The present disclosure generally relates to virtual networking, and more specifically, to techniques for fully exploiting the link redundancy of an underlay network for overlay networks.
Overlay networks are an example of a virtual networking technology that can be used to provide virtual networking services to tenants (e.g., enterprises, such as an individual, organization, company, etc.) in a multi-tenant cloud data center. In an overlay network, data traffic between tenants is tunneled across the underlying data center's internet protocol (IP) network. Overlay networks can employ a number of different protocols, such as Virtual Extensible LAN (VXLAN), Network Virtualization using Generic Routing Encapsulation (NVGRE), Stateless Transport Tunneling (STT), Generic Network Virtualization Encapsulation (GENEVE), Multiprotocol Label Switching (MPLS) over User Datagram Protocol (UDP), etc., to tunnel traffic across an underlay network.
To create a tunnel, such protocols generally encapsulate one packet inside of another packet in order to extend the virtual network traffic over the underlying physical network. VXLAN, for example, is an overlay protocol that encapsulates layer 2 (L2) traffic (e.g., Ethernet frames) within UDP packets. Traffic that passes through the underlay physical network is generally independent of the overlay network. That is, the physical devices in the underlay network route the encapsulated packets based on the outer internet protocol (IP) address header. By creating tunnels on the underlay physical network, overlay protocols can decouple a network service (e.g., such as an L2 or layer 3 (L3) service) provided to tenants from the underlying network infrastructure across which the tenants communicate.
Such tunnels are typically created between network endpoints (e.g., virtual tunnel endpoints (VTEPs)) on network virtualization edges (NVEs), which are entities that reside at the boundary of the overlay network. The network facing side of the NVE uses the underlay network (e.g., L3 network) to tunnel tenant frames to and from other NVEs. The tenant facing side of the NVE sends and receives traffic (e.g., L2 traffic, L3 traffic, etc.) to and from different tenant systems connected to one or more virtual networks. An NVE can be implemented as part of a virtual device (e.g., a virtual switch within a hypervisor), physical device (e.g., physical switch or router), a network server appliance, etc.