Scalable, Multi-tenant Networks with VXLAN

Openstack has been paving the way in cloud computing as an open-source alternative to third party providers since the project was launched in 2010 by NASA and Rackspace. Since then it has gained official support from Ubuntu/Canonical, RedHat, and Debian among others. With its modular framework, Openstack is able to mold to fit the requirements of multiple different applications. At the core of its utility is the ability to create a virtual layer 2 network across a diverse physical network while making this transparent to the tenants who use the network.

VLANs are a common solution to hosting multiple virtual networks for a multitude of different tenants. While this may work for smaller solutions or to integrate into pre-existing infrastructure, the limitations of VLANs become apparent very quickly as the number of tenant1) networks grows and the number of VLANs created grows alongside it. With a 12 bit VLAN ID, it is limited to 4094 isolated networks. This severely inhibits the scalability of infrastructure to support a larger number of clientele.

A more scalable method Openstack can use to create tenant networks is the VXLAN protocol. VXLAN encapsulates Layer 2 packets with the VXLAN header before sending the packet across the physical network. This encapsulation allows hosting solutions to leverage multiple compute nodes for the same tenant network, fulfilling the same role as VLANs. VXLANs overcome the scalability limitations of VLANs. With a 24-bit VXLAN ID, networks leveraging the VXLAN protocol support up to 16 million isolated networks. This advantage comes at a price. Due to the speed limitations of layer 3 as well as processing of the extra layers of encapsulation it may lack performance. This raises the question: with this extra processing how do we provide this virtual layer 2 network as a service without sacrificing performance of the network? Openstack answers this question with the ability to use jumbo frames.

Traditional networks limit the maximum transmission unit (MTU) size to 1500 bytes of data per frame. Enabling jumbo frames allows an MTU size up to 9000 bytes. This lessens the overhead of processing the VXLAN header encapsulation by transmitting more data into the same packet. The resulting network performance increase from jumbo frames negates the extra encapsulation of the VXLAN protocol allowing for smooth, seamless performance of the tenant’s network.

Utilizing the VXLAN protocol on the management network introduces a scalability for cloud hosting that VLANs cannot and with the introduction of jumbo frames into a VXLAN network, network performance is improved. Utilizing this in an Openstack network will greatly improve performance and scalability of cloud hosting services.