VLAN vs VXLAN
GLCNetworks
421 views
41 slides
Mar 29, 2021
Slide 1 of 41
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
About This Presentation
Webinar topic: VLAN vs VXLAN
Presenter: Achmad Mardiansyah
In this webinar series, We are discussing VLAN vs VXLAN
Please share your feedback or webinar ideas here: http://bit.ly/glcfeedback
Check our schedule for future events: https://www.glcnetworks.com/schedule/
Follow our social media for upd...
Slide Content
www.glcnetworks.com
VLAN vs VxLAN
GLC webinar, 17 Dec 2020
Achmad Mardiansyah
[email protected]
GLC Networks, Indonesia
1
VLAN
VxLAN
VLAN vs VxLAN
GLC webinar, 17 Dec 2020
Achmad Mardiansyah
[email protected]
GLC Networks, Indonesia
1
VLAN
VxLAN
www.glcnetworks.com
Agenda
●Introduction
●VLAN
●Overlay network
●VxLAN
●Live practice
●Q & A
2
Agenda
●Introduction
●VLAN
●Overlay network
●VxLAN
●Live practice
●Q & A
2
www.glcnetworks.com
introduction
3
introduction
3
www.glcnetworks.com
What is GLC?
●Garda Lintas Cakrawala (www.glcnetworks.com)
●Based in Bandung, Indonesia
●Areas: Training, IT Consulting
●Certified partner for: Mikrotik, Ubiquity, Linux foundation
●Product: GLC radius manager
●Regular event
4
What is GLC?
●Garda Lintas Cakrawala (www.glcnetworks.com)
●Based in Bandung, Indonesia
●Areas: Training, IT Consulting
●Certified partner for: Mikrotik, Ubiquity, Linux foundation
●Product: GLC radius manager
●Regular event
4
www.glcnetworks.com
Trainer Introduction
●Name: Achmad Mardiansyah
●Base: bandung, Indonesia
●Linux user since 1999, mikrotik user since 2007, UBNT
2011
●Mikrotik Certified Trainer
(MTCNA/RE/WE/UME/INE/TCE/IPv6)
●Mikrotik/Linux Certified Consultant
●Website contributor: achmadjournal.com, mikrotik.tips,
asysadmin.tips
●More info:
http://au.linkedin.com/in/achmadmardiansyah
5
Trainer Introduction
●Name: Achmad Mardiansyah
●Base: bandung, Indonesia
●Linux user since 1999, mikrotik user since 2007, UBNT
2011
●Mikrotik Certified Trainer
(MTCNA/RE/WE/UME/INE/TCE/IPv6)
●Mikrotik/Linux Certified Consultant
●Website contributor: achmadjournal.com, mikrotik.tips,
asysadmin.tips
●More info:
http://au.linkedin.com/in/achmadmardiansyah
5
www.glcnetworks.com
Past experiences
6
●2020 (Congo DRC, Malaysia): IOT integration,
network automation
●2019, Congo (DRC): build a wireless ISP from
ground-up
●2018, Malaysia: network revamp, develop billing
solution and integration, setup dynamic routing
●2017, Libya (north africa): remote wireless migration
for a new Wireless ISP
●2016, United Kingdom: workshop for wireless ISP,
migrating a bridged to routed network
●2015, West Kalimantan: supporting wireless
infrastructure project
Past experiences
6
●2020 (Congo DRC, Malaysia): IOT integration,
network automation
●2019, Congo (DRC): build a wireless ISP from
ground-up
●2018, Malaysia: network revamp, develop billing
solution and integration, setup dynamic routing
●2017, Libya (north africa): remote wireless migration
for a new Wireless ISP
●2016, United Kingdom: workshop for wireless ISP,
migrating a bridged to routed network
●2015, West Kalimantan: supporting wireless
infrastructure project
www.glcnetworks.com
About GLC webinar?
