【杂记-浅谈Overlay、VXLAN、EVPN技术】

最新推荐文章于 2025-04-03 17:24:33 发布
最新推荐文章于 2025-04-03 17:24:33 发布
阅读量1.2k 收藏 19
点赞数 11
分类专栏: 网络工程进阶知识 文章标签: Overlay VXLAN EVPN
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.youkuaiyun.com/weixin_46398572/article/details/140179705
版权

Overlay、VXLAN、EVPN技术

一、Overlay技术概述

Overlay技术是一种网络虚拟化技术,它允许在现有的物理网络基础上构建一个或多个逻辑网络。这种技术主要用于云计算和数据中心,以支持多租户环境和虚拟机迁移,同时提供网络资源的灵活性和可扩展性。Overlay网络具有独立的控制和转发平面,对于连接到Overlay网络的终端设备而言,物理网络是透明的。
Overlay网络的应用场景
1、多租户环境:在公有云或私有云环境中,Overlay技术通过提供大量的独立网络,支持不同租户间的隔离和通信。
2、虚拟机迁移:Overlay网络支持虚拟机在不同物理服务器间迁移,而无需更改其IP地址或其他网络配置,保证了业务连续性。
3、数据中心网络优化:通过Overlay技术,数据中心可以构建更为灵活和高效的网络拓扑,满足现代数据中心对网络性能和弹性的要求。

二、Overlay技术的实现原理

Overlay网络的核心在于数据包的封装和解封装。常见的封装技术包括VXLAN、NVGRE和STT等。这些技术通过在原有数据包的基础上添加额外的封装信息,实现了在物理网络上的逻辑网络构建。例如,VXLAN使用UDP协议进行封装,而NVGRE和STT则分别使用GRE和TCP协议。

三、VXLAN技术概述及技术细节

VXLAN,Virtual eXtensible Local Area Network,即虚拟可扩展局域网,是一种网络虚拟化技术,主要用于解决传统 VLAN 在数据中心等大规模网络环境下的限制。VXLAN 通过在原始以太网帧外封装 VXLAN 头,使用 UDP 协议在 IP 网络中传输,从而实现在更大范围内的虚拟机迁移和多租户网络隔离。
VXLAN 使用场景
VXLAN 广泛应用于数据中心、云计算平台、多租户环境等,支持虚拟机的大范围迁移和网络扩展,同时也适用于需要跨子网通信的场景。VXLAN 通过 VNI(VXLAN Network Identifier)支持多达 16M 的虚拟网络标识,能够满足大规模云计算环境下的租户隔离需求。
VXLAN 技术细节
VXLAN 封装与解封装过程
VXLAN 的工作原理涉及封装和解封装过程。当虚拟机产生数据时,数据帧会被封装成 UDP 数据包,并在外层加上 VXLAN 头和 IP 头,通过物理网络传输。接收端的 VTEP(VXLAN Tunnel Endpoint)设备接收到封装后的数据包后,会移除外层头,恢复原始以太网帧,并将数据转发至目的虚拟机。
VXLAN 网络组件
VXLAN 网络中主要包括 VTEP、VXLAN 网关和 VXLAN IP 网关等组件。VTEP 负责 VXLAN 数据的封装和解封装,可以是物理交换机、路由器或运行在服务器上的虚拟交换机。VXLAN 网关负责 VLAN 与 VXLAN 间的转换,而 VXLAN IP 网关则在 VXLAN 网络间进行通信。
VXLAN 配置与部署
VXLAN 的配置和部署相对灵活,可以根据实际需求选择合适的部署方式。在 Linux 系统中,可以通过 ip 命令行工具创建 VXLAN 接口,并配置 VNI、目的端口和远程 IP 地址等参数。此外,VXLAN 还可以与 SDN 等现代网络管理技术相结合,实现更加灵活和自动化的网络配置。
VXLAN 安全性
尽管 VXLAN 自身不提供数据加密,但它可以通过配合 IPsec 或 TLS 等协议来实现数据传输过程中的加密。同时,通过在 VXLAN 网络中配置访问控制策略,可以实现不同租户和主机之间的访问控制,保障网络的安全性。
总结
1、外层目的IP地址是VXLAN隧道远端VTEP的IP地址。
2、目的UDP端口号是4789。
3、VNI有24比特,用于区分VLAN。

