VXLAN and MPLS: From Data Center to Metro Ethernet
VXLAN and MPLS: From Data Center to Metro Ethernet
In recent years, the evolution of cloud computing, virtualization, and containerization technologies has promoted the application of network virtualization technologies. Both MPLS and VXLAN apply the concept of virtualization to express a logical network architecture to achieve more complex and flexible domain management, but they meet different requirements. This article compares the differences between VXLAN and MPLS and explains why VXLAN is more popular than MPLS in MANs and WANs.
VXLAN or MPLS?
First, let's quickly review what are VXLAN and MPLS?
Multi-Protocol Label Switching (MPLS) is a technology that uses labels to guide high-speed and efficient data transmission on an open communication network. The meaning of multi-protocol means that MPLS can not only support multiple protocols on the network layer level, but also be compatible with multiple data link layer technologies on the second layer. The technology is specifically designed to simplify the transfer of data between two nodes, replacing long network addresses with short path labels.
MPLS allows adding more sites without extensive configuration. MPLS is also IP agnostic, it just simplifies the implementation of those IPs. MPLS over VPN adds an extra layer of security because MPLS has no built-in security features.
Virtual Extensible LAN (VXLAN) encapsulates Layer 2 Ethernet frames in Layer 3 UDP packets, so devices and applications can communicate over a large physical network as if they were on the same Ethernet Layer 2 network . The VXLAN technology uses the existing layer-3 network as the underlay network, and builds a virtual layer-2 network, namely the overlay network, on it.
VXLAN is a relatively new technology compared to MPLS. As a network virtualization technology, VXLAN addresses scalability issues associated with large cloud computing setups and deployments.
Why is VXLAN preferred over MPLS in data center networking? Three points can be summed up:
- Routers that support MPLS tend to cost more than data center Layer 3 switches that support VXLAN.
- MPLS-based VPN solutions require tight coupling between edge devices and core devices, so every node in the data center network must support MPLS.
- Fewer data center network engineers are proficient in MPLS expertise.
(1) MPLS router cost
Some service providers have long been interested in the idea of building low-cost metro networks using data center-class switches. More than 20 years ago, the first generation of competitive Metro Ethernet service providers, such as Yipes and Telseon, built their networks using the most advanced Gigabit Ethernet switches in enterprise networks at the time. However, such networks struggle to provide the scalability and elasticity required by large SPs, as shown in Figure 1.
Figure 1: Traditional Layer 2 Network
As a result, most large SPs have turned to MPLS (as shown in the figure below). However, MPLS routers are more expensive than ordinary Ethernet switches, and the problem of this cost difference has not been effectively solved in the ensuing decades.
Figure 2: IP/MPLS network
The combination of today's data center-level switches and VXLAN Overlay architecture can largely eliminate the shortcomings of pure L2 networks without the high cost of MPLS routing, which has attracted the attention of a new round of SPs.
(2) Tight coupling between core and edge
MPLS-based VPN solutions require tight coupling between edge devices and core devices, so every node in the data center network must support MPLS. In contrast, VXLAN only requires VTEPs in edge nodes (such as leaf switches), and can use any IP-enabled device or IP transport network to implement data center spine and data center interconnect (DCI).
(3) MPLS expertise
Outside of large service providers, MPLS technology is difficult to learn, and relatively few network engineers can easily build and operate MPLS-based networks. VXLAN, on the other hand, is relatively simple and is becoming a basic technology widely mastered by data center network engineers.
Advances in data center switching technologies enable VXLAN-based metro and wide area networks
Today's data center switching chips, such as Broadcom's Trident 3 and Trident 4, integrate many functions to make VXLAN-based metropolitan area networks possible. Here are two key examples:
- Hardware-based VTEP supports wire-speed VXLAN encapsulation;
- Scaled tables provide the routing and forwarding scale needed to create elastic, scalable Layer 3 Underlay networks and multi-tenant Overlay services.
Additionally, newer data center-class switches have powerful CPUs that can support advanced control planes that are critical to scaling Ethernet services, whether it is BGP EVPN (a protocol-based approach) or an SDN-based protocol-less control plane .
Therefore, in many metro network applications, specialized (ie high cost) routing hardware is no longer required.
VXLAN Overlay Architecture for MAN and WAN
Overlay networks have been widely used in various applications, such as data center networks and enterprise SD-WAN. A key commonality of these Overlay networks is that they are loosely coupled to the Underlay network. In principle, the Underlay network can be constructed by any network technology and use any control plane as long as the network provides sufficient capacity and elasticity. Overlay is only defined at the service endpoint, and there is no service provision in the Underlay network node.
One of the main advantages of SD-WAN is that it can use a variety of networks, including broadband or wireless Internet services, which are widely available and cost-effective, and provide sufficient performance for many users and applications. When VXLAN Overlay is applied to MAN and WAN, it will bring similar benefits, as shown in Figure 3.
Figure 3: VXLAN Overlay architecture
When constructing a metropolitan area network to provide services such as Ethernet Private Line (E-Line), Multipoint Ethernet Local Area Network (E-LAN) or Layer 3 VPN (L3VPN), care must be taken to ensure that the Underlay can meet the SLA of such services.
VXLAN-based MAN Overlay Control Plane Options
So far, we have mainly focused on the advantages of VXLAN over MPLS in terms of network architecture and capital cost, that is, the advantages of the data plane. But VXLAN does not have a specified control plane, so you need to look at the Overlay control plane option.
The most well-known control plane option for creating VXLAN Overlay and providing Overlay services should be BGP EVPN, which is a protocol-based method and services must be configured in each edge node. The biggest disadvantage of BGP EVPN is the complexity of operation.
Another protocol-free approach is to use services defined in SDN and SDN controllers, which in turn program the data plane of each edge node. This removes most of the operational complexities of protocol-based BGP EVPN. However, centralized SDN controller architectures (which are acceptable for data center architectures within a single site) pose serious scalability and resiliency challenges when applied to MANs and WANs. Therefore, it is uncertain whether it is a better choice than MPLS for the metropolitan area network.
There is also a third option - decentralized or distributed SDN, where the SDN controller functionality is fully replicated and distributed throughout the network. This can also be referred to as a "controller-less" SDN, as it does not require a separate controller server/appliance, it completely eliminates the scalability and resiliency issues of centralized SDN control, while retaining the benefits of simplified and accelerated service provisioning .
Table 1: Comparing MPLS and VXLAN options for metro networks
deployment options
Since VXLAN allows overlay service delivery to be decoupled from the underlay network, it creates deployment options that MPLS cannot match, such as virtual service overlay on the existing IP underlying layer, as shown in Figure 4. VXLAN-based switches are deployed at the edge of the existing network and expanded according to service requirements. New Ethernet and VPN services can be added without changing the existing network, increasing new revenue.
Figure 4: VXLAN overlay deployment over existing metro network
The metro network infrastructure shown in Figure 5 can support all the services that an MPLS-based network can provide, including business Internet, Ethernet and VPN services, and consumer triple play services, while completely eliminating the cost and complexity of MPLS.
Figure 5: Converged metro core with VXLAN service overlay