Webinar topic: VLAN vs VXLAN Presenter: Achmad Mardiansyah In this webinar series, We are discussing VLAN vs VXLAN Please share your feedback or webinar ideas here: http://bit.ly/glcfeedback Check our schedule for future events: https://www.glcnetworks.com/schedule/ Follow our social media for updates: Facebook, Instagram, YouTube Channel, and telegram The recording is available on Youtube https://youtu.be/HDo7XVLRd9E

1. www.glcnetworks.com
VLAN vs VxLAN
GLC webinar, 17 Dec 2020
Achmad Mardiansyah
achmad@glcnetworks.com
GLC Networks, Indonesia
1
VLAN
VxLAN

2. www.glcnetworks.com
Agenda
● Introduction
● VLAN
● Overlay network
● VxLAN
● Live practice
● Q & A
2

3. www.glcnetworks.com
introduction
3

4. www.glcnetworks.com
What is GLC?
● Garda Lintas Cakrawala (www.glcnetworks.com)
● Based in Bandung, Indonesia
● Areas: Training, IT Consulting
● Certified partner for: Mikrotik, Ubiquity, Linux foundation
● Product: GLC radius manager
● Regular event
4

5. www.glcnetworks.com
Trainer Introduction
● Name: Achmad Mardiansyah
● Base: bandung, Indonesia
● Linux user since 1999, mikrotik user since 2007, UBNT
2011
● Mikrotik Certified Trainer
(MTCNA/RE/WE/UME/INE/TCE/IPv6)
● Mikrotik/Linux Certified Consultant
● Website contributor: achmadjournal.com, mikrotik.tips,
asysadmin.tips
● More info:
http://au.linkedin.com/in/achmadmardiansyah
5

6. www.glcnetworks.com
Past experiences
6
● 2020 (Congo DRC, Malaysia): IOT integration,
network automation
● 2019, Congo (DRC): build a wireless ISP from
ground-up
● 2018, Malaysia: network revamp, develop billing
solution and integration, setup dynamic routing
● 2017, Libya (north africa): remote wireless migration
for a new Wireless ISP
● 2016, United Kingdom: workshop for wireless ISP,
migrating a bridged to routed network
● 2015, West Kalimantan: supporting wireless
infrastructure project

7. www.glcnetworks.com
About GLC webinar?
● First webinar: january 1, 2010 (title:
tahun baru bersama solaris - new year
with solaris OS)
● As a sharing event with various topics:
linux, networking, wireless, database,
programming, etc
● Regular schedule
● Irregular schedule: as needed
● Checking schedule:
http://www.glcnetworks.com/schedule
● You are invited to be a presenter
○ No need to be an expert
○ This is a forum for sharing: knowledge,
experiences, information
7

8. www.glcnetworks.com
Please introduce yourself
● Your name
● Your company/university?
● Your networking experience?
● Your mikrotik experience?
● Your expectation from this course?
8

9. www.glcnetworks.com
VLAN
9

10. www.glcnetworks.com
Typical network, with internet connection
● We add a router to connect to other network (internet is a collection of
networks)
●
10
SITE A SITE B
ISP

11. www.glcnetworks.com
Typical network, with internet and segmentation
● A router is used to divide network based on layer 3 (network) -> different ip
address segment
● One switch -> one segment
11
SITE A SITE B
ISP

12. www.glcnetworks.com
Multiple segments in one site
● One switch -> one segment
● You need more switches
12
SITE A SITE B
ISP

13. www.glcnetworks.com
More segments in one site
● One switch -> one segment
● You need more switches, more money
13
SITE A SITE B
ISP
192.168.1.0/24
192.168.2.0/24
192.168.3.0/24

14. www.glcnetworks.com
What VLAN can do
● One switch multiple segment, divide the switch based on ports
● less equipment, save money, save space
● Requires more knowledge
14
SITE A SITE B
ISP

15. www.glcnetworks.com
Without and with VLAN
trunk
link
VLAN 10 VLAN 20 VLAN 10 VLAN 20
SITE A SITE B

16. www.glcnetworks.com
VLAN terms
● VLAN: a feature on layer 2 device (switch) to do virtual segmentation on
physical switch
● The segmentation can be extended to other switch using “trunk” link.
Borrowed from telco terms “trunk” (a link to connects 2 telco exchanges)
● Port types:
○ Access port -> to connect to end-devices
○ Trunk port -> to connect to other VLAN switch
access
port
trunk
port
trunk
port
VLAN 10 VLAN 20 VLAN 10 VLAN 20
SITE A SITE B
trunk
line

17. www.glcnetworks.com
What happened on trunk ports
● The layer-2-header of outgoing frame will be modified by adding VLAN tag on
the header
● This tag will be recognised at the other end
access
port
trunk
port
trunk
port
SITE A SITE B
VLAN 10 VLAN 20 VLAN 10 VLAN 20

18. www.glcnetworks.com
Inter-VLAN communication
● 1 VLAN = 1 network segment = 1 network ID = 1 broadcast domain
● Meaning: we need a router to route packets between VLAN
● IP address on router’s interfaces will become the gateway of each VLAN
access
port
trunk
port
trunk
port
SITE A SITE B
VLAN 10 VLAN 20 VLAN 10 VLAN 20
access
port
access
port

19. www.glcnetworks.com
What If the router supports VLAN tag (trunk)?
● VLAN routing can be done using only 1 port (1 cable)
● We need to assign IP address on VLAN interface at the router
access
port
trunk
port
trunk
port
SITE A SITE B
trunk port:
VLAN 10, 20
VLAN 10 VLAN 20 VLAN 10 VLAN 20

20. www.glcnetworks.com
What if the switch is a layer-3 switch?
● Meaning: routing function will be done internally on switch.
● Meaning: the switch is a router.
● Layer-3 switch is much more expensive (especially at vendor XXX)
access
port
trunk
port
trunk
port
SITE A SITE B
VLAN 10 VLAN 20 VLAN 10 VLAN 20

21. www.glcnetworks.com
A (very funny) story (1)...
● A client using layer-3-switches to build their internal network, and use
Mikrotik router to do inter-VLAN routing. whoops…!!
● Question: why do you buy a layer-3 switches then?
● Congratulations to sales team… ;-) well done..!!
access
port
trunk
port
trunk
port
SITE A SITE B
VLAN 10 VLAN 20 VLAN 10 VLAN 20

22. www.glcnetworks.com
Overlay network
22

23. www.glcnetworks.com
Overlay network
23

24. www.glcnetworks.com
Overlay network
a network that is built on top of current network. Aka overlay network.
Meaning:
● You must have an established existing network
● And you built a network on top of it
Notes:
● Overlay network will create virtual interfaces and IP address
● Can use point-to-point addressing (/32)
● Require more processing
24

25. www.glcnetworks.com
What is tunnel?
● an overlay network
● network above network
● Usually point-to-point
25

26. www.glcnetworks.com
Underlay network
26
HOME
192.168.1.0/24
3
.
3
.
3
.
0
/
2
4
2.2.2.0/24
OFFICE
172.18.1.0/24
1.1.1.0/24
cafe
192.168.1.0/24

27. www.glcnetworks.com
Overlay network
27
HOME
192.168.1.0/24
3
.
3
.
3
.
0
/
2
4
2.2.2.0/24
OFFICE
172.18.1.0/24
1.1.1.0/24
cafe
192.168.1.0/24
VPN network
192.168.9.0/24
@VPN network:
server: 192.168.9.1
router: 192.168.9.11
laptop: 192.168.9.12

28. www.glcnetworks.com
RoMON : Router Management Overlay Network
● A feature to access mikrotik devices in multiple segment
28
Source: i.ytimg.com

29. www.glcnetworks.com
VxLAN
29

30. www.glcnetworks.com
What happen with VLAN
● They are good. To some extent...
● In some cases its not sufficient:
○ Limited vlanID
○ The use of STP protocol → only one link is active
○ Handling many ARP table
● Some cases:
○ Datacenter
○ ISP
30

31. www.glcnetworks.com
Introducing VxLAN
● Virtual eXtensible Local Area Network
(VXLAN)
● RFC7348
● Using UDP protocol
● Terminology:
○ VNI: VXLAN Network Identifier (or VXLAN
Segment ID)
○ VTEP: VXLAN Tunnel End Point. An entity
that originates and/or terminates VXLAN
tunnels
○ VXLAN Segment: VXLAN Layer 2 overlay
network over which VMs communicate
○ VXLAN Gateway: an entity that forwards
traffic between VXLANs
31

32. www.glcnetworks.com
VxLAN benefit
● Not bounded on layer 2 devices
● More scalable (more IDs). vlan id only 4096
● No limited by STP
● Suitable for multi tenant environment (cloud provider)
● Eliminate problem: Inadequate Table Sizes at ToR Switch
32

33. www.glcnetworks.com
header
33

34. www.glcnetworks.com
VxLAN deployment
34

35. www.glcnetworks.com
VxLAn on Mikrotik
● Will be released on version 7
● Currently on beta version
● New interface for vxlan
○ /interface vxlan print
35

36. www.glcnetworks.com
LIVE practice
36

37. www.glcnetworks.com
preparation
● SSH client
● SSH parameters
○ SSH address
○ SSH port
○ SSH username
○ SSH password
37

38. www.glcnetworks.com
R1
AS11
R2
AS11
E2
E2
E3
E3
E6
R3
AS13
R4
AS13
E2
E2
E3
E3
E6
R5
AS15
R6
AS15
E2
E2
E3
E3
E6
R7
AS17
R8
AS17
E2
E2
E3
E3
E6
R9
AS19
R10
AS19
E2
E2
E3
E3
E6
SW86
192.168.86.X/24
R86
AS86
R85
AS85
R98
R88
AS88
R87
AS87
E6
E6
E3
E3
E5
E2
E5
E3
E3
E2
TOPOLOGY 1
LAB: Mikrotik
E6
E6
E2
E6 E6 E6
PC101
E2
PC102
E2
PC103
E2
PC104
E2
PC105
E2
PC106
E2
PC107
E2
PC108
E2
PC109
E2
PC110

39. www.glcnetworks.com
Q & A
39

40. www.glcnetworks.com
Interested? Just come to our training...
● Topics are arranged in systematic and logical way
● You will learn from experienced teacher
● Not only learn the materials, but also sharing experiences, best-practices, and
networking
40

41. www.glcnetworks.com
End of slides
● Thank you for your attention
● Please submit your feedback: http://bit.ly/glcfeedback
● Like our facebook page: https://www.facebook.com/glcnetworks
● Slide: http://www.slideshare.net/r41nbuw
● Recording (youtube): https://goo.gl/28ABHU
● Stay tune with our schedule
● Any questions?
41