●First webinar: january 1, 2010 (title:
tahun baru bersama solaris - new year
with solaris OS)
●As a sharing event with various topics:
linux, networking, wireless, database,
programming, etc
●Regular schedule
●Irregular schedule: as needed
●Checking schedule:
http://www.glcnetworks.com/schedule
●You are invited to be a presenter
○No need to be an expert
○This is a forum for sharing: knowledge,
experiences, information
7
About GLC webinar?
●First webinar: january 1, 2010 (title:
tahun baru bersama solaris - new year
with solaris OS)
●As a sharing event with various topics:
linux, networking, wireless, database,
programming, etc
●Regular schedule
●Irregular schedule: as needed
●Checking schedule:
http://www.glcnetworks.com/schedule
●You are invited to be a presenter
○No need to be an expert
○This is a forum for sharing: knowledge,
experiences, information
7
www.glcnetworks.com
Please introduce yourself
●Your name
●Your company/university?
●Your networking experience?
●Your mikrotik experience?
●Your expectation from this course?
8
Please introduce yourself
●Your name
●Your company/university?
●Your networking experience?
●Your mikrotik experience?
●Your expectation from this course?
8
www.glcnetworks.com
VLAN
9
VLAN
9
www.glcnetworks.com
Typical network, with internet connection
●We add a router to connect to other network (internet is a collection of
networks)
●
10
SITE A SITE B
ISP
Typical network, with internet connection
●We add a router to connect to other network (internet is a collection of
networks)
●
10
SITE A SITE B
ISP
www.glcnetworks.com
Typical network, with internet and segmentation
●A router is used to divide network based on layer 3 (network) -> different ip
address segment
●One switch -> one segment
11
SITE A SITE B
ISP
Typical network, with internet and segmentation
●A router is used to divide network based on layer 3 (network) -> different ip
address segment
●One switch -> one segment
11
SITE A SITE B
ISP
www.glcnetworks.com
Multiple segments in one site
●One switch -> one segment
●You need more switches
12
SITE A SITE B
ISP
Multiple segments in one site
●One switch -> one segment
●You need more switches
12
SITE A SITE B
ISP
www.glcnetworks.com
More segments in one site
●One switch -> one segment
●You need more switches, more money
13
SITE A SITE B
ISP
192.168.1.0/24
192.168.2.0/24
192.168.3.0/24
More segments in one site
●One switch -> one segment
●You need more switches, more money
13
SITE A SITE B
ISP
192.168.1.0/24
192.168.2.0/24
192.168.3.0/24
www.glcnetworks.com
What VLAN can do
●One switch multiple segment, divide the switch based on ports
●less equipment, save money, save space
●Requires more knowledge
14
SITE A SITE B
ISP
What VLAN can do
●One switch multiple segment, divide the switch based on ports
●less equipment, save money, save space
●Requires more knowledge
14
SITE A SITE B
ISP
www.glcnetworks.com
Without and with VLAN
trunk
link
VLAN 10 VLAN 20 VLAN 10 VLAN 20
SITE A
SITE B
Without and with VLAN
trunk
link
VLAN 10 VLAN 20 VLAN 10 VLAN 20
SITE A
SITE B
www.glcnetworks.com
VLAN terms
●VLAN: a feature on layer 2 device (switch) to do virtual segmentation on
physical switch
●The segmentation can be extended to other switch using “trunk” link.
Borrowed from telco terms “trunk” (a link to connects 2 telco exchanges)
●Port types:
○Access port -> to connect to end-devices
○Trunk port -> to connect to other VLAN switch
access
port
trunk
port
trunk
port
VLAN 10 VLAN 20 VLAN 10 VLAN 20
SITE A
SITE B
trunk
line
VLAN terms
●VLAN: a feature on layer 2 device (switch) to do virtual segmentation on
physical switch
●The segmentation can be extended to other switch using “trunk” link.