四、EVPN技术概述及技术细节

Ethernet Virtual Private Network,EVPN,即以太网虚拟专用网络,旨在提供一种统一不同VPN业务控制面的方法,通过扩展BGP协议传递二层或三层可达性信息实现转发面和控制面的分离。EVPN的主要功能包括但不限于实现MAC地址和IP地址的学习、支持多归属、以及在数据中心互连等多个应用场景下的高效通信。
EVPN的应用场景
1、数据中心互连:EVPN常用于连接不同的数据中心,实现服务器、存储系统等资源之间的高效通信。
2、广域网(WAN)和分支机构连接:适用于连接分布在不同地理位置的多个分支机构,确保它们之间的通信可靠、安全。
3、云服务提供商网络:云服务提供商利用EVPN构建强大的网络,以满足客户多样化的需求。
4、运营商以太网服务:电信服务提供商使用EVPN提供高性能和可靠的连接服务。
EVPN的技术细节
EVPN的核心在于其能够利用BGP协议承载MAC地址信息,这一点区别于传统的二层VPN技术。具体来说,EVPN定义了多种BGP EVPN路由类型,如以太自动发现路由(Ethernet Auto-Discovery Route)、MAC/IP地址通告路由(MAC/IP Advertisement Route)、集成多播以太标记路由(Inclusive Multicast Ethernet Tag Route)等。此外,EVPN还支持在控制平面进行MAC/IP地址的学习和通告,从而减少了数据平面的泛洪流量,提高了网络效率。
BGP EVPN的作用
BGP EVPN通过在控制平面提供自动化的隧道建立和管理,解决了手动配置带来的挑战。它使用BGP协议来通告VXLAN相关的路由信息,主要包括以下几种类型的路由:
1、Type 2路由:用于通告MAC地址和IP路由信息
2、Type 3路由:用于通告二层VNI(Virtual Network Identifier)和VTEP IP地址信息,实现VTEP的自动发现和VXLAN隧道的动态建立
3、Type 5路由:用于通告IP前缀路由信息,特别是用于外部网络的路由通告

