Large data centers and cloud service providers are benefiting from the use of Layer 2 over Layer 3 overlay networks to support large scale network virtualization. You can configure Virtual eXtended LAN (VXLAN) on a BIG-IP system to enable a physical VLAN to communicate with virtual machines (VMs) in a virtual network. The BIG-IP system becomes a gateway to bridge the data center virtual network with the physical external network. Connecting these two networks allows for expansion, and provides a mechanism to streamline the transition of data centers into a virtualized model, while maintaining connectivity.
When you configure a BIG-IP system as a VXLAN gateway, the system represents the VXLAN as a tunnel, which provides a Layer 2 interface on the virtual network. You can use the tunnel interface in both Layer 2 and Layer 3 configurations. After you configure the VXLAN tunnel, the BIG-IP system joins the configured multicast group, and can forward both unicast and multicast or broadcast frames on the virtual network. The BIG-IP system learns about MAC address and VTEP associations dynamically, thus avoiding unnecessary transmission of multicast traffic.
Virtual eXtended LAN (VXLAN) is a network virtualization scheme that overlays Layer 2 over Layer 3. VXLAN uses Layer 3 multicast to support the transmission of multicast and broadcast traffic in the virtual network, while decoupling the virtual network from the physical infrastructure. VXLAN uses a UDP-based encapsulation to tunnel Ethernet frames. In a VMware environment, VXLAN can extend the virtual network across a set of VMware ESXi servers, providing Layer 2 connectivity among the hosted virtual machines (VMs). Each VMware ESXI server represents a VXLAN Tunnel Endpoint. In this environment, a VXLAN gateway device can be used to terminate the VXLAN tunnel and forward traffic to and from a physical network.
These definitions assist in understanding VXLAN.
As you configure VXLAN on a BIG-IP system, keep these considerations in mind.
Before you configure VXLAN, ensure that these conditions are met:
tmsh modify sys db tm.acceptipoptions value enable
tmsh modify sys db tm.allowmulticastl2destinationtraffic value enable