Borrowed from telco terms “trunk” (a link to connects 2 telco exchanges)
●Port types:
○Access port -> to connect to end-devices
○Trunk port -> to connect to other VLAN switch
access
port
trunk
port
trunk
port
VLAN 10 VLAN 20 VLAN 10 VLAN 20
SITE A
SITE B
trunk
line
www.glcnetworks.com
What happened on trunk ports
●The layer-2-header of outgoing frame will be modified by adding VLAN tag on
the header
●This tag will be recognised at the other end
access
port
trunk
port
trunk
port
SITE A
SITE B
VLAN 10 VLAN 20 VLAN 10 VLAN 20
What happened on trunk ports
●The layer-2-header of outgoing frame will be modified by adding VLAN tag on
the header
●This tag will be recognised at the other end
access
port
trunk
port
trunk
port
SITE A
SITE B
VLAN 10 VLAN 20 VLAN 10 VLAN 20
www.glcnetworks.com
Inter-VLAN communication
●1 VLAN = 1 network segment = 1 network ID = 1 broadcast domain
●Meaning: we need a router to route packets between VLAN
●IP address on router’s interfaces will become the gateway of each VLAN
access
port
trunk
port
trunk
port
SITE A
SITE B
VLAN 10 VLAN 20 VLAN 10 VLAN 20
access
port
access
port
Inter-VLAN communication
●1 VLAN = 1 network segment = 1 network ID = 1 broadcast domain
●Meaning: we need a router to route packets between VLAN
●IP address on router’s interfaces will become the gateway of each VLAN
access
port
trunk
port
trunk
port
SITE A
SITE B
VLAN 10 VLAN 20 VLAN 10 VLAN 20
access
port
access
port
www.glcnetworks.com
What If the router supports VLAN tag (trunk)?
●VLAN routing can be done using only 1 port (1 cable)
●We need to assign IP address on VLAN interface at the router
access
port
trunk
port
trunk
port
SITE A
SITE B
trunk port:
VLAN 10, 20
VLAN 10 VLAN 20 VLAN 10 VLAN 20
What If the router supports VLAN tag (trunk)?
●VLAN routing can be done using only 1 port (1 cable)
●We need to assign IP address on VLAN interface at the router
access
port
trunk
port
trunk
port
SITE A
SITE B
trunk port:
VLAN 10, 20
VLAN 10 VLAN 20 VLAN 10 VLAN 20
www.glcnetworks.com
What if the switch is a layer-3 switch?
●Meaning: routing function will be done internally on switch.
●Meaning: the switch is a router.
●Layer-3 switch is much more expensive (especially at vendor XXX)
access
port
trunk
port
trunk
port
SITE A
SITE B
VLAN 10 VLAN 20 VLAN 10 VLAN 20
What if the switch is a layer-3 switch?
●Meaning: routing function will be done internally on switch.
●Meaning: the switch is a router.
●Layer-3 switch is much more expensive (especially at vendor XXX)
access
port
trunk
port
trunk
port
SITE A
SITE B
VLAN 10 VLAN 20 VLAN 10 VLAN 20
www.glcnetworks.com
A (very funny) story (1)...
●A client using layer-3-switches to build their internal network, and use
Mikrotik router to do inter-VLAN routing. whoops…!!
●Question: why do you buy a layer-3 switches then?
●Congratulations to sales team… ;-) well done..!!
access
port
trunk
port
trunk
port
SITE A
SITE B
VLAN 10 VLAN 20 VLAN 10 VLAN 20
A (very funny) story (1)...
●A client using layer-3-switches to build their internal network, and use
Mikrotik router to do inter-VLAN routing. whoops…!!
●Question: why do you buy a layer-3 switches then?
●Congratulations to sales team… ;-) well done..!!
access
port
trunk
port
trunk
port
SITE A
SITE B
VLAN 10 VLAN 20 VLAN 10 VLAN 20
www.glcnetworks.com
Overlay network
22
Overlay network
22
www.glcnetworks.com
Overlay network
23
Overlay network
23
www.glcnetworks.com
Overlay network
a network that is built on top of current network. Aka overlay network.
