Ekwakhiweni kwenethiwekhi yesimanje, i-VLAN (i-Virtual Local Area Network) kanye ne-VXLAN (I-Virtual Extended Local Area Network) ubuchwepheshe obubili obuvame kakhulu benethiwekhi. Zingase zibonakale zifana, kodwa empeleni kukhona umehluko omkhulu obalulekile.
I-VLAN (Inethiwekhi yendawo yendawo ebonakalayo)
I-VLAN isifinyezo se-Virtual Local Area Network (Inethiwekhi yendawo yendawo ebonakalayo). Kuyindlela ehlukanisa amathuluzi aphathekayo ku-LAN abe ama-subnet ambalwa ngokuya ngobudlelwano obunengqondo. I-VLAN ilungiselelwe ekushintsheni kwenethiwekhi ukuze ihlukanise amadivayisi enethiwekhi abe amaqembu anengqondo ahlukene. Ngisho noma lawa madivayisi atholakala ngokoqobo ezindaweni ezihlukene, i-VLAN iwavumela ukuthi abe awenethiwekhi efanayo, okuvumela ukuphathwa okuguquguqukayo nokuzihlukanisa.
Umnyombo wobuchwepheshe be-VLAN usekuhlukaniseni amachweba okushintsha. Amaswishi alawula ithrafikhi ngokusekelwe ku-VLAN ID (isihlonzi se-VLAN). Ama-id e-VLAN asukela ku-1 kuye ku-4095 futhi ngokuvamile angamadijithi kanambambili angu-12 (okungukuthi, ububanzi obungu-0 kuye ku-4095), okusho ukuthi iswishi ingasekela ama-VLans afika kwangu-4,096.
Ukuhamba komsebenzi
○ I-VLAN Identification: Uma iphakethe lifaka iswishi, iswishi inquma ukuthi iphakethe kufanele lidluliselwe kuyiphi i-VLAN ngokusekelwe olwazini lwe-VLAN ID ephaketheni. Ngokuvamile, iphrothokholi ye-IEEE 802.1Q isetshenziselwa ukumaka i-VLAN kuhlaka lwedatha.
○ Isizinda Sokusakaza Se-VLAN: I-VLAN ngayinye iyisizinda sokusakaza esizimele. Ngisho noma ama-VLans amaningi eshintshwayo efanayo, ukusakazwa kwawo kuhlukanisiwe, kunciphisa ithrafikhi yokusakaza engadingekile.
○ Ukudluliselwa Kwedatha: Iswishi idlulisela phambili iphakethe ledatha endaweni ehambisanayo ngokuya komaki abahlukene be-VLAN. Uma amadivaysi phakathi kwama-VLans ahlukene edinga ukuxhumana, kufanele adluliselwe ngamadivayisi we-Layer 3, njengamarutha.
Ake sithi unenkampani eneminyango eminingi, ngamunye esebenzisa i-VLAN ehlukile. Ngokushintsha, ungahlukanisa wonke amadivaysi emnyangweni wezezimali abe yi-VLAN 10, lawo asemnyangweni wezentengiso abe yi-VLAN 20, nalawo asemnyangweni wezobuchwepheshe abe yi-VLAN 30. Ngale ndlela, inethiwekhi phakathi kweminyango ihlukaniswe ngokuphelele.
Izinzuzo
○ Ukuvikeleka Okuthuthukisiwe: I-VLAN ingavimbela ngempumelelo ukufinyelela okungagunyaziwe phakathi kwama-VLans ahlukene ngokuhlukanisa izinsiza ezihlukene zibe amanethiwekhi ahlukene.
○ Ukuphathwa Kwethrafikhi Yenethiwekhi: Ngokwaba ama-VLans, iziphepho zokusakaza zingagwenywa futhi inethiwekhi ingasebenza kahle kakhulu. Amaphakethe okusakaza azosakazwa kuphela ngaphakathi kwe-VLAN, kunciphisa ukusetshenziswa komkhawulokudonsa.
○ Inethiwekhi Evumelana nezimo: I-VLAN ingahlukanisa kalula inethiwekhi ngokwezidingo zebhizinisi. Isibonelo, amadivaysi emnyangweni wezezimali anganikezwa i-VLAN efanayo ngisho noma akhiwe ngokoqobo ezitezi ezahlukene.
Ukulinganiselwa
○ Ukukala Okukhawulelwe: Njengoba ama-VLans athembele ekushintsheni okuvamile futhi asekele kufika ku-4096 VLans, lokhu kungase kube isithiyo kumanethiwekhi amakhulu noma izindawo ezinkulu ezenziwe nge-virtual.
