
[VXLAN](/vxlan) (Virtual Extensible LAN) encapsulates [Layer 2 frames](/ethernet-frame-types) into [UDP](/udp) datagrams, transforming broadcast domains into [Layer 3](/osi-model) traffic that the underlying physical network perceives only as [IP traffic](/ipv4). Consequently, the [underlay network](/networks-underlay-network) is not aware of the VXLAN's Layer 2 [MAC addresses](/mac-address), effectively mitigating traditional Layer 2 issues such as [loops](/loops-in-layers-2-and-3) and [broadcast storms](/security-broadcast-multicast-storm). VXLAN does not rely on [Spanning Tree Protocol (STP)](/spanning-tree-protocol-stp) for loop prevention, as the network utilizes Layer 3 [routing](/routing).

However, VXLAN introduces other potential sources of loops or storms. [Broadcast, Unknown unicast, and Multicast (BUM) traffic](/network-bum-traffic) are (depending on the implementation) flooded across the VXLAN fabric to all [VTEPs](/vxlan-vtep) (VXLAN Tunnel Endpoints) participating in the same VXLAN segment ([VNIs](/vxlan-vlan-to-vni-mapping)). Incorrect deployment may lead to problems, but mechanisms like split horizon filtering and Designated Forwarders (DFs) help prevent these issues.

Additionally, VXLAN can face [control plane](/network-control-plane) issues, [multicast](/multicast) issues in the underlay, and inherent routing complexities. These are specific to VXLAN operations rather than conventional Layer 2 problems, underscoring the importance of proper VXLAN deployment to minimize network disturbances.

## Links

https://networklessons.com/vxlan/introduction-to-virtual-extensible-lan-vxlan

https://networklessons.com/vxlan/vxlan-flood-and-learn-multicast-data-plane

Traditional Layer 2 Issues in VXLAN Networks

Switching - Media Access Control (MAC) addresses

Switching - Process switching

Switching - backplane

Switching - cut through

Switching - fast switching

Switching - show cable-diagnostics

Switching - store and forward

Switching - switch fabric

Switching - switchport autostate command

Switching

Switchport - IEEE 802.1q

Switchport - ISL

Switchport - show vlan internal usage

Switchport access

Switchport modes

Switchport trunk configuration ignores access commands

Switchport trunk encapsulation

Switchport trunk

Symmetric Digital Subscriber Line (SDSL)

Syslog - Logging buffered command

Syslog - logging discriminator

Syslog - terminal monitor

Syslog relay or proxy

Syslog severity levels

Syslog

TCP - Congestion control

TCP - Determining the MSS

TCP - Header

TCP - SEQ and ACK values

TCP - Slow start

TCP - Three-way handshake

TCP - Urgent pointer field

TCP - Window Size Scaling

TCP - factors affecting segment size

TCP - role of checksum field

TCP IP Model

TCP MSS and window size

TCP RST flag

TCP SYN timeout

TCP header options

TCP phantom byte

TFTP

Tcl Shell

Telnet

Time to live

Time-based Access List (ACL) on Cisco IOS XR

Traceroute - Interpreting output

Traceroute asterisk and !H responses

Transparent Cisco IOS Firewall use cases

Transport Layer port number

Troubleshooting - using Telnet to test transport layer ports

Troubleshooting Route Flapping on Cisco IOS

Troubleshooting a slow network

Troubleshooting high CPU and memory usage on a switch

UDP - Header

UDP - Maximum Datagram Size

Unicast Reverse Path Forwarding (uRPF)

Unicast traffic

Unknown unicast traffic

Upgrade your R&S skills to modern networking

VACL - Changes to ACL are active immediately

VACL - use cases

VACL vs ACL

VLAN - Extended Range

VLAN - Native VLAN best practices

VLAN - Native VLAN on a router on a stick

VLAN - Private VLAN

VLAN - QinQ troubleshooting

VLAN - VLAN IDs 0 and 4095

VLAN Access Lists

VLAN Mapping

VLAN SVI status

VLAN Tag

VLAN Trunk interfaces missing in show vlan output

VLAN control frames

VLAN

VLANs - 802.1Q tunneling (QinQ)

VLANs - Dynamic VLAN membership (VMPS)

VLANs - QinQ and CDP

VLANs - Vlans allowed and active in management domain

VLANs - when a tagged frame arrives on an access port

VLANs SVI

VMware Configuration Maximums

VPN - IKEv2 peer address of 0.0.0.0 0.0.0.0

VPN - Interesting Traffic

VPN - NAT Exemption

VPN - crypto keepalive

VPN - default gateway for site to site VPN

VPN - default gateway of VPN client

VPN - split tunneling

VPN DVTI tunnel source

VRF - Definition mode

VRF - VPNv4 address

VRF Communication and Route Target Configuration

VRF and L2TPv3 Configuration and Interaction

VRF capability vrf-lite command