Meaning:
●You must have an established existing network
●And you built a network on top of it
Notes:
●Overlay network will create virtual interfaces and IP address
●Can use point-to-point addressing (/32)
●Require more processing
24
Overlay network
a network that is built on top of current network. Aka overlay network.
Meaning:
●You must have an established existing network
●And you built a network on top of it
Notes:
●Overlay network will create virtual interfaces and IP address
●Can use point-to-point addressing (/32)
●Require more processing
24
www.glcnetworks.com
What is tunnel?
●an overlay network
●network above network
●Usually point-to-point
25
What is tunnel?
●an overlay network
●network above network
●Usually point-to-point
25
www.glcnetworks.com
Underlay network
26
HOME
192.168.1.0/24
3.3.3.0/2
4
2.2.2.0/24
OFFICE
172.18.1.0/24
1.1.1.0/24
cafe
192.168.1.0/24
Underlay network
26
HOME
192.168.1.0/24
3.3.3.0/2
4
2.2.2.0/24
OFFICE
172.18.1.0/24
1.1.1.0/24
cafe
192.168.1.0/24
www.glcnetworks.com
Overlay network
27
HOME
192.168.1.0/24
3.3.3.0/2
4
2.2.2.0/24
OFFICE
172.18.1.0/24
1.1.1.0/24
cafe
192.168.1.0/24
VPN network
192.168.9.0/24
@VPN network:
server: 192.168.9.1
router: 192.168.9.11
laptop: 192.168.9.12
Overlay network
27
HOME
192.168.1.0/24
3.3.3.0/2
4
2.2.2.0/24
OFFICE
172.18.1.0/24
1.1.1.0/24
cafe
192.168.1.0/24
VPN network
192.168.9.0/24
@VPN network:
server: 192.168.9.1
router: 192.168.9.11
laptop: 192.168.9.12
www.glcnetworks.com
RoMON : Router Management Overlay Network
●A feature to access mikrotik devices in multiple segment
28
Source: i.ytimg.com
RoMON : Router Management Overlay Network
●A feature to access mikrotik devices in multiple segment
28
Source: i.ytimg.com
www.glcnetworks.com
VxLAN
29
VxLAN
29
www.glcnetworks.com
What happen with VLAN
●They are good. To some extent...
●In some cases its not sufficient:
○Limited vlanID
○The use of STP protocol → only one link is active
○Handling many ARP table
●Some cases:
○Datacenter
○ISP
30
What happen with VLAN
●They are good. To some extent...
●In some cases its not sufficient:
○Limited vlanID
○The use of STP protocol → only one link is active
○Handling many ARP table
●Some cases:
○Datacenter
○ISP
30
www.glcnetworks.com
Introducing VxLAN
●Virtual eXtensible Local Area Network
(VXLAN)
●RFC7348
●Using UDP protocol
●Terminology:
○VNI: VXLAN Network Identifier (or VXLAN
Segment ID)
○VTEP: VXLAN Tunnel End Point. An entity
that originates and/or terminates VXLAN
tunnels
○VXLAN Segment: VXLAN Layer 2 overlay
network over which VMs communicate
○VXLAN Gateway: an entity that forwards
traffic between VXLANs
31
Introducing VxLAN
●Virtual eXtensible Local Area Network
(VXLAN)
●RFC7348
●Using UDP protocol
●Terminology:
○VNI: VXLAN Network Identifier (or VXLAN
Segment ID)
○VTEP: VXLAN Tunnel End Point. An entity
that originates and/or terminates VXLAN
tunnels
○VXLAN Segment: VXLAN Layer 2 overlay
network over which VMs communicate
○VXLAN Gateway: an entity that forwards
traffic between VXLANs
31
www.glcnetworks.com
VxLAN benefit
●Not bounded on layer 2 devices
●More scalable (more IDs). vlan id only 4096
●No limited by STP
●Suitable for multi tenant environment (cloud provider)
●Eliminate problem: Inadequate Table Sizes at ToR Switch