○ Inkinga Yokuxhumanisa Kwesizinda Esiphambene: I-VLAN iyinethiwekhi yendawo, ukuxhumana kwe-VLAN okuphambene kudinga ukwenziwa ngeswishi yesendlalelo ezintathu noma umzila, okungase kwenyuse ubunkimbinkimbi benethiwekhi.
Isicelo Scenario
○ Ukuzihlukanisa Nokuphepha Kunethiwekhi Yebhizinisi: Ama-VLans asetshenziswa kakhulu kumanethiwekhi ezinkampani, ikakhulukazi ezinhlanganweni ezinkulu noma ezindaweni ezihlukene phakathi kweminyango. Ukuphepha nokulawula ukufinyelela kwenethiwekhi kungaqinisekiswa ngokuhlukanisa iminyango ehlukene noma izinhlelo zebhizinisi nge-VLAN. Isibonelo, umnyango wezezimali ngokuvamile uzoba ku-VLAN ehlukile kunomnyango we-R&D ukuze ugweme ukufinyelela okungagunyaziwe.
○ Yehlisa Isiphepho Sokusakaza: I-VLAN isiza ukukhawulela ithrafikhi yokusakaza. Ngokuvamile, amaphakethe okusakaza azosakazwa kuyo yonke inethiwekhi, kodwa endaweni ye-VLAN, ithrafikhi yokusakaza izosakazwa kuphela ngaphakathi kwe-VLAN, okunciphisa ngokuphumelelayo umthwalo wenethiwekhi obangelwa isiphepho sokusakaza.
○ Inethiwekhi Yendawo Encane noma Emaphakathi: Kwamanye amabhizinisi amancane naphakathi nendawo, i-VLAN ihlinzeka ngendlela elula nesebenzayo yokwakha inethiwekhi ehlukanisiwe enengqondo, okwenza ukuphathwa kwenethiwekhi kube nezimo kakhulu.
I-VXLAN (Inethiwekhi Yendawo Enwetshiwe Ebonakalayo)
I-VXLAN (i-Virtual Extensible LAN) ubuchwepheshe obusha obuhlongozwayo ukuze kuxazululwe imikhawulo ye-VLAN yendabuko esikhungweni sedatha esikhulu kanye nemvelo yokwenza izinto ezibonakalayo. Isebenzisa ubuchwepheshe be-encapsulation ukuze idlulise amaphakethe edatha yesendlalelo sesi-2 (L2) ngenethiwekhi ekhona ye-Layer 3 (L3), enqamula umkhawulo wokukala we-VLAN.
Ngokusebenzisa ubuchwepheshe bokudonsa kanye ne-encapsulation mechanism, i-VXLAN "isonga" ungqimba lwangempela lwamaphakethe wedatha engu-2 kumaphakethe wedatha we-IP ungqimba 3, ukuze amaphakethe wedatha adluliselwe kunethiwekhi ye-IP ekhona. Umnyombo we-VXLAN ulele endleleni yayo yokuhlanganisa kanye ne-uncapsulation, okungukuthi, ifreyimu yedatha ye-L2 yendabuko ihlanganiswe iphrothokholi ye-UDP futhi idluliswa ngenethiwekhi ye-IP.
Ukuhamba komsebenzi
○ I-VXLAN Header Encapsulation: Ekusetshenzisweni kwe-VXLAN, iphakethe ngalinye lesendlalelo 2 lizofakwa njengephakethe le-UDP. I-VXLAN encapsulation ihlanganisa: Isihlonzi senethiwekhi ye-VXLAN (VNI), unhlokweni we-UDP, unhlokweni we-IP nolunye ulwazi.
○ I-Tunnel Terminal (VTEP) : I-VXLAN isebenzisa ubuchwepheshe bomhubhe futhi amaphakethe ahlanganiswe futhi angahlanganiswa ngepheya lamadivayisi e-VTEP. I-VTEP, i-VXLAN Tunnel Endpoint, ibhuloho elixhuma i-VLAN ne-VXLAN. I-VTEP ihlanganisa amaphakethe e-L2 atholiwe njengamaphakethe e-VXLAN futhi iwathumela endaweni okuyiwa kuyo i-VTEP, yona ehlanganisa amaphakethe ahlanganisiwe ibe amaphakethe e-L2 okuqala.
○ Inqubo Yokuhlanganisa Ye-VXLAN: Ngemva kokunamathisela unhlokweni we-VXLAN kuphakethe ledatha langempela, iphakethe ledatha lizodluliselwa endaweni okuyiwa kuyo i-VTEP ngenethiwekhi ye-IP. Indawo okuyiwa kuyo i-VTEP isusa iphakethe bese ilidlulisela kumamukeli ofanele ngokusekelwe olwazini lwe-VNI.
Izinzuzo
○ Iyabekeka: I-VXLAN isekela amanethiwekhi abonakalayo (VNI) afika ezigidini ezingu-16, okungaphezulu kakhulu kwezihlonzi ze-VLAN's 4096, okuyenza ilungele izikhungo zedatha yesilinganiso esikhulu nezindawo zamafu.
○ Usekelo Lwesikhungo Sedatha Ehlukahlukene: I-VXLAN inganweba inethiwekhi ebonakalayo phakathi kwezikhungo zedatha eziningi ezindaweni ezihlukene zezwe, yephule imikhawulo ye-VLAN evamile, futhi ifanelekela izindawo zesimanje zekhompuyutha yamafu kanye nokwenza izinto ezibonakalayo.
○ Inethiwekhi Yesikhungo Sedatha Enze Lula: Nge-VXLAN, izisetshenziswa zehadiwe ezivela kubakhiqizi abahlukene zingasebenzisana, zisekele izindawo eziqasha abantu abaningi, futhi zenze ukwakheka kwenethiwekhi kube lula kwezikhungo zedatha ezinkulu.
Ukulinganiselwa
○ Ukuba yinkimbinkimbi Okuphezulu: Ukumiswa kwe-VXLAN kuyinkimbinkimbi uma kuqhathaniswa, okuhlanganisa ukuhlanganisa umhubhe, ukumiswa kwe-VTEP, njll., okudinga ukwesekwa okwengeziwe kwesitaki sobuchwepheshe futhi kukhuphule ubunkimbinkimbi bokusebenza nokunakekelwa.
○ Ukubambezeleka Kwenethiwekhi: Ngenxa yokucutshungulwa okwengeziwe okudingwa inqubo yokuhlanganisa kanye ne-uncapsulation, i-VXLAN ingase yethule ukubambezeleka kwenethiwekhi, nakuba lokhu kubambezeleka kuvamise ukuba kuncane, kodwa kusadinga ukuqashelwa ezindaweni ezidinga ukusebenza okuphezulu.
I-VXLAN Application Scenario
○ I-Virtualization Yenethiwekhi Yesikhungo Sedatha: I-VXLAN isetshenziswa kabanzi kuzikhungo zedatha ezinkulu. Amaseva esikhungweni sedatha ngokuvamile asebenzisa ubuchwepheshe be-virtualization, i-VXLAN ingasiza ekudaleni inethiwekhi ebonakalayo phakathi kwamaseva ahlukahlukene angokwenyama, ukugwema ukukhawulelwa kwe-VLAN ku-scalability.
○ Imvelo Yamafu Eqashile: Efwini lomphakathi noma eliyimfihlo, i-VXLAN ingahlinzeka ngenethiwekhi ezimele ezimele yesiqashi ngasinye futhi ikhombe inethiwekhi ebonakalayo yomqashi ngamunye nge-VNI. Lesi sici se-VXLAN siyifanele kahle i-cloud computing yesimanje kanye nezindawo eziqashe abantu abaningi.
○ Ukukala Kwenethiwekhi Kuzo Zonke Izikhungo Zedatha: I-VXLAN ifaneleka ngokukhethekile izimo lapho amanethiwekhi abonakalayo adinga ukusetshenziswa kuzo zonke izikhungo zedatha eziningi noma izindawo. Ngenxa yokuthi i-VXLAN isebenzisa amanethiwekhi e-IP ukuze ihlanganise, ikwazi ukuhlanganisa kalula izikhungo zedatha ezihlukene kanye nezindawo zendawo ukuze kuzuzwe ukunwetshwa kwenethiwekhi okubonakalayo esikalini somhlaba.
I-VLAN vs VxLAN
I-VLAN ne-VXLAN zombili ubuchwepheshe be-virtualization yenethiwekhi, kodwa bufanele izimo ezihlukene zohlelo lokusebenza. I-VLAN ifanele indawo yenethiwekhi yesikali esincane noma esimaphakathi, futhi inganikeza ukuhlukaniswa kwenethiwekhi okuyisisekelo nokuvikeleka. Amandla ayo alele ekululameni kwayo, ukumisa kalula, nokusekelwa okubanzi.
I-VXLAN ubuchwepheshe obuklanyelwe ukubhekana nesidingo sokunwetshwa kwenethiwekhi ngezinga elikhulu ezikhungweni zedatha zesimanje nasezindaweni zekhompuyutha yamafu. Amandla e-VXLAN asemandleni ayo okusekela izigidi zamanethiwekhi abonakalayo, okuyenza ifanelekele ukuthunyelwa kwamanethiwekhi abonakalayo kuzo zonke izikhungo zedatha. Inqamula umkhawulo we-VLAN ekukhuleni, futhi ilungele ukwakhiwa kwenethiwekhi okuyinkimbinkimbi.
Nakuba igama le-VXLAN libonakala liyiphrothokholi enwetshiwe ye-VLAN, empeleni, i-VXLAN ihluke kakhulu ku-VLAN ngekhono layo lokwakha amathaneli abonakalayo. Umehluko omkhulu phakathi kwabo umi kanje:
Isici | I-VLAN | I-VXLAN |
|---|---|---|
| Okujwayelekile | IEEE 802.1Q | I-RFC 7348 (IETF) |
| Isendlalelo | Isendlalelo 2 (Isixhumanisi Sedatha) | Isendlalelo 2 phezu kweLayer 3 (L2oL3) |
| I-Ecapsulation | 802.1Q Ethernet unhlokweni | I-MAC-in-UDP (ifakwe ku-IP) |
| Usayizi we-ID | 12-bit (0-4095 VLANs) | 24-bit (16.7 million VNIs) |
| I-Scalability | Okukhawulelwe (ama-VLAN angama-4094 asebenzisekayo) | I-scalable kakhulu (isekela amafu abaqashile abaningi) |
| Ukuphatha Ukusakaza | Izikhukhula zendabuko (ngaphakathi kwe-VLAN) | Isebenzisa i-IP multicast noma i-head-end replication |
| Okuphezulu | Phansi (4-byte VLAN tag) | Phezulu (~50 bytes: Izihloko ze-UDP + IP + VXLAN) |
| Ukuhlukaniswa Kwethrafikhi | Yebo (nge-VLAN ngayinye) | Yebo (nge-VNI ngayinye) |
| Umhubhe | Akukho umhubhe (flat L2) | Isebenzisa ama-VTEPs (VXLAN Tunnel Endpoints) |
| Sebenzisa Amacala | Ama-LAN amancane/amaphakathi, amanethiwekhi ebhizinisi | Izikhungo zedatha yamafu, i-SDN, i-VMware NSX, i-Cisco ACI |
| Ukuncika Kwesihlahla Esinqamulayo (STP). | Yebo (ukuvimbela amaluphu) | Cha (isebenzisa umzila we-Layer 3, igwema izinkinga ze-STP) |
| Usekelo Lwezingxenyekazi zekhompuyutha | Isekelwa kuwo wonke amaswishi | Idinga ama-switch/NIC anamandla e-VXLAN (noma ama-VTEP esofthiwe) |
| Ukusekela Ukuhamba | Kunomkhawulo (ngaphakathi kwesizinda esifanayo se-L2) | Kungcono (ama-VM angahamba kuwo wonke ama-subnet) |
Yini i-Mylinking™ Network Packet Broker engayenza ku-Network Virtual Technology?
I-VLAN Emakiwe, I-VLAN Ayifakwanga, I-VLAN Ishintshiwe:
Kusekelwe ukufaniswa kwanoma iyiphi inkambu yokhiye kumabhayithi okuqala angu-128 ephaketheni. Umsebenzisi angenza ngendlela oyifisayo inani le-offset kanye nobude benkambu yokhiye nokuqukethwe, futhi anqume inqubomgomo yokuphuma kwethrafikhi ngokuya ngokucushwa komsebenzisi.
I-Tunnel Encapsulation Stripping:
Kusekelwe i-VxLAN, VLAN, GRE, GTP, MPLS, IPIP unhlokweni ohlutshiwe ephaketheni ledatha langempela kanye nokuphumayo okudluliselwa phambili.
I-Tunneling Protocol Identification
Isekelwa ukukhomba ngokuzenzakalelayo izivumelwano zokuhubhela ezihlukahlukene njenge-GTP/GRE/PPTP/L2TP/PPPOE/IPIP. Ngokuvumelana nokucushwa komsebenzisi, isu lokuphuma kwethrafikhi lingasetshenziswa ngokuya ngongqimba lwangaphakathi noma lwangaphandle lomhubhe.
Ungahlola lapha ukuze uthole imininingwane eyengeziwe mayelana nokuhlobeneI-Network Packet Broker.
Isikhathi sokuthumela: Jun-25-2025