Overlay 网络 — VxLAN 与 MP-BGP EVPN
烟云的计算
07-09 2708
目录 文章目录目录EVPN 诞生的背景BGP EVPN EVPN 诞生的背景 VxLAN 是用来实现大型云计算/数据中心的网络二层互通(大二层)技术,其本身没有控制平面。所以,单存的 VxLAN 组网是手工配置 VxLAN Tunnel,然后结合 Flood and Learn(洪泛和自适应)来完成转发数据之前的表项学习的。这种方式实现上虽然简单,但是会导致网络中存在很多泛洪流量、网络扩展起来很困难。 因此,VxLAN 数据转发前表项学习的泛洪流量成为了一个重要难题。为了解决上述问题,RFC7432 制定了
什么是EVPN-VXLAN?对于数据中心来说,EVPN-VXLAN如何使用?
网络技术联盟站
10-17 341
VXLAN,全称为虚拟扩展局域网(Virtual Extensible Local Area Network),是一种第2层(Layer 2)网络的叠加技术,通过在第3层(Layer 3)网络上运行,扩展了传统局域网(LAN)的限制。VXLAN通过在标准的第3层网络中封装第2层数据包,使其能够跨越多个网络设备进行传输。这种封装机制允许网络管理员扩展虚拟网络的规模,将成千上万的虚拟网络(VLAN)部署在基础设施上。
Overlay网络技术原理介绍.pdf
05-29
本文介绍OVerlay网络技术原理,从虚拟网络的发展,虚拟网络面临的挑战,overlay如果解决虚拟网络存在的问题,overlay网络的类型,Overlay的主流技术VXLAN技术基础,报文结构等介绍。
EVPN技术介绍
最新发布
weixin_44902358的博客
04-03 203
EVPN(Ethernet Virtual Private Network,以太网虚拟专用网络)是一种满足全业务需求的NVO (Network Virtualization Overlay) 解决方案,具有部署简单、扩展性强等优点。在控制平面,EVPN采用MP-BGP协议通告二层或三层可达性信息,通过生成的MAC地址表项和路由表项进行二/三层报文转发,以实现为用户提供L2VPN和L3VPN服务。在数据平面,EVPN支持VXLAN、SRv6或MPLS等多种报文转发方式,增加了网络部署的灵活性。
Overlay网络和VXLAN
荒野求生的博客
03-29 4196
1 基于多租户的云计算Overlay网络 http://www.h3c.com.cn/About_H3C/Company_Publication/IP_Lh/2013/04/Home/Catalog/201309/796466_30008_0.htm 文/刘新民 云计算已经成为当前企业IT建设的常规形态,而在云计算中大量采用和部署的虚拟化几乎成为一个基本的技术模式。 服务器虚拟化技术的广泛...
Overlay技术VXLAN详解(一)
q6968297的博客
05-28 2396
一、什么是VXLAN 定义 VXLAN(Virtual eXtensible Local Area Network)是NVO3(Network Virtualization over Layer 3)中的一种网络虚拟化技术,通过将虚拟机发出的数据包封装在UDP(User Datagram Protocol)中,并使用物理网络(underlay)的IP、MAC作为outer-header进行封装,然后在IP网络上传输,到达目的地后由隧道终结点解封装并将数据发送给目标虚拟机。 图1 VXLAN报文格式 表1
overlay技术
荒野求生的博客
03-21 5015
overlay技术 原创网络安全研发随想 最后发布于2018-03-24 18:01:23 阅读数 6099 收藏 展开 overlay技术需求 虚拟机迁移范围受到网络架构限制 由于虚拟机迁移的网络属性要求,其从一个物理机上迁移到另一个物理机上,要求虚拟机不间断业务,则需要其IP地址、MAC地址等参数维保持不变,如此则要求业务网络是一个二层网络,且要求网络本身具备多路径多链路的冗余和可靠性。 虚...
Overlay 网络
热门推荐
cisco_eigrp的博客
03-08 2万+
1. Overlay 网络 Overlay 技术概述 Overlay 在网络技术领域,指的是一种网络架构上叠加的虚拟化技术模式,其大体框架是对基础网络不进行大规模修改的条件下,实现应用在网络上的承载,并能与其它网络业务分离,并且以基于IP的基础网络技术为主。Overlay 技术是在现有的物理网络之上构建一个虚拟网络,上层应用只与虚拟网络相关。一个Overlay网络主要由三部分组成:
实验 - BGP EVPN配置VXLAN分布式网关
afanx的博客
07-04 2468
采用如下思路配置VXLAN分布式网关: 1. 配置接口和IGP 4. 分别在Device2、 Device3和Device4上配置业务接入点实现区分业务流量。 5. 使能EVPNVXLAN控制平面。 6. 在Device2、 Device3和Device4上建立与Device1之间的EVPN IBGP对等体关系。 7. 在Device1上建立与Device2、 Device3和Device4之间的BGP EVPN对等体关系,并配置反射器功能。 8. 在Device2、 Devi...
华为evpn vxlan分布式网关配置
IT技术
03-15 2917
+v技术群958038508
Cisco-N9N-Vxlan配置手册(英文).pdf
08-03
5. VXLANOverlay 网络: VXLAN 是一种 Overlay 网络技术,可以在现有的网络基础设施上提供 Overlay 网络服务,提供更好的网络可扩展性和灵活性。 6. Cisco Nexus 9000 系列交换机: 本手册专门介绍了 Cisco ...
Overlay技术介绍.pdf
05-12
1.网络虚拟化技术介绍 2.Overlay基本概览和分类 3.VXLAN基础基础
H3C SDN Overlay技术白皮书
11-10
1 概述 ····················································································································································· 1 1.1 产生背景··············································································································································1 1.2 技术优点··············································································································································1 2 Overlay技术介绍··································································································································· 3 2.1 Overlay的概念介绍·······························································································································3 2.2 Overlay的解决方法·······························································································································3 3 Overlay技术实现··································································································································· 5 3.1 Overlay网络基础架构 ···························································································································5 3.2 Overlay网络部署需求 ···························································································································7 3.2.1 VXLAN网络和传统网络互通的需求 ···························································································7 3.2.2 VXLAN网络安全需求 ·················································································································7 3.2.3 Overlay网络虚拟机位置无关性··································································································8 3.2.4 Overlay与SDN的结合 ················································································································8 4 H3C SDN Overlay模型设计··················································································································9 4.1 H3C SDN Overlay模型设计 ·················································································································9 4.2 SDN控制器模型介绍 ··························································································································11 4.3 H3C SDN Overlay组件介绍 ···············································································································12 4.4 SDN Overlay网络与云对接 ················································································································13 4.4.1 SDN Overlay与OpenStack对接·······························································································14 4.4.2 SDN Overlay与基于OpenStack的增强云平台对接··································································15 4.4.3 SDN Overlay与非OpenStack云平台对接 ················································································16 4.5 