32
VxLAN benefit
●Not bounded on layer 2 devices
●More scalable (more IDs). vlan id only 4096
●No limited by STP
●Suitable for multi tenant environment (cloud provider)
●Eliminate problem: Inadequate Table Sizes at ToR Switch
32
www.glcnetworks.com
header
33
header
33
www.glcnetworks.com
VxLAN deployment
34
VxLAN deployment
34
www.glcnetworks.com
VxLAn on Mikrotik
●Will be released on version 7
●Currently on beta version
●New interface for vxlan
○/interface vxlan print
35
VxLAn on Mikrotik
●Will be released on version 7
●Currently on beta version
●New interface for vxlan
○/interface vxlan print
35
www.glcnetworks.com
LIVE practice
36
LIVE practice
36
www.glcnetworks.com
preparation
●SSH client
●SSH parameters
○SSH address
○SSH port
○SSH username
○SSH password
37
preparation
●SSH client
●SSH parameters
○SSH address
○SSH port
○SSH username
○SSH password
37
www.glcnetworks.com
R1
AS11
R2
AS11
E2
E2
E3E3
E6
R3
AS13
R4
AS13
E2
E2
E3E3
E6
R5
AS15
R6
AS15
E2
E2
E3E3
E6
R7
AS17
R8
AS17
E2E2
E3E3
E6
R9
AS19
R10
AS19
E2E2
E3E3
E6
SW86
192.168.86.X/24
R86
AS86
R85
AS85
R98
R88
AS88
R87
AS87
E6
E6
E3
E3
E5
E2
E5
E3
E3
E2
TOPOLOGY 1
LAB: Mikrotik
E6
E6
E2
E6 E6 E6
PC101
E2
PC102
E2
PC103
E2
PC104
E2
PC105
E2
PC106
E2
PC107
E2
PC108
E2
PC109
E2
PC110
R1
AS11
R2
AS11
E2
E2
E3E3
E6
R3
AS13
R4
AS13
E2
E2
E3E3
E6
R5
AS15
R6
AS15
E2
E2
E3E3
E6
R7
AS17
R8
AS17
E2E2
E3E3
E6
R9
AS19
R10
AS19
E2E2
E3E3
E6
SW86
192.168.86.X/24
R86
AS86
R85
AS85
R98
R88
AS88
R87
AS87
E6
E6
E3
E3
E5
E2
E5
E3
E3
E2
TOPOLOGY 1
LAB: Mikrotik
E6
E6
E2
E6 E6 E6
PC101
E2
PC102
E2
PC103
E2
PC104
E2
PC105
E2
PC106
E2
PC107
E2
PC108
E2
PC109
E2
PC110
www.glcnetworks.com
Q & A
39
Q & A
39
www.glcnetworks.com
Interested? Just come to our training...
●Topics are arranged in systematic and logical way
●You will learn from experienced teacher
●Not only learn the materials, but also sharing experiences, best-practices, and
networking
40
Interested? Just come to our training...
●Topics are arranged in systematic and logical way
●You will learn from experienced teacher
●Not only learn the materials, but also sharing experiences, best-practices, and
networking
40
www.glcnetworks.com
End of slides
●Thank you for your attention
●Please submit your feedback: http://bit.ly/glcfeedback
●Like our facebook page: https://www.facebook.com/glcnetworks
●Slide: http://www.slideshare.net/r41nbuw
●Recording (youtube): https://goo.gl/28ABHU
●Stay tune with our schedule
●Any questions?
41
End of slides
●Thank you for your attention
●Please submit your feedback: http://bit.ly/glcfeedback
●Like our facebook page: https://www.facebook.com/glcnetworks
●Slide: http://www.slideshare.net/r41nbuw
●Recording (youtube): https://goo.gl/28ABHU
●Stay tune with our schedule
●Any questions?
41
Categories
TechnologyDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 421
- Slides 41
- Age 1710 days
Related Slideshows
11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
47 views
10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
46 views
13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
37 views
11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
34 views
21
Know for Certain
DaveSinNM
21 views
17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
26 views