VXLAN Gateway Deployment

To implement Layer 3 interworking, a Layer 3 gateway must be deployed on a VXLAN. VXLAN gateways can be deployed in centralized or distributed mode.

Centralized VXLAN Gateway Mode

In this mode, Layer 3 gateways are configured on one device. On the network shown in Figure 1, traffic across network segments is forwarded through Layer 3 gateways to implement centralized traffic management.

Figure 1 Centralized VXLAN gateway networking
Centralized VXLAN gateway deployment has its advantages and disadvantages.
  • Advantage: Inter-segment traffic can be centrally managed, and gateway deployment and management is easy.
  • Disadvantages:
    • Forwarding paths are not optimal. Inter-segment Layer 3 traffic of data centers connected to the same Layer 2 gateway must be transmitted to the centralized Layer 3 gateway for forwarding.
    • The ARP entry specification is a bottleneck. ARP entries must be generated for tenants on the Layer 3 gateway. However, only a limited number of ARP entries are allowed by the Layer 3 gateway, impeding data center network expansion.

Distributed VXLAN Gateway Mode

Deploying distributed VXLAN gateways addresses problems that occur in centralized VXLAN gateway networking. Distributed VXLAN gateways use the spine-leaf network. In this networking, leaf nodes, which can function as Layer 3 VXLAN gateways, are used as VTEPs to establish VXLAN tunnels. Spine nodes are unaware of the VXLAN tunnels and only forward VXLAN packets between different leaf nodes. On the network shown in Figure 2, Server 1 and Server 2 on different network segments both connect to Leaf 1. When Server 1 and Server 2 communicate, traffic is forwarded only through Leaf 1, not through any spine node.

Figure 2 Distributed VXLAN gateway networking

A spine node supports high-speed IP forwarding capabilities.

A leaf node can:
  • Function as a Layer 2 VXLAN gateway to connect to physical servers or VMs and allow tenants to access VXLANs.
  • Function as a Layer 3 VXLAN gateway to perform VXLAN encapsulation and decapsulation to allow inter-segment VXLAN communication and access to external networks.
Distributed VXLAN gateway networking has the following characteristics:
  • Flexible deployment. A leaf node can function as both Layer 2 and Layer 3 VXLAN gateways.
  • Improved network expansion capabilities. A leaf node only needs to learn the ARP or ND entries of servers attached to it. A centralized Layer 3 gateway in the same scenario, however, has to learn the ARP or ND entries of all servers on the network. Therefore, the ARP or ND entry specification is no longer a bottleneck on a distributed VXLAN gateway.
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic