The Virtualization Battle: A Comprehensive Comparison of NVGRE and VXLAN

Source: Network Technology Alliance

Hello, this is the Network Technology Alliance.

NVGRE and VXLAN are both technologies used for virtualizing data center networks, aimed at addressing issues in traditional network architectures such as isolation, scalability, and performance. Although they share similar goals, they differ in their implementation methods and several key aspects. This article will delve into NVGRE and VXLAN, exploring their similarities and differences, as well as their advantages and disadvantages in various scenarios.

The Virtualization Battle: A Comprehensive Comparison of NVGRE and VXLAN

Let’s get started!

Table of Contents:

NVGRE

How NVGRE Works
Features of NVGRE

VXLAN

How VXLAN Works
Features of VXLAN

Comparison of NVGRE and VXLAN
Conclusion

The rise of virtualization technology has transformed the operation of data centers, enabling multiple virtual machines to run on the same physical infrastructure. However, traditional data center network designs do not meet the demands of these new applications, necessitating a new approach to address these issues. NVGRE and VXLAN were created for this purpose.

NVGRE

NVGRE (Network Virtualization using Generic Routing Encapsulation) is a network virtualization method designed to overcome the limitations of traditional Virtual Local Area Networks (VLANs) in complex virtualization environments.

How NVGRE Works

The operation of NVGRE involves encapsulating packets, adding a Tenant Network Identifier (TNI) to the packets, transmitting them over existing IP networks, and then decapsulating and delivering them at the target host. This allows for greater flexibility and scalability of large-scale virtual networks on physical infrastructure. NVGRE is an effective technology for addressing the scalability issues of virtual networks.

Tenant Network Identifier (TNI):

NVGRE introduces a 24-bit Tenant Network Identifier (TNI) to identify different virtual networks or tenants. Each TNI corresponds to a separate virtual network, allowing multiple virtual networks to operate on the same physical infrastructure without interference.

Packet Encapsulation:

Source MAC Address: Represents the MAC address of the sending VM.
Destination MAC Address: Represents the MAC address of the receiving VM.
TNI: 24-bit Tenant Network Identifier.
Original Ethernet Frame: Includes source MAC address, destination MAC address, Ethernet protocol type (usually IPv4 or IPv6), etc.

When virtual machines (VMs) communicate, their packets are encapsulated into NVGRE packets.
The format of NVGRE packets includes:

Transport Network:

NVGRE packets are transmitted over existing IP networks, including physical networks or virtualized networks.
During transmission, the IP header information of NVGRE packets is used for routing and delivery, while the TNI is used to identify the target virtual network.

Decapsulation:

When NVGRE packets reach the host where the target virtual network’s VM resides, the host performs decapsulation.
It extracts the original Ethernet frame from the NVGRE packet and delivers it to the target VM for processing.

Learning and Maintaining MAC Address Table:

NVGRE hosts maintain a MAC address table to map the MAC addresses of virtual machines to TNI.
When a host receives an NVGRE packet, it looks up the MAC address table to determine which VM the packet should be delivered to.

Broadcast and Multicast Support:

NVGRE typically uses broadcast and multicast to support communication within virtual networks. This allows VMs to perform broadcast and multicast operations to meet the needs of certain network protocols (such as ARP and neighbor discovery).

Features of NVGRE

Network Virtualization Goals: One of the main goals of NVGRE is to provide a larger number of VLANs for multi-tenant and load-balanced networks. The traditional number of VLANs is limited, which can be a constraint in large data centers or distributed cloud environments. NVGRE aims to overcome this limitation, allowing more virtual networks to operate on the same physical infrastructure.
Encapsulation and Tunneling: NVGRE uses encapsulation techniques to achieve isolation of virtual networks. It encapsulates packets in communication between virtual machines and transmits them to the target VM using tunneling techniques. This allows communication between VMs to appear direct, without considering the underlying physical network.
Cross-Data Center Scalability: NVGRE is designed with the needs of cross-distributed data centers in mind. It can be used to extend virtual networks across different physical locations, supporting distributed data center architectures.

VXLAN

VXLAN (Virtual Extensible LAN) is a network virtualization technology designed to address the shortcomings of virtual networks in large cloud computing data centers. It allows network administrators to extend the address space of Virtual Local Area Networks (VLANs) to support more virtual networks and provides a unique identifier for each virtual network.

How VXLAN Works

The operation of VXLAN involves encapsulating packets, adding a Virtual Network Identifier (VNI) to the packets, transmitting them over existing IP networks, and then decapsulating and delivering them at the target host. This allows for greater flexibility and scalability of large-scale virtual networks on physical infrastructure.

Virtual Network Identifier (VNI):

VXLAN introduces a 24-bit Virtual Network Identifier (VNI) to distinguish different virtual networks. Each VNI corresponds to a separate virtual network, allowing multiple virtual networks to operate on the same physical infrastructure without interference.
The VNI is typically generated by a pseudo-random algorithm on the UDP port to ensure uniqueness.

Packet Encapsulation:

Source IP Address: Represents the IP address of the sending VM.
Destination IP Address: Represents the IP address of the receiving VM.
UDP Header: Contains source and destination port information used to identify VXLAN packets.
VNI: 24-bit Virtual Network Identifier.
Original Ethernet Frame: Includes source MAC address, destination MAC address, Ethernet protocol type (usually IPv4 or IPv6), etc.

When virtual machines (VMs) communicate, their packets are encapsulated into VXLAN packets.
The format of VXLAN packets includes:

Transport Network:

VXLAN packets are transmitted over existing IP networks, including physical networks or virtualized networks.
During transmission, the IP header information of VXLAN packets is used for routing and delivery, while the VNI is used to identify the target virtual network.

Decapsulation:

When VXLAN packets reach the host where the target virtual network’s VM resides, the host performs decapsulation.
It extracts the original Ethernet frame from the VXLAN packet and delivers it to the target VM for processing.

Learning and Maintaining MAC Address Table:

VXLAN hosts maintain a MAC address table to map the MAC addresses of virtual machines to VNI.
When a host receives a VXLAN packet, it looks up the MAC address table to determine which VM the packet should be delivered to.

Broadcast and Multicast Support:

VXLAN typically uses multicast to simulate broadcast and multicast behavior. This is crucial for supporting certain network protocols (such as ARP and neighbor discovery) so that VMs can communicate with each other within the same virtual network.

Features of VXLAN

Extended VLAN Address Space: One of the main goals of VXLAN is to extend the VLAN address space. Traditional VLAN identifiers are limited, typically supporting only 4096 VLANs. In large cloud computing environments, this number can quickly become insufficient. VXLAN expands this address space by introducing a 24-bit segment ID, increasing the number of available identifiers to 16 million.
Virtual Network Isolation: VXLAN allows multiple virtual networks to coexist on the same physical infrastructure while providing logical isolation. Each virtual network has a unique VXLAN segment ID to distinguish different logical networks and tenants. This way, different virtual networks can operate independently, as if they were on different physical networks.
Support for Multi-Tenant Environments: VXLAN is suitable for multi-tenant environments, allowing different tenants to create independent virtual networks on the same infrastructure without interference. This is particularly useful for cloud service providers and large data centers.
Layer 2 and Layer 3 Scalability: VXLAN can extend both Layer 2 (data link layer) and can be combined with Layer 3 (network layer) scalability. This means it can support more complex network topologies and routing configurations.
Industry Support: VXLAN has broad industry support, including companies like Cisco, VMware, and Arista Networks. This means that support for VXLAN can be found across various virtualization platforms and network devices.

Comparison of NVGRE and VXLAN

NVGRE and VXLAN are both technologies for network virtualization, but they differ in terms of supporters, transport protocols, packet formats, transmission methods, and fragmentation.

Supporters and Transport Protocols:

NVGRE is primarily supported by Microsoft and uses the GRE protocol as its transport protocol.
VXLAN is mainly driven by Cisco and uses the UDP protocol as its transport protocol.

Packet Format:

VXLAN packets contain a 24-bit VXLAN Network Identifier (VNI), allowing support for 16 million unique virtual networks. The VNI is typically generated by a pseudo-random algorithm on the UDP port.
NVGRE uses the lower 24 bits of the GRE header as the Tenant Network Identifier (TNI), also supporting 16 million virtual networks. However, due to its use of the GRE header, it is less suitable for traditional load balancing.

Transmission Method:

VXLAN utilizes multicast to simulate broadcast, unknown unicast, and multicast in Layer 2 networks, which is crucial for protocols like MAC address learning, ARP, and neighbor discovery.
NVGRE recommends that each host use multiple IP addresses to enhance load balancing capabilities without relying on flooding and IP multicast.

Fragmentation:

NVGRE supports fragmentation of packets to reduce the maximum transmission unit for internal virtual networks.
VXLAN typically requires the transport network to support large frames and does not support packet fragmentation.

Conclusion

VXLAN and NVGRE represent a revolutionary advancement in the field of network virtualization. They not only provide larger-scale virtual networks but also allow for packet transmission across different network layers, offering greater flexibility and scalability for cloud computing and large data centers.

By expanding the virtual network scale from 4096 to 16 million, VXLAN and NVGRE provide better support for multi-tenant and complex network environments. This enables organizations to better meet the growing network demands while ensuring network performance and manageability.

Network equipment manufacturers are increasingly adopting VXLAN and NVGRE to meet customer needs, address VLAN limitations, and provide more options for large cloud computing deployments and virtualization environments. Network devices such as switches and routers that support VXLAN and NVGRE have become an indispensable part of building agile virtual machine networking environments.

In the ever-evolving field of network virtualization, VXLAN and NVGRE represent the direction of continuous technological advancement. As cloud computing and virtualization continue to evolve, these technologies will play a key role in supporting future network architectures and driving further innovations. Therefore, network administrators and enterprises should closely monitor these developments to ensure their network architectures keep pace with the times and meet the growing demands.

Previous Recommendations

Plug and Play: How Ethernet Switch Combo Ports Change the Game for Network Connectivity?

Hardware Servers: Is it Better to Install Linux or Windows Operating Systems?

Unlocking Network Speed: The Power of Cat6 Cables

Three Key Strategies to Improve Network Availability, Performance, and Scalability: MLAG, Stacking, LACP

Loopback Cables: A Valuable Assistant in Network Testing