As enterprises are moving to cloud computing infrastructures, there is a drastic change in the way network technologies have been emerged to keep up the pace with demands of high scalable and performance-oriented infrastructure, secure and redundant infrastructure the concept of virtualization is also seeped in networks which is the backbone for any computing environment be it on premises or cloud hosted.
Gone are the days of heavy network equipment and it is replaced with software defined networking processes to combine hardware and software into a single virtual network. As technologies evolving so is the tunnelling protocols.
Today we look more in detail about two most popular VLAN or virtual LAN tunnelling technologies namely VXLAN (Virtual extensive LAN) and GRE (Generic routing encapsulation), their differences (VXLAN vs GRE), features and use cases.
What is VXLAN?
VXLAN is network virtual technology for LAN expansions. It is meant to resolve issues of insufficient virtual networking in large scale cloud deployments and used to leverage VLANs to separate cloud applications and tenants in cloud environments.
VLAN only allows up to 4096 network IDs to be assigned at a specific time which is deficient w.r.t to large cloud computing environments. So VXLAN was designed to extend the VLAN address space by addition of 24-bit segment ID to increase the number of available IDs to 16 million with logical secluding of tenants and cloud applications.
Millions of layer 2 VXLAN networks can coexist on layer 3 infrastructure. In dynamic VM migrations MAC and IP addresses need to remain unchanged before and after migration and where VXLAN plays a critical role.
In above diagram a VXLAN tunnel is established between two rack switches to encapsulate original data frame sent from source into VXLAN packet and enabling original data frames to transmit onto IP network, TOR switch decapsulates the packets into original data frame before forwarding them to destination server.
Packet structure of VXLAN
What is GRE?
Generic routing encapsulation or GRE is an IP encapsulation protocol meant for transporting IP packets over a network. It was developed by Cisco but later became an industry standard (RFC 1701, RFC 2784, and RFC 2890).
It can tunnel any layer 3 protocol including IP. GRE allows routing of IP packets between private IPv4 networks which are segregated over public IPv4 Internet. It also supports encapsulating IPv4 broadcast and multicast traffic.
Uses of GRE
- GRE can be used to transport video, website traffic.
- It allows unsupported protocols to be transported across a network to its destination like IPv6 communication over IPv4 network.
- It offers DDoS protection.
- It creates a virtual link between two networks for routing and enables BGP communication among multiple networks without requiring a physical connectivity to each other as in case of conventional internet exchanges.
In the above diagram GRE is used to encapsulate traffic between two sites. Traffic will traverse across open Internet as tunnels do not encrypt traffic on its own, you can use encrypted tunnelling using VPN software also GRE tunnels are stateless hence destination is never made aware of this until the incoming data arrives at given destination.
All GRE packets include both source and destination address to send data back and forth.
GRE IP Datagram
Comparison: VXLAN vs GRE
The key points of differences between the two are:
- VxLAN is used to create the overlay networks while GRE is used for tunnelling framework over IP network.
- VxLAN is point to multi-point tunnel while GRE is point to point tunnel.
- VxLAN is used for network virtualization while GRE is used with VPN apps to provide a secure connection.
- VxLAN works at layer 2 of OSI model while GRE works at layer 3 of OSI model.
- Both support different internet standards in terms of RFC.
Below table summarizes the points of comparison between the two i.e. VxLAN vs GRE
Download the comparison table: VXLAN vs GRE