Which entity is responsible for maintaining Layer 2 isolation between segments In a VXLAN environment?
- A. switch fabric
- B. VTEP
- C. VNID
- D. host switch
Explanation: VXLAN uses an 8-byte VXLAN header that consists of a 24-bit VNID and a few reserved bits. The VXLAN header together with the original Ethernet frame goes in the UDP payload.
The 24-bit VNID is used to identify Layer 2 segments and to maintain Layer 2 isolation between the segments.
Let‘s see the structure of a VXLAN packet to understand how (note: VNI = VNID)
The key fields for the VXLAN packet in each of the protocol headers are:
+ Outer MAC header (14 bytes with 4 bytes optional) – Contains the MAC address of the source VTEP and the MAC address of the next-hop router. Each router along the packet‘s path rewrites this header so that the source address is the router‘s MAC address and the destination address is the next-hop router‘s MAC address.
+ Outer IP header (20 bytes)- Contains the IP addresses of the source and destination VTEPs.
+ (Outer) UDP header (8 bytes)- Contains source and destination UDP ports:
– Source UDP port: The VXLAN protocol repurposes this standard field in a UDP packet header. Instead of using this field for the source UDP port, the protocol uses it as a numeric identifier for the particular flow between VTEPs. The VXLAN standard does not define how this number is derived, but the source VTEP usually calculates it from a hash of some combination of fields from the inner Layer 2 packet and the Layer 3 or Layer 4 headers of the original frame.
– Destination UDP port: The VXLAN UDP port. The Internet Assigned Numbers Authority (IANA) allocates port 4789 to VXLAN.
+ VXLAN header (8 bytes)- Contains the 24-bit VNI (or VNID)
+ Original Ethernet/L2 Frame – Contains the original Layer 2 Ethernet frame.
More Questions: CCNP 350-401 Dumps