Ekwakhiweni kwenethiwekhi yesimanje, i-VLAN (Virtual Local Area Network) kanye ne-VXLAN (Virtual Extended Local Area Network) yizona zobuchwepheshe ezimbili ezivame kakhulu ze-network virtualization. Zingase zibonakale zifana, kodwa empeleni kunezinhlobo eziningi zomehluko obalulekile.
I-VLAN (Inethiwekhi Yendawo Ebonakalayo)
I-VLAN iyisifinyezo se-Virtual Local Area Network (i-Virtual local area network). Iyindlela ehlukanisa amadivayisi angokoqobo ku-LAN abe ama-subnet amaningana ngokuya ngobudlelwano obunengqondo. I-VLAN ihlelwe kuma-switch enethiwekhi ukuze ihlukanise amadivayisi enethiwekhi abe amaqembu ahlukene anengqondo. Ngisho noma lawa madivayisi engase atholakale ezindaweni ezahlukene, i-VLAN iwenza abe yingxenye yenethiwekhi efanayo ngokunengqondo, okwenza kube lula ukuphathwa okuguquguqukayo kanye nokuhlukaniswa.
Ingqikithi yobuchwepheshe be-VLAN isekuhlukanisweni kwama-switch port. Ama-switch aphatha ithrafikhi ngokusekelwe ku-VLAN ID (i-VLAN identifier). Ama-VLAN id asukela ku-1 kuya ku-4095 futhi ngokuvamile ayizinombolo eziyi-12 ze-binary (okungukuthi, ububanzi obusukela ku-0 kuya ku-4095), okusho ukuthi i-switch ingasekela ama-VLan afinyelela ku-4,096.
Ukuhamba komsebenzi
○ Ukuhlonza i-VLAN: Uma iphakethe lingena kuswishi, iswishi inquma ukuthi iphakethe kufanele lidluliselwe kuyiphi i-VLAN ngokusekelwe kulwazi lwe-VLAN ID kuphakethe. Ngokuvamile, iphrothokholi ye-IEEE 802.1Q isetshenziselwa ukumaka ifreyimu yedatha ye-VLAN ku-VLAN.
○ Isizinda Sokusakaza se