服务链在Overlay网络安全中的应用···································································································16 4.5.1 什么是服务链 ··························································································································16 4.5.2 Overlay网络服务链节点描述····································································································17 4.5.3 服务链在Overlay网络安全中的应用························································································17 5 SDN Overlay组网方案设计················································································································· 19 5.1 SDN Overlay组网模型························································································································19 5.1.1 网络Overlay ····························································································································20 5.1.2 主机Overlay ····························································································································20 5.1.3 混合Overlay ····························································································································20 5.2 H3C SDN Overlay典型组网 ···············································································································20 5.2.1 网络Overlay ····························································································································20 ii 5.2.2 主机Overlay ····························································································································23 5.2.3 混合Overlay ····························································································································26 5.2.4 Overlay组网总结······················································································································26 6 SDN Overlay转发流程描述················································································································· 28 6.1 SDN Overlay流表建立和发布·············································································································28 6.1.1 流表建立流程对ARP的处理 ····································································································28 6.1.2 Overlay网络到非Overlay网络··································································································28 6.1.3 非Overlay网络到Overlay网络 ·································································································29 6.2 Overlay网络转发流程 ·························································································································29 6.2.1 Overlay网络到非Overlay网络··································································································30 6.2.2 非Overlay网络到Overlay网络 ·································································································31 6.3 Overlay网络虚机迁移 ·························································································································32 6.4 SDN Overlay升级部署方案 ················································································································33 6.4.1 SDN Overlay独立分区部署方案·······························································································33 6.4.2 IP GW旁挂部署方案 ················································································································34 6.4.3 核心升级, SDN Overlay独立分区 ··························································································35 6.4.4 Overlay网关弹性扩展升级部署································································································35 6.4.5 多数据中心同一控制器集群部署 ·····························································································36 7 SDN Overlay方案优势总结················································································································· 37
云计算学习——Overlay网络技术概述
Ye_mulin的博客
08-15 1万+
文章目录1. Overlay 网络1.1 Overlay 技术概述2 Overlay网络与物理网络的关系3.基于多租户的云计算Overlay网络 1. Overlay 网络 1.1 Overlay 技术概述 Overlay 在网络技术领域,指的是一种网络架构上叠加的虚拟化技术模式,其大体框架是对基础网络不进行大规模修改的条件下,实现应用在网络上的承载,并能与其它网络业务分离,并且以基于IP的基础网络技术为主。Overlay 技术是在现有的物理网络之上构建一个虚拟网络,上层应用只与虚拟网络相关。一个Ove.
OverlayVXLAN架构
cisco_eigrp的博客
02-29 3514
一 一、 传统网络面临的问题 、 传统网络面临的问题 随着企业业务的快速扩展需求,IT做为基础设施,快速部署和减少投入成为主要需求,云计算可以提供可用的、便捷的、按需的资源提供,成为当前企业IT建设的常规形态,而在云计算中大量采用和部署的虚拟化几乎成为一个基本的技术模式。部署虚拟机需要在网络中无限制地迁移到目的物理位置,虚机增长的快速性以及虚机迁移成为一个常态性业务。传统的网络已经不能很好满
overlay技术--理解VXLAN(L2 over UDP)、NVGRE(L2 over GRE)、STT(L2 over TCP)
网络安全研究
03-24 2万+
VPC 简介 VPC即virtual private cloud。随着云计算的不断发展,对虚拟化网络的安全要求越来越高。 比较早的解决方案,是将虚拟机的网络和物理网络融合在一起,形成一个扁平的网络架构,例如大二层网络。这种类似的方案,随着虚拟化网络规模的增大,ARP欺骗、广播风暴、主机扫描等问题会越来越严重。为了解决这些问题,出现了各种网络隔离技术,把物理网络和虚拟网络彻底隔开。其中一种...
overlay 网络
miaomiaodmiaomiao的专栏
04-11 696
在以往IT建设中,硬件服务器上运行的是虚拟层的计算,物理网络为了与虚拟服务器对接,需要网络自己进行调整,以便和新的计算层对接(如图1所示)。Overlay是在传统网络上虚拟出一个虚拟网络来,传统网络不需要在做任何适配,这样物理层网络只对应物理层的计算(物理机、虚拟化层管理网),虚拟的网络只对应虚拟计算(虚拟机的业务IP),如图2所示。   图1 物理网络引入数据中心技术来适配虚拟计算
VxLAN】二、VxLAN-EVPN分布式网关-ensp实验
m0_74825488的博客
01-21 1474
VXLAN(Virtual Extensible LAN)是一种基于IP的网络虚拟化技术,旨在解决数据中心网络中虚拟机跨主机通信的问题。随着云计算和虚拟化的广泛应用,数据中心网络规模越来越大,需要跨多个物理机实现虚拟机之间的通信。VXLAN分布式网关是VXLAN技术的一种扩展,用于解决跨不同子网的虚拟机之间的通信问题。跨子网通信效率高:VXLAN分布式网关将跨子网通信的负载分散到多台物理机上,减少了单台物理机的负担,提高了跨子网通信的效率。
ensp做vxlan evpn多活网关
12-05
VXLAN(Virtual Extensible LAN)是一种网络虚拟化技术,用于在现有的物理网络上构建虚拟的二层网络。EVPN(Ethernet VPN)是一种基于BGP(Border Gateway Protocol)的控制平面协议,用于在VXLAN网络中传递MAC地址...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值