行业研究公司研究宏观策略财报招股书会议纪要 Token 低空经济十五五 AIGC 大模型

VXLAN 技术白皮书

信息技术 2023-07-10 新华三技术有限公司李强

概述

产生背景：虚拟化技术发展导致数据中心规模扩大，传统二层网络面临 VLAN 资源不足、虚拟机迁移困难等问题。
技术优点：支持大量租户、虚拟机迁移 IP/MAC 不变、易于维护。

VXLAN 技术实现

网络模型：包括用户终端、VTEP、VXLAN 隧道、核心设备、VXLAN 网络、VSI、VSI-Interface 等组件。
VXLAN 支持 IPv6：可实现 IPv4/IPv6 网络之间的互通。
报文封装格式：在原始二层数据帧外添加 VXLAN 头、UDP 头、IP 头和外层以太头。
运行机制：包括发现远端 VTEP 建立 VXLAN 隧道、识别报文所属 VXLAN、学习 MAC 地址、转发报文等步骤。
VXLAN IP 网关：为 VXLAN 站点内的虚拟机提供三层业务，可分为独立的、集中式的和分布式的。

Comware 实现的技术特色

VXLAN 支持 M-LAG：提高 VXLAN 网络的可靠性。

典型组网应用

VXLAN 二层互通组网：属于相同 VXLAN 的虚拟机处于同一个逻辑二层网络，彼此之间二层互通。
集中式 VXLAN IP 网关组网：网关部署在 Spine 设备，易于实现流量控制、自动引流等功能。
分布式 VXLAN IP 网关组网：每台 VTEP 设备都可以作为 VXLAN IP 网关，缓解网关压力。
VXLAN 数据中心互联组网：通过 VXLAN-DCI 隧道实现不同数据中心之间虚拟机的互通。
VXLAN 与 SDN 控制器配合组网：由 SDN 控制器集中控制和管理整个网络设备，减少传统设备管理的复杂性。

目录 1概述··························································································································································11.1产生背景··············································································································································· 11.2技术优点··············································································································································· 12 VXLAN技术实现·····································································································································22.1网络模型··············································································································································· 22.2 VXLAN支持IPv6 ································································································································· 32.3报文封装格式········································································································································ 42.4运行机制··············································································································································· 52.4.1运行机制概述····························································································································· 52.4.2建立VXLAN隧道并将其与VXLAN关联··················································································· 52.4.3识别报文所属的VXLAN············································································································· 62.4.4学习MAC地址·························································································································· 62.4.5转发单播流量····························································································································· 72.4.6转发泛洪流量····························································································································· 92.4.7 ARP/ND泛洪抑制···················································································································· 122.5 VXLAN IP网关··································································································································· 142.5.1独立的VXLAN IP网关············································································································· 142.5.2集中式VXLAN IP网关············································································································· 142.5.3集中式VXLAN IP网关保护组·································································································· 162.5.4分布式VXLAN IP网关············································································································· 17 3 Comware实现的技术特色·····················································································································22 4.1 VXLAN二层互通组网························································································································· 244.2集中式VXLAN IP网关组网················································································································ 244.3分布式VXLAN IP网关组网················································································································ 254.4 VXLAN数据中心互联组网·················································································································· 264.5 VXLAN与SDN控制器配合组网········································································································ 27 5参考文献················································································································································28 1概述 1.1产生背景随着虚拟化技术的快速发展，数据中心的规模不断扩大，数据中心租户和虚拟机的数量呈爆发式增长，传统的二层网络面临着巨大的挑战：传统的二层网络隔离技术VLAN，因其标识相互隔离的虚拟二层网络的Tag域只有12比特，仅能划分出4096个相互隔离的虚拟二层网络，远远无法满足大二层网络中隔离大量租户的需求。为了实现网络业务和资源的灵活调配，虚拟机跨设备甚至跨数据中心的迁移越来越频繁。为了保证虚拟机迁移过程中业务不中断，虚拟机迁移前后的IP地址和MAC地址需要保持不变，而传统网络技术无法实现虚拟机迁移前后的IP、MAC不变。同时，随着数据中心多中心的部署，虚拟机的跨数据中心迁移、灾备，跨数据中心业务负载分担等需求，使得二层网络的扩展不仅是在数据中心的边界为止，还需要考虑跨越数据中心机房的区域，延伸到同城备份中心、远程灾备中心。一般情况下，多数据中心之间是通过路由连通的，天然是一个三层网络。而要实现通过三层网络连接的两个二层网络互通，就必须实现“L2 over L3”。 VXLAN（Virtual eXtensible LAN，可扩展虚拟局域网络）是基于IP网络、采用“MAC in UDP”封装形式的二层VPN技术。VXLAN可以基于已有的服务提供商或企业IP网络，为分散的物理站点提供二层互联，并能够为不同的租户提供业务隔离。VXLAN主要应用于数据中心网络和园区接入网络。 1.2技术优点 •支持大量的租户：使用24位的标识符，最多可支持2的24次方（16777216）个VXLAN，支持的租户数目大规模增加，解决了传统二层网络VLAN资源不足的问题。•虚拟机迁移IP、MAC不变：采用了MAC in UDP的封装方式，实现原始二层报文在IP网络中的透明传输，保证虚拟机迁移前后的IP和MAC不变。•易于维护：基于IP网络组建大二层网络，使得网络部署和维护更加容易，并且可以充分地利用现有的IP网络技术，例如利用等价路由进行负载分担等；只有IP核心网络的边缘设备需要进行VXLAN处理，网络中间设备只需根据IP头转发报文，降低了网络部署的难度和费用。 2 VXLAN技术实现 2.1网络模型如图1所示，VXLAN的典型网络模型中包括如下几部分： •用户终端（Terminal）：用户终端设备可以是PC机、无线终端设备、服务器上创建的VM（Virtual Machine，虚拟机）等。不同的用户终端可以属于不同的VXLAN。属于相同VXLAN的用户终端处于同一个逻辑二层网络，彼此之间二层互通；属于不同VXLAN的用户终端之间二层隔离。本文档中如无特殊说明，均以VM为例介绍VXLAN工作机制。采用其他类型用户终端时，VXLAN工作机制与VM相同，不再赘述。 •VTEP（VXLAN Tunnel End Point，VXLAN隧道端点）：VXLAN的边缘设备。VXLAN的相关处理都在VTEP上进行，例如识别以太网数据帧所属的VX

点击免费查看完整报告