Did You Know that cVu can Parse and Strip VXLAN Headers?

What is VXLAN and why is it used?

Virtual Extensible LAN, or VXLAN, is an encapsulation protocol commonly used to address the need for overlay networks within virtualized data centers accommodating multiple tenants. For instance, a cloud computing architecture is multi-tenant, which means each tenant requires its own logical network, and ultimately, its own network identification (network ID). The primary goal of VXLAN is to make it easier for network engineers to scale out a cloud computing environment. Around 2011, VXLAN emerged to expand the functionality and scalability of VLANs across a wide range of virtual networks.

In the past, most companies found that the use of a VLAN was sufficient to support moderate network traffic. However, as data centers evolved, and virtual machines and cloud computing have become the norm, workloads increased causing scalability and security issues. It was clear that the existing 12-bit ID was insufficient to support the ever-growing cloud computing environment.

In a traditional network, VLAN’s were commonly used, but due to its limited scalability and inefficient use of available network links, using VLAN was no longer a viable solution for large enterprise networks and cloud service providers. Therefore, VXLAN was introduced as a solution to these challenges and offers several benefits:

  1. Increased scalability to address more Layer 2 (L2) segments: VXLAN uses a 24-bit segment ID which can provide a unique identifier for up to 16 million VXLAN segments within a single administrative domain. This allows for an increase in the size of the network and the ability to support network demands.
  2. Layer 3 topology: VLAN uses the Spanning Tree Protocol (a Layer 2 protocol that runs on bridges and switches) for loop prevention which means it doesn’t use half of the network links in a network by blocking redundant paths. This is contrary to VXLAN packets which get transferred through the underlying network based on its Layer 3 header. It uses equal-cost multipath (ECMP) routing and link aggregation protocols to use all available paths.

What is CISCO’S Application Centric Infrastructure (ACI) and where does VXLAN fit in?

There are currently two common notions for Software Defined Networking. The first is Openflow, which is a protocol that allows a server to tell network switches where to forward the packets. The second is Cisco’s ACI, which is both a data center and a cloud solution, allowing applications to define the network infrastructure. Cisco’s ACI is an architectural approach to SDN, compared to the protocol approach of OpenFlow. Cisco’s ACI architecture uses a spine/leaf design and is designed for higher speed networks, typically 40 Gbps to 100 Gbps. It was designed to optimize, simplify, and accelerate the entire application deployment lifecycle.

VXLAN headers are often used to create the ACI network overlays. For example, the Layer 2 domains reside in the overlay, with isolated broadcast and failure bridge domains. This allows the data center network to grow without the risk of creating too large a failure domain.

While VXLAN has garnered considerable attention, it can have the same visibility challenge as many encapsulation methods. For instance, end-to-end traffic is hidden inside the tunnel, so it’s important to strip away the encapsulation for continuous monitoring and troubleshooting. The challenge is that many existing monitoring and security tools do not fully understand the routing protocol which ultimately renders these tools useless and incapable of accurately monitoring the data.

How does cPacket’s cVu address this problem?

As virtual and cloud infrastructures become the norm, network operators have come to realize that the days of static environments are simply a thing of the past. The dynamic nature of virtual and cloud infrastructures means that IT teams need the right management and monitoring tools to help them respond to these changes and allow them to gain control of their network environments.

cPacket’s cVu was designed to meet the challenges of today’s modern networking environment. The cVu can strip the VXLAN header from the packets and process it at line rate speed. cVu’s distributed architecture allows users to aggregate traditional architecture with their virtual network allowing for improved performance and efficiency. By stripping the VXLAN header, cPacket’s NPM solution is especially useful for providing accurate traffic analysis while allowing other tools down the chain to parse the packets correctly.

VXLAN stripping on the cVu is a straight forward and easy process. To enable VXLAN stripping, go to the general configuration page and set the parameter “enable_vxlan_stripping” to the ports you want to turn VXLAN stripping on. You can use the default UDP port (4789) or specify another port to identify the VXLAN. For example, to enable VXLAN stripping on network traffic entering the cVu on ports 1, 2 and 7, where ports 1 and 7 will use the default UDP port of 4789 and port 2 will use port 47889, enter the following configuration:

                                   enable_vxlan_stripping 1, 2:47889, 7

Traditional monitoring tools have struggled to keep pace with today’s network challenges. The migration of control from the physical to the virtual is a complicated process and one that requires IT teams to re-evaluate their existing monitoring tools. cPacket’s cVu monitoring tool is a valued resource for IT teams looking to process their data more efficiently while also saving time and money. To learn more about cVu and its capabilities, click here.

For more information on VXLAN: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/aci-fundamentals/b_ACI-Fundamentals/b_ACI-Fundamentals_chapter_010010.html