Kwizakhiwo zenethiwekhi zanamhlanje, i-VLAN (Virtual Local Area Network) kunye ne-VXLAN (Virtual Extended Local Area Network) zezona teknoloji zimbini zixhaphakileyo ze-network virtualization. Zisenokubonakala zifana, kodwa eneneni kukho umahluko omkhulu.
I-VLAN (Inethiwekhi yeNdawo yeNdawo ebonakalayo)
I-VLAN sisifinyezo se-Virtual Local Area Network (i-Virtual local area network). Yindlela eyahlulahlula izixhobo ezibonakalayo kwi-LAN zibe zii-subnet ezininzi ngokwee-logical relationships. I-VLAN yenzelwe kwiiswitshi zenethiwekhi ukuze yahlule izixhobo zenethiwekhi zibe ngamaqela ahlukeneyo e-logical. Nangona ezi zixhobo zinokuba kwindawo ezahlukeneyo, i-VLAN izenza zibe zezenethiwekhi enye ngokwengqiqo, nto leyo evumela ulawulo oluguquguqukayo kunye nokuzahlula.
Eyona nto iphambili kwitekhnoloji ye-VLAN isekuhlulweni kwee-switch ports. Iiswitshi zilawula ithrafikhi ngokusekelwe kwi-VLAN ID (i-VLAN identifier). Ii-VLAN ids ziqala kwi-1 ukuya kwi-4095 kwaye zihlala ziyi-12 binary digits (oko kukuthi, uluhlu luqala kwi-0 ukuya kwi-4095), oko kuthetha ukuba iswitshi inokuxhasa ukuya kuthi ga kwi-4,096 VLans.
Ukuhamba komsebenzi
○ Ukuchonga i-VLAN: Xa ipakethi ingena kwiswitshi, iswitshi igqiba ukuba ipakethi kufuneka ithunyelwe kweyiphi i-VLAN ngokusekelwe kulwazi lwe-VLAN ID kwipakethi. Ngokwesiqhelo, iprotocol ye-IEEE 802.1Q isetyenziselwa ukuthega i-VLAN kwisakhelo sedatha.
○ I-VLAN Broadcast Domain: I-VLAN nganye yi-domain yokusasaza ezimeleyo. Nokuba ii-VLan ezininzi zikwi-switch efanayo, ukusasaza kwazo kuyahlukanisiwe, nto leyo enciphisa ithrafikhi yokusasaza engeyomfuneko.
○ Ukuthunyelwa Kwedatha: Iswitshi idlulisela phambili ipakethi yedatha kwizibuko elihambelanayo ngokweethegi zeVLAN ezahlukeneyo. Ukuba izixhobo eziphakathi kweeVLan ezahlukeneyo kufuneka zinxibelelane, kufuneka zidluliselwe ngezixhobo zomaleko wesi-3, ezifana nee-routers.
Masithi unenkampani enamasebe amaninzi, ngalinye lisebenzisa i-VLAN eyahlukileyo. Ngokutshintsha, ungahlulahlula zonke izixhobo kwisebe lezemali zibe yi-VLAN 10, ezo zikwisebe lokuthengisa zibe yi-VLAN 20, kwaye ezo zikwisebe lobuchwephesha zibe yi-VLAN 30. Ngale ndlela, uthungelwano phakathi kwamasebe luhlukaniswe ngokupheleleyo.
Iingenelo
○ Ukhuseleko oluPhuculweyo: I-VLAN inokuthintela ngempumelelo ukufikelela okungagunyaziswanga phakathi kwee-VLan ezahlukeneyo ngokwahlulahlula iinkonzo ezahlukeneyo kwiinethiwekhi ezahlukeneyo.
○ Ulawulo lweTrafikhi yeNethiwekhi: Ngokwabela ii-VLans, iziphepho zokusasaza zinokuphetshwa kwaye inethiwekhi inokusebenza kakuhle ngakumbi. Iipakethi zokusasaza ziya kusasazwa kuphela ngaphakathi kwi-VLAN, nto leyo enciphisa ukusetyenziswa kwebhendi.
○ Ukuguquguquka kweNethiwekhi: I-VLAN inokwahlulahlula inethiwekhi ngokweemfuno zeshishini. Umzekelo, izixhobo kwicandelo lezemali zinokunikwa i-VLAN efanayo nokuba zikwimigangatho eyahlukeneyo.
Imida
○ Ubungakanani Bokukhula Okulinganiselweyo: Njengoko ii-VLan zixhomekeke kwiiswitshi zemveli kunye nenkxaso ukuya kuthi ga kwi-4096 VLans, oku kunokuba yingxaki kwiinethiwekhi ezinkulu okanye kwiindawo ezinkulu ezisebenzisa i-virtualized.
○ Ingxaki yoQhagamshelo lwe-Cross-domain: I-VLAN yinethiwekhi yendawo, unxibelelwano lwe-Cross-VLAN kufuneka lwenziwe ngeswitshi okanye i-router enezingqimba ezintathu, nto leyo enokunyusa ubunzima benethiwekhi.
Imeko yesicelo
○ Ukuzahlula kunye noKhuseleko kwiiNethiwekhi zeShishini: Ii-VLan zisetyenziswa kakhulu kwiinethiwekhi zeshishini, ingakumbi kwimibutho emikhulu okanye kwiindawo ezisebenzisana namasebe ahlukeneyo. Ukhuseleko kunye nolawulo lokufikelela kwinethiwekhi kunokuqinisekiswa ngokwahlula amasebe ahlukeneyo okanye iinkqubo zeshishini nge-VLAN. Umzekelo, isebe lezemali lihlala likwi-VLAN eyahlukileyo kwisebe le-R&D ukuze kuthintelwe ukufikelela okungagunyaziswanga.
○ Nciphisa iSaqhwithi soSasazo: I-VLAN inceda ekunciphiseni ithrafikhi yosasazo. Ngokwesiqhelo, iipakethi zosasazo ziya kusasazwa kuyo yonke inethiwekhi, kodwa kwimeko ye-VLAN, ithrafikhi yosasazo iya kusasazwa kuphela ngaphakathi kwi-VLAN, nto leyo enciphisa ngokufanelekileyo umthwalo wenethiwekhi obangelwa sisiphango sosasazo.
○ Inethiwekhi yeNdawo yeNgingqi encinci okanye ephakathi: Kwamanye amashishini amancinci naphakathi, i-VLAN ibonelela ngendlela elula nesebenzayo yokwakha inethiwekhi ehlukaniswe ngokwengqiqo, okwenza ulawulo lwenethiwekhi lube bhetyebhetye ngakumbi.
I-VXLAN (Inethiwekhi yeNdawo yeNdawo eNdelekileyo ebonakalayo)
I-VXLAN (i-Virtual Extensible LAN) yiteknoloji entsha ecetywayo ukusombulula imida ye-VLAN yendabuko kwiziko ledatha elikhulu kunye nendawo ye-virtualization. Isebenzisa iteknoloji ye-encapsulation ukudlulisa iipakethi zedatha ze-layer 2 (L2) ngenethiwekhi ekhoyo ye-Layer 3 (L3), ephula umda we-scalability we-VLAN.
Ngokusebenzisa iteknoloji yokuhambisa i-tunneling kunye nendlela yokufakela i-capsulation, i-VXLAN "isonga" iipakethi zedatha zokuqala ze-layer 2 kwiipakethi zedatha ze-IP ze-layer 3, ukuze iipakethi zedatha zikwazi ukudluliselwa kwinethiwekhi ye-IP ekhoyo. Ingundoqo ye-VXLAN ikwindlela yayo yokufakela i-capsulation kunye ne-unecapsulation, oko kukuthi, isakhelo sedatha se-L2 sendabuko sifakwe i-capsulated yi-UDP protocol kwaye sidluliselwa ngenethiwekhi ye-IP.
Ukuhamba komsebenzi
○ Ukufunxwa kwentloko ye-VXLAN: Ekusetyenzisweni kwe-VXLAN, ipakethi nganye yomaleko wesi-2 iya kufunxwa njengepakethi ye-UDP. Ukufunxwa kwe-VXLAN kuquka: i-VXLAN network identifier (VNI), i-UDP header, i-IP header kunye nolunye ulwazi.
○ Isiphelo seTunnel (VTEP): I-VXLAN isebenzisa itekhnoloji yokuhambisa imijelo kwaye iipakethi zigqunywe kwaye zingagqunywanga ngezixhobo ezimbini zeVTEP. I-VTEP, i-VXLAN Tunnel Endpoint, yibhulorho edibanisa iVLAN kunye neVXLAN. I-VTEP igquma iipakethi ze-L2 ezifunyenweyo njengeepakethi zeVXLAN kwaye izithumela kwindawo ekuyiwa kuyo iVTEP, ethi yona igqume iipakethi ezigqunywe kwiipakethi zokuqala ze-L2.
○ Inkqubo yokuFakela i-VXLAN: Emva kokuncamathisela i-VXLAN header kwipakethi yedatha yokuqala, ipakethi yedatha iya kudluliselwa kwi-VTEP yendawo ngenethiwekhi ye-IP. Indawo ekuyo i-VTEP iyayisusa ipakethi ize iyithumele kwi-receiver echanekileyo ngokusekelwe kulwazi lwe-VNI.
Iingenelo
○ Iyakhula: I-VXLAN ixhasa ukuya kuthi ga kwi-16 yezigidi zeeNethiwekhi ezingabonakaliyo (i-VNI), ngaphezulu kakhulu kune-4096 ye-VLAN, nto leyo eyenza ukuba ifaneleke kwiindawo ezinkulu zedatha nakwiindawo zamafu.
○ Inkxaso yeZiko ledatha eQhelekileyo: I-VXLAN inokwandisa inethiwekhi ebonakalayo phakathi kwamaziko edatha amaninzi kwiindawo ezahlukeneyo zejografi, iphula imida ye-VLAN yendabuko, kwaye ifanelekile kwiindawo zanamhlanje zekhompyutha yelifu kunye ne-virtualization.
○ Yenza lula iNethiwekhi yeZiko leDatha: Nge-VXLAN, izixhobo zehardware ezivela kubavelisi abahlukeneyo zinokusebenzisana, zixhase iindawo eziqesha abantu abaninzi, kwaye zenze lula uyilo lwenethiwekhi yamaziko edatha amakhulu.
Imida
○ Ubunzima Obuphezulu: Uqwalaselo lwe-VXLAN luyinkimbinkimbi, lubandakanya ukufakwa kwe-tunnel, uqwalaselo lwe-VTEP, njl.njl., olufuna inkxaso eyongezelelweyo ye-stack yobugcisa kwaye lonyusa ubunzima bokusebenza nokugcinwa.
○ Ulindelo lweNethiwekhi: Ngenxa yokucubungula okongeziweyo okufunekayo kwinkqubo yokufakela kunye nokukhupha i-capsulation, i-VXLAN inokungenisa ulindelo oluthile lwenethiwekhi, nangona olu lindelo luhlala luncinci, kodwa kusafuneka luqatshelwe kwiimeko ezifuna ukusebenza okuphezulu.
Imeko yesicelo seVXLAN
○ Ukwenziwa kwenethiwekhi yeZiko leDatha: I-VXLAN isetyenziswa kakhulu kumaziko edatha amakhulu. Iiseva kwiziko ledatha zihlala zisebenzisa itekhnoloji yokwenziwa kwe-virtualization, i-VXLAN inokunceda ekudaleni inethiwekhi ebonakalayo phakathi kweeseva ezahlukeneyo ezibonakalayo, iphephe umda we-VLAN ekukhuleni.
○ Indawo yeLifu enabantu abaninzi abaqeshisayo: Kwilifu likarhulumente okanye labucala, i-VXLAN inokubonelela ngenethiwekhi ebonakalayo ezimeleyo kumqeshi ngamnye kwaye ichonge inethiwekhi ebonakalayo yomqeshi ngamnye nge-VNI. Olu phawu lwe-VXLAN lufanelekile kwi-cloud computing yanamhlanje nakwiindawo ezinabantu abaninzi abaqeshisayo.
○ Ukwandisa iNethiwekhi kwiZiko leDatha: I-VXLAN ifanelekile ngokukodwa kwiimeko apho iinethiwekhi ezibonakalayo kufuneka zisasazwe kumaziko edatha amaninzi okanye kwiindawo zejografi. Ngenxa yokuba i-VXLAN isebenzisa iinethiwekhi ze-IP ukuze ifake i-capsulation, iyakwazi ukugubungela ngokulula amaziko edatha ahlukeneyo kunye neendawo zejografi ukuze ifezekise ulwandiso lwenethiwekhi ebonakalayo kwihlabathi liphela.
VLAN vs VxLAN
I-VLAN kunye ne-VXLAN zombini ziiteknoloji ze-network virtualization, kodwa zifanelekile kwiimeko ezahlukeneyo zesicelo. I-VLAN ifanelekile kwindawo yenethiwekhi encinci okanye ephakathi, kwaye inokubonelela ngokwahlulahlula kwenethiwekhi kunye nokhuseleko olusisiseko. Amandla ayo akwindlela elula, ukulula koqwalaselo, kunye nenkxaso ebanzi.
I-VXLAN yitekhnoloji eyenzelwe ukujongana nesidingo sokwandiswa kwenethiwekhi enkulu kwiindawo zanamhlanje zedatha nakwiindawo zokubala ilifu. Amandla e-VXLAN axhomekeke kubuchule bayo bokuxhasa izigidi zeenethiwekhi ezibonakalayo, okwenza ifaneleke ukusasaza iinethiwekhi ezibonakalayo kuzo zonke iindawo zedatha. Idlula umda we-VLAN ekukhuleni, kwaye ifanelekile kuyilo lwenethiwekhi oluntsonkothileyo.
Nangona igama le-VXLAN libonakala ngathi liyi-extension protocol ye-VLAN, eneneni, i-VXLAN yahluke kakhulu kwi-VLAN ngenxa yokukwazi kwayo ukwakha ii-virtual tunnels. Umahluko ophambili phakathi kwazo ngolu hlobo lulandelayo:
Uphawu | I-VLAN | I-VXLAN |
|---|---|---|
| Umgangatho | IEEE 802.1Q | I-RFC 7348 (IETF) |
| Umaleko | Umaleko 2 (Uqhagamshelo lweDatha) | Umaleko 2 phezu komaleko 3 (L2oL3) |
| Ukugquma | Intloko ye-Ethernet ye-802.1Q | I-MAC-in-UDP (ifakwe kwi-IP) |
| Ubungakanani besazisi | Iibhithi ezili-12 (0-4095 iiVLAN) | Iibhithi ezingama-24 (ii-VNI ezili-16.7 lezigidi) |
| Ukukhula | I-Limited (4094 ii-VLAN ezisebenzisekayo) | Iyakwazi ukwandiswa kakhulu (ixhasa amafu aqesha abantu abaninzi) |
| Ukuphathwa koSasazo | Izikhukula zemveli (ngaphakathi kwe-VLAN) | Isebenzisa i-IP multicast okanye i-head-end replication |
| Ngaphezulu | I-tag ye-VLAN ephantsi (iibhayithi ezi-4) | Phezulu (~50 bytes: UDP + IP + VXLAN headers) |
| Ukuzahlula kwiindlela | Ewe (nge-VLAN nganye) | Ewe (ngokwe-VNI) |
| Ukuthuthwa kwetonela | Akukho misele (i-L2 ethe tyaba) | Isebenzisa ii-VTEP (ii-VXLAN Tunnel Endpoints) |
| Iimeko zokusetyenziswa | IiLAN ezincinci/eziphakathi, iinethiwekhi zamashishini | Amaziko edatha e-cloud, i-SDN, i-VMware NSX, i-Cisco ACI |
| Ukuxhomekeka koMthi oSpanning (STP) | Ewe (ukuthintela ii-loops) | Hayi (isebenzisa i-Layer 3 routing, ithintela iingxaki ze-STP) |
| Inkxaso yehardware | Ixhaswa kuzo zonke iiswitshi | Ifuna iiswitshi/iiNIC (okanye iisoftware zeVTEP) ezikwaziyo ukusebenza ngeVXLAN |
| Inkxaso yoHamba | Ilinganiselwe (ngaphakathi kwedomeyini efanayo ye-L2) | Ngcono (ii-VM zinokuhamba kwii-subnet) |
Yintoni enokwenziwa yiMylinking™ Network Packet Broker kwiNetwork Virtual Technology?
I-VLAN iphawulwe, i-VLAN ayifakwanga iphawulwe, i-VLAN ithathelwe indawo:
Ixhase ukufana kwanoma yiyiphi intsimi yesitshixo kwiibhayithi zokuqala ezili-128 zephakethi. Umsebenzisi angenza ngokwezifiso ixabiso le-offset kunye nobude bentsimi yesitshixo kunye nomxholo, aze amisele umgaqo-nkqubo wesiphumo sethrafikhi ngokwendlela yokumisela umsebenzisi.
Ukuhlutywa kweTunnel Encapsulation:
Ixhase i-header ye-VxLAN, VLAN, GRE, GTP, MPLS, IPIP ehluthwe kwiphakheji yedatha yokuqala kwaye ikhuphe imveliso ethunyelweyo.
Ukuchongwa kweProtocol yoThungelwano
Ixhaswa ngokuzenzekela ichonga iiprotokholi ezahlukeneyo ze-tunneling ezifana ne-GTP / GRE / PPTP / L2TP / PPPOE/IPIP. Ngokwesimo somsebenzisi, icebo lokukhupha ithrafikhi linokusetyenziswa ngokwemaleko yangaphakathi okanye yangaphandle ye-tunnel.
Ungajonga apha ukuze ufumane iinkcukacha ezithe vetshe malunga nezinto ezinxulumene nokoUmthengisi wePakethi yeNethiwekhi.
Ixesha leposi: Juni-25-2025
