Network Virtualization Technology
Technology of virtualization has grown very rapidly and its penetration is evident everywhere starting from servers, storage devices, memory, CPU, and network also. Virtualization is the context of networking is capability to manage and prioritize traffic in portions of a network which might be shared among different external networks. Many virtualization technologies have been developed over the years such as VLANs, VPNs and so on.
Today we look more in detail about two most popular network virtualization technologies developed by Microsoft and Cisco namely NVGRE (Network Virtualization using Generic Routing Encapsulation) and VXLAN (Virtual Extensive Local Area Network), their key differences, features and use cases.
What is NVGRE?
NVGRE is a network virtualization method which uses encapsulation and tunnelling to provide subnets of large numbers of VLANs. VLANs can extend beyond spread out networks including layer 2 and layer 3.
They allow multi-tenant and load balanced networks for sharing on premises and cloud deployments. It lifts the limitation on the number of VLANs to be used which could be a hindrance in complex virtualized environments and stretch network segments over long distances which is required for geographically dispersed networks. It is proposed by Microsoft, DELL, Intel, and HP.
Outer head shows MAC and IP address required to send a unicast packet to the destination switch acting as a virtual tunnel end point.
What is VXLAN?
VXLAN is a virtualization technology which attempts to address scalability issues associated with large cloud deployments. It uses VLAN-like encapsulation to encapsulate layer 2 Ethernet frames within layer 4 UDP packets using 4789 as the default IANA-assigned destination UDP port number.
VXLAN endpoints where VXLAN tunnels terminate are VXLAN tunnel endpoints. Cisco and VMware promote VXLAN which is designed for software and hardware networking devices. VXLAN gives a high level of security by segmentation of network which is ideally suited in multi-tenancy architectures.
Comparison: NVGRE vs VXLAN
The key points of differences between the two are:
- Packet format: NVGRE Uses lower 24-bit of the GRE header as the TNI (tenant network identifier) and can support 16 million virtual segments. Whereas, VXLAN Uses a 24-bit ID segment which is 16 million virtual segments.
- Load balancing: NVGRE is not compatible with traditional load balancing. It needs a flow to describe bandwidth utilization at granular level and requires multiple IP addresses to ensure balanced traffic load. On the other hand, VXLAN is compatible with traditional load balancing and guarantees load balancing and reserves the data packet order between virtual machines.
- Transmission: VXLAN uses multi-cast in the transport network to simulate flooding behaviour for broadcast, unknown unicast, and multicast in layer 2 segments. Whereas, NNGRE uses a more flexible way instead of relying on flooding and IP multicast.
- Sharding feature: NVGRE supports sharding of maximum transmission unit for reduction in packet scale in internal virtual networks. While, VXLAN requires a transmission network which supports large frames to bear expansion of scale of packet
- Protocols: VXLAN uses standard tunnelling protocol UDP to generate a 24-bit ID segment. While, NVGRE uses GRE encapsulation to tunnel layer 2 packets over layer 3 networks.
- Encapsulation: NVGRE uses Generic Routing Encapsulation with 42 bytes. On the other hand, VxLAN uses User Datagram Protocol with 50 bytes for encapsulation.
- Load Distribution of Port Channel: VxLAN shows UDP 5- tuple hashing (source IP, source port, destination IP, destination port, and protocol type). NVGRE do not show hash on GRE header on most of the current switches.
- Firewall: It is difficult for firewalls to act on the GRE protocol type field in NVGRE. However, a firewall can act on the VXLAN UDP port.
Below table summarizes the points of comparison between the two i.e. NVGRE vs VxLAN:
Download the comparison table: NVGRE vs VxLAN