how Packets Are Forwarded in a VXLAN Network

In basic Layer 2 and Layer 3 forwarding, Layer 2 forwarding relies on the MAC table, and Layer 3 forwarding relies on the FIB (Forwarding Information Base) table.

In VXLAN, the principle is the same.

Today, we’ll discuss the packet forwarding process in a VXLAN network, using the establishment of a VXLAN tunnel as an example. We’ll explain how communication is handled within the same subnet and across different subnets, ensuring all your questions are answered.

01 Intra-Subnet Communication Process in Centralized VXLAN

As shown in the diagram below, VM_A, VM_B, and VM_C belong to the same subnet. When VM_A wants to communicate with VM_C for the first time, the packet processing is as follows:

Intra-Subnet VM Communication Network Diagram

1. VM_A does not have VM_C’s MAC address, so it sends an ARP broadcast packet to request VM_C’s MAC address.
2. VTEP_1 receives the ARP request, performs VXLAN encapsulation, and then sends the VXLAN packet to all peer VTEPs.
3. Upon receiving the packet, VTEP_2 and VTEP_3 perform decapsulation to obtain the original packet sent by VM_A. VTEP_2 and VTEP_3 broadcast the packet within their respective Layer 2 domains.
4. When VM_C receives the request packet, it finds that the destination IP matches its own IP, so VM_C sends an ARP reply. Other VMs that receive the request packet will discard it.

After this process, both VM_A and VM_C have learned each other’s MAC addresses. Subsequently, VM_A and VM_C will communicate using unicast.

02 Inter-Subnet Communication Process in Centralized VXLAN

Inter-subnet packet forwarding requires the use of a Layer 3 gateway. As shown in the diagram below, VM_A and VM_B belong to different subnets. The packet processing for VM_A to communicate with VM_B is as follows:

Inter-Subnet VM Communication Process Diagram

1. VM_A first sends the data packet to VTEP_1.
2. VTEP_1 receives the packet, performs VXLAN encapsulation, and then sends the VXLAN packet to VTEP_3.
3. VTEP_3 receives the VXLAN packet, performs decapsulation, and finds that the destination MAC is the MAC address of the Layer 3 gateway interface BDIF (MAC_10), and the destination IP address is IP_B (10.1.20.1). Therefore, Layer 3 forwarding is required.
4. VTEP_3 looks up the routing table to find the next hop for IP_B and discovers that the outgoing interface is BDIF 20. VTEP_3 re-encapsulates the packet with VXLAN and sends the VXLAN packet to VTEP_2.
5. Upon receiving the packet, VTEP_2 performs decapsulation and sends it to VM_B.

The BDIF interface functions similarly to the VLANIF interface, serving as a Layer 3 logical interface based on the BD (Bridge Domain) to facilitate communication between different subnets or between VXLAN networks and non-VXLAN networks.