A typical Virtual eXtensible Local Area Network (“VXLAN”) network comprises a leaf-spine architecture with servers connected to the leaf node devices and IP underlay connections between the leaf and spine node devices. Each leaf node device hosts a VXLAN Tunnel End Point (“VTEP”) that is responsible for encapsulation and decapsulation of VXLAN packets. A 24-bit identifier referred to as a Virtual Network Identifier (“VNI”) uniquely identifies a VXLAN network. VXLAN employs a MAC-over-IP/UDP scheme that operates over an IP underlay network. This enables all of the advantages of a layer 3 (“L3”) network to be retained while providing the flexibility of stretching layer 2 (“L2”) segments over L3 networks. Multi-destination traffic is forwarded through the IP core, either via IP multicast or via ingress replication. Ingress replication may be the preferred mode of operation for customers who do not want to run any multicast protocols in the IP underlay.
In case of ingress replication in VXLAN networks, the ingress VTEP device creates n−1 copies of a multi-destination packet, where n is the number of VTEPs in the flood domain (BD or layer-2 VNI). Hence the network can be stressed for bandwidth in networks that have a significant amount of multi-destination traffic. This is especially true when the VNI spans a large number of VTEPs. In addition, the underlay sees a lot of copies (one destined to each VTEP) for a multi-destination packet. Hence, it is desirable to prevent these copies from being flooded into the underlay.