VXLAN Explained: Stretching Layer 2 Over Layer 3
VXLAN (Virtual Extensible LAN) lets you stretch a Layer 2 segment across a Layer 3 network by tunnelling Ethernet frames inside UDP packets. It solves a modern data-centre problem: needing VLAN-like segments that span racks, buildings, even sites — far beyond VLAN's limits.
How it works
VXLAN encapsulates each Ethernet frame in MAC-in-UDP, adding a 24-bit VNI (VXLAN Network Identifier) — allowing ~16 million segments versus VLAN's 4,094. Endpoints called VTEPs wrap and unwrap the traffic. The underlay is ordinary routed IP; the overlay behaves like one big switched network.
Why it matters
Data centres and campus fabrics (including Cisco SD-Access) use VXLAN as the overlay that carries segmented traffic, with routing as the stable underlay. It's how modern networks scale segmentation and mobility. VXLAN is a CCNP ENCOR topic that connects switching, routing and automation.
Frequently asked questions
What problem does VXLAN solve?
It extends Layer 2 segments across a Layer 3 network and removes VLAN's 4,094 limit, supporting ~16 million segments for large data centres.
What is a VNI?
The VXLAN Network Identifier — a 24-bit tag identifying which VXLAN segment a frame belongs to, analogous to a VLAN ID but far more numerous.
Where is VXLAN used?
In data-centre and campus fabrics — including Cisco SD-Access — as the overlay carrying segmented traffic over a routed underlay.
Related articles
Want hands-on training?
Learn this on real Cisco lab devices with placement support at Attila Technologies, Ahmedabad.