAN Tunnel End Point), encapsulates your letter (data) into an envelope (encapsulation) adorned with the correct address (IP and UDP headers). At the recipient's end,

the envelope is opened (decapsulation), and the letter is safely delivered to the intended friend (the corresponding VM).

In essence, VxLAN serves as our clever post office system, facilitating the seamless delivery of data to different friends (VMs) residing in various cities (networks) while maintaining the illusion that all letters originate from your home city (your local network). Each letter receives a unique postcode (VNI), and VTEP acts as the reliable postman, ensuring accurate delivery.

Understanding Packet Walk in a VxLAN Network: A Letter's Journey

Let's simplify it using an analogy: the journey of a letter from one city to another.

Step 1: Starting the Journey

The journey commences when a letter (data) arrives at a switch, acting as our post office. The letter originates from a host (home) and arrives through an untagged access port (regular pathway). The post office assigns an area code (VLAN) to the letter.

Step 2: Deciding the Destination

The post office determines the letter's destination is a remote post office (switch) located in another city (location). This remote post office is connected to the local post office through an array of roads (an IP network).

Step 3: Preparing for the Journey

The letter's area code (VLAN) is associated with a specific mailbox (VNI). To prepare the letter for its journey, it is placed in a dedicated envelope (VxLAN header applied). The local post office (VTEP) wraps the letter in additional envelopes (encapsulation) comprising UDP and IP headers. The letter sets off on its journey along the roads (IP network).

Step 4: Arriving at the Destination

Upon reaching the remote city (remote switch), the local post office receives the letter and removes the additional envelopes (decapsulation). The original letter, complete with its area code (a regular layer-2 frame with a VLAN ID), remains.

Step 5: Delivery to the Recipient

The remote post office selects an egress port (destination) based on the recipient's address (normal MAC lookups). The letter proceeds on its final leg of the journey, reaching the intended recipient just as expected.

In summary, VxLAN technology enables our "letter" to travel seamlessly from one "home" to another, across cities, while maintaining the illusion of a neighborhood environment.

Thank you for joining us on this exploration of Underlay and Overlay Networks, VxLAN, and the Packet Walk. These concepts are essential in building efficient and secure networks. By understanding the roles of underlay and overlay networks, the power of VxLAN technology, and the journey of data packets, we gain valuable insights into the world of networking. Keep exploring and embracing the possibilities that networking offers in our interconnected world. Stay connected and informed!

References: