VXLAN and MPLS: From the Data Center to Metro Ethernet
In recent years, the evolution of cloud computing, virtualization, and containerization technology has promoted the application of network virtualization technology. Both MPLS and VXLAN apply the concept of virtualization to express a logical network architecture for more complex and flexible domain management, but they meet different needs. This article will compare the differences between VXLAN and MPLS, and explain why VXLAN is more popular than MPLS in metro and wide area networks.
VXLAN or MPLS?
First let's quickly review what VXLAN and MPLS are?
Multiprotocol Label Switching (MPLS) is a technology that uses labels to guide high-speed and efficient data transmission on an open communication network. The meaning of multi-protocol means that MPLS can not only support a variety of protocols at the network layer level, but also be compatible with multiple data link layer technologies of the second layer. The technology is specifically designed to simplify data transfer between two nodes, replacing long network addresses with short-path labels.
MPLS can add more sites without extensive configuration. MPLS also has nothing to do with IP, it just simplifies the implementation of these IPs. MPLS over VPN adds an extra layer of security because MPLS has no built-in security features.
Virtual Extensible Local Area Network (VXLAN) encapsulates Layer 2 Ethernet frames in Layer 3 UDP packets so devices and applications can communicate over large physical networks as if they were on the same Ethernet Layer 2 network . The VXLAN technology uses the existing Layer 3 network as the Underlay network, and builds a virtual Layer 2 network on it, that is, the Overlay network.
Compared to MPLS, VXLAN is a relatively new technology. As a network virtualization technology, VXLAN solves the scalability issues associated with large cloud computing setups and deployments.
Why is VXLAN preferred over MPLS in data center networking? Three points can be concluded:
- Routers that support MPLS tend to cost more than data center Layer 3 switches that support VXLAN.
- MPLS-based VPN solutions require tight coupling between edge and core devices, so every node in the data center network must support MPLS.
- Fewer data center network engineers are proficient in MPLS expertise.
(1) MPLS router cost
Some service providers have long been interested in the idea of using data center-grade switches to build low-cost metro networks. More than 20 years ago, the first generation of competitive Metro Ethernet service providers, such as Yipes and Telseon, built their networks using the most advanced Gigabit Ethernet switches in enterprise networks at the time. But such networks struggle to provide the scalability and resiliency required by large SPs, as shown in Figure 1.
Figure 1: Traditional Layer 2 Network
As a result, most large SPs have moved to MPLS (as shown in the figure below). However, MPLS routers are more expensive than regular Ethernet switches, and the issue of this cost difference has not been effectively addressed in the ensuing decades.
Figure 2: IP/MPLS network
Today's data center-level switches combined with VXLAN Overlay architecture can largely eliminate the shortcomings of pure L2 networks without the high cost of MPLS routing, which has attracted the attention of a new round of SPs.
(2) Tight coupling between core and edge
MPLS-based VPN solutions require tight coupling of edge and core devices, so every node in the data center network must support MPLS. In contrast, VXLAN only requires VTEPs in edge nodes (eg leaf switches) and can use any IP-enabled device or IP transport network for data center spine and data center interconnect (DCI).
(3) MPLS expertise
Outside of large service providers, MPLS technology is difficult to learn, and relatively few network engineers can easily build and operate MPLS-based networks. VXLAN is relatively simple and is becoming a basic technology widely mastered by data center network engineers.
Advances in data center switching technology enable VXLAN-based metro and wide area networks
Today's data center switching chips, such as Broadcom's Trident 3 and Trident 4, integrate many of the features that make VXLAN-based metro networks possible. Here are two key examples:
- Hardware-based VTEP supports wire-speed VXLAN encapsulation;
- The extended table provides the routing and forwarding scale required to create elastic, scalable Layer 3 Underlay networks and multi-tenant overlay services.
In addition, newer data center-class switches have powerful CPUs that can support advanced control planes critical to scaling Ethernet services, whether BGP EVPN (a protocol-based approach) or SDN-based protocolless control planes .
As a result, specialized (ie, high-cost) routing hardware is no longer required in many metro network applications.
VXLAN Overlay Architecture for Metro and WAN
Overlay networks have been widely used in various applications such as data center networking and enterprise SD-WAN. A key commonality of these Overlay networks is that they are loosely coupled to Underlay networks. In principle, Underlay networks can be built from any network technology and use any control plane as long as the network provides sufficient capacity and resiliency. Overlays are only defined at service endpoints, there are no service provisioning in Underlay network nodes.
One of the main advantages of SD-WAN is that it can use a variety of networks, including broadband or wireless internet services, that are widely available, cost-effective, and provide sufficient performance for many users and applications. Similar benefits are brought about when VXLAN Overlay is applied to MAN and WAN, as shown in Figure 3.
Figure 3: VXLAN Overlay Architecture
When building a metropolitan area network to provide services such as Ethernet Private Line (E-Line), Multipoint Ethernet Local Area Network (E-LAN), or Layer 3 VPN (L3VPN), care must be taken to ensure that the Underlay can meet the SLAs for such services.
MAN Overlay Control Plane Options Based on VXLAN
So far, our main focus has been on the advantages of VXLAN over MPLS in terms of network architecture and capital cost, ie the data plane. But VXLAN doesn't have a designated control plane, so also take a look at the Overlay control plane option.
Probably the most well-known control plane option for creating VXLAN overlays and providing overlay services is BGP EVPN, a protocol-based approach where services must be configured in each edge node. The biggest disadvantage of BGP EVPN is the operational complexity.
Another protocol-free approach is to use the services defined in SDN and the SDN controller, which in turn program the data plane of each edge node. This removes much of the operational complexity of protocol-based BGP EVPN. However, centralized SDN controller architectures (which are acceptable for data center architectures within a single site) pose serious scalability and resiliency challenges when applied to metro and wide area networks. Therefore, it is not certain that it is a better choice than MPLS for the metropolitan area network.
There is also a third option - decentralized or distributed SDN, where the SDN controller functions are fully replicated and distributed throughout the network. This can also be referred to as "controllerless" SDN as it does not require a separate controller server/device, it completely eliminates the scalability and resiliency issues of centralized SDN control while retaining the benefits of simplifying and accelerating service provisioning .
Table 1: Comparing MPLS and VXLAN options for metro networks
Deployment options
Because VXLAN allows decoupling of overlay service delivery from the underlay network, it creates deployment options that MPLS cannot match, such as a virtual service overlay on top of an existing IP layer, as shown in Figure 4. VXLAN-based switches are deployed at the edge of the existing network and expand according to business needs, adding new Ethernet and VPN services and increasing new revenue without changing the existing network.
Figure 4: VXLAN overlay deployment on existing metro network
The metro network infrastructure shown in Figure 5 can support all the services that MPLS-based networks can provide, including commercial Internet, Ethernet and VPN services, and consumer triple services, while completely eliminating the cost and complexity of MPLS.
Figure 5: Converged Metro Core with VXLAN Service Overlay