VLAN vs VXLAN
0 likes430 views
The document details a webinar hosted by GLC Networks on VLAN and VXLAN technologies, highlighting concepts like network architecture, VLAN functionality, overlay networks, and the benefits of VXLAN over traditional VLAN. It includes introductory information about GLC Networks, the trainer's background, and the webinar agenda featuring live practice and Q&A sessions. The session aims to educate attendees on efficient networking practices and technologies for modern data environments.
VLAN vs VXLAN
- 1. www.glcnetworks.com VLAN vs VxLAN GLC webinar, 17 Dec 2020 Achmad Mardiansyah achmad@glcnetworks.com GLC Networks, Indonesia 1 VLAN VxLAN
- 2. www.glcnetworks.com Agenda ● Introduction ● VLAN ● Overlay network ● VxLAN ● Live practice ● Q & A 2
- 4. www.glcnetworks.com What is GLC? ● Garda Lintas Cakrawala (www.glcnetworks.com) ● Based in Bandung, Indonesia ● Areas: Training, IT Consulting ● Certified partner for: Mikrotik, Ubiquity, Linux foundation ● Product: GLC radius manager ● Regular event 4
- 5. www.glcnetworks.com Trainer Introduction ● Name: Achmad Mardiansyah ● Base: bandung, Indonesia ● Linux user since 1999, mikrotik user since 2007, UBNT 2011 ● Mikrotik Certified Trainer (MTCNA/RE/WE/UME/INE/TCE/IPv6) ● Mikrotik/Linux Certified Consultant ● Website contributor: achmadjournal.com, mikrotik.tips, asysadmin.tips ● More info: http://au.linkedin.com/in/achmadmardiansyah 5
- 6. www.glcnetworks.com Past experiences 6 ● 2020 (Congo DRC, Malaysia): IOT integration, network automation ● 2019, Congo (DRC): build a wireless ISP from ground-up ● 2018, Malaysia: network revamp, develop billing solution and integration, setup dynamic routing ● 2017, Libya (north africa): remote wireless migration for a new Wireless ISP ● 2016, United Kingdom: workshop for wireless ISP, migrating a bridged to routed network ● 2015, West Kalimantan: supporting wireless infrastructure project
- 7. www.glcnetworks.com About GLC webinar? ● First webinar: january 1, 2010 (title: tahun baru bersama solaris - new year with solaris OS) ● As a sharing event with various topics: linux, networking, wireless, database, programming, etc ● Regular schedule ● Irregular schedule: as needed ● Checking schedule: http://www.glcnetworks.com/schedule ● You are invited to be a presenter ○ No need to be an expert ○ This is a forum for sharing: knowledge, experiences, information 7
- 8. www.glcnetworks.com Please introduce yourself ● Your name ● Your company/university? ● Your networking experience? ● Your mikrotik experience? ● Your expectation from this course? 8
- 10. www.glcnetworks.com Typical network, with internet connection ● We add a router to connect to other network (internet is a collection of networks) ● 10 SITE A SITE B ISP
- 11. www.glcnetworks.com Typical network, with internet and segmentation ● A router is used to divide network based on layer 3 (network) -> different ip address segment ● One switch -> one segment 11 SITE A SITE B ISP
- 12. www.glcnetworks.com Multiple segments in one site ● One switch -> one segment ● You need more switches 12 SITE A SITE B ISP
- 13. www.glcnetworks.com More segments in one site ● One switch -> one segment ● You need more switches, more money 13 SITE A SITE B ISP 192.168.1.0/24 192.168.2.0/24 192.168.3.0/24
- 14. www.glcnetworks.com What VLAN can do ● One switch multiple segment, divide the switch based on ports ● less equipment, save money, save space ● Requires more knowledge 14 SITE A SITE B ISP
- 15. www.glcnetworks.com Without and with VLAN trunk link VLAN 10 VLAN 20 VLAN 10 VLAN 20 SITE A SITE B
- 16. www.glcnetworks.com VLAN terms ● VLAN: a feature on layer 2 device (switch) to do virtual segmentation on physical switch ● The segmentation can be extended to other switch using “trunk” link. Borrowed from telco terms “trunk” (a link to connects 2 telco exchanges) ● Port types: ○ Access port -> to connect to end-devices ○ Trunk port -> to connect to other VLAN switch access port trunk port trunk port VLAN 10 VLAN 20 VLAN 10 VLAN 20 SITE A SITE B trunk line
- 17. www.glcnetworks.com What happened on trunk ports ● The layer-2-header of outgoing frame will be modified by adding VLAN tag on the header ● This tag will be recognised at the other end access port trunk port trunk port SITE A SITE B VLAN 10 VLAN 20 VLAN 10 VLAN 20
- 18. www.glcnetworks.com Inter-VLAN communication ● 1 VLAN = 1 network segment = 1 network ID = 1 broadcast domain ● Meaning: we need a router to route packets between VLAN ● IP address on router’s interfaces will become the gateway of each VLAN access port trunk port trunk port SITE A SITE B VLAN 10 VLAN 20 VLAN 10 VLAN 20 access port access port
- 19. www.glcnetworks.com What If the router supports VLAN tag (trunk)? ● VLAN routing can be done using only 1 port (1 cable) ● We need to assign IP address on VLAN interface at the router access port trunk port trunk port SITE A SITE B trunk port: VLAN 10, 20 VLAN 10 VLAN 20 VLAN 10 VLAN 20
- 20. www.glcnetworks.com What if the switch is a layer-3 switch? ● Meaning: routing function will be done internally on switch. ● Meaning: the switch is a router. ● Layer-3 switch is much more expensive (especially at vendor XXX) access port trunk port trunk port SITE A SITE B VLAN 10 VLAN 20 VLAN 10 VLAN 20
- 21. www.glcnetworks.com A (very funny) story (1)... ● A client using layer-3-switches to build their internal network, and use Mikrotik router to do inter-VLAN routing. whoops…!! ● Question: why do you buy a layer-3 switches then? ● Congratulations to sales team… ;-) well done..!! access port trunk port trunk port SITE A SITE B VLAN 10 VLAN 20 VLAN 10 VLAN 20
- 24. www.glcnetworks.com Overlay network a network that is built on top of current network. Aka overlay network. Meaning: ● You must have an established existing network ● And you built a network on top of it Notes: ● Overlay network will create virtual interfaces and IP address ● Can use point-to-point addressing (/32) ● Require more processing 24
- 25. www.glcnetworks.com What is tunnel? ● an overlay network ● network above network ● Usually point-to-point 25
- 27. www.glcnetworks.com Overlay network 27 HOME 192.168.1.0/24 3 . 3 . 3 . 0 / 2 4 2.2.2.0/24 OFFICE 172.18.1.0/24 1.1.1.0/24 cafe 192.168.1.0/24 VPN network 192.168.9.0/24 @VPN network: server: 192.168.9.1 router: 192.168.9.11 laptop: 192.168.9.12
- 28. www.glcnetworks.com RoMON : Router Management Overlay Network ● A feature to access mikrotik devices in multiple segment 28 Source: i.ytimg.com
- 30. www.glcnetworks.com What happen with VLAN ● They are good. To some extent... ● In some cases its not sufficient: ○ Limited vlanID ○ The use of STP protocol → only one link is active ○ Handling many ARP table ● Some cases: ○ Datacenter ○ ISP 30
- 31. www.glcnetworks.com Introducing VxLAN ● Virtual eXtensible Local Area Network (VXLAN) ● RFC7348 ● Using UDP protocol ● Terminology: ○ VNI: VXLAN Network Identifier (or VXLAN Segment ID) ○ VTEP: VXLAN Tunnel End Point. An entity that originates and/or terminates VXLAN tunnels ○ VXLAN Segment: VXLAN Layer 2 overlay network over which VMs communicate ○ VXLAN Gateway: an entity that forwards traffic between VXLANs 31
- 32. www.glcnetworks.com VxLAN benefit ● Not bounded on layer 2 devices ● More scalable (more IDs). vlan id only 4096 ● No limited by STP ● Suitable for multi tenant environment (cloud provider) ● Eliminate problem: Inadequate Table Sizes at ToR Switch 32
- 35. www.glcnetworks.com VxLAn on Mikrotik ● Will be released on version 7 ● Currently on beta version ● New interface for vxlan ○ /interface vxlan print 35
- 37. www.glcnetworks.com preparation ● SSH client ● SSH parameters ○ SSH address ○ SSH port ○ SSH username ○ SSH password 37
- 38. www.glcnetworks.com R1 AS11 R2 AS11 E2 E2 E3 E3 E6 R3 AS13 R4 AS13 E2 E2 E3 E3 E6 R5 AS15 R6 AS15 E2 E2 E3 E3 E6 R7 AS17 R8 AS17 E2 E2 E3 E3 E6 R9 AS19 R10 AS19 E2 E2 E3 E3 E6 SW86 192.168.86.X/24 R86 AS86 R85 AS85 R98 R88 AS88 R87 AS87 E6 E6 E3 E3 E5 E2 E5 E3 E3 E2 TOPOLOGY 1 LAB: Mikrotik E6 E6 E2 E6 E6 E6 PC101 E2 PC102 E2 PC103 E2 PC104 E2 PC105 E2 PC106 E2 PC107 E2 PC108 E2 PC109 E2 PC110
- 40. www.glcnetworks.com Interested? Just come to our training... ● Topics are arranged in systematic and logical way ● You will learn from experienced teacher ● Not only learn the materials, but also sharing experiences, best-practices, and networking 40
- 41. www.glcnetworks.com End of slides ● Thank you for your attention ● Please submit your feedback: http://bit.ly/glcfeedback ● Like our facebook page: https://www.facebook.com/glcnetworks ● Slide: http://www.slideshare.net/r41nbuw ● Recording (youtube): https://goo.gl/28ABHU ● Stay tune with our schedule ● Any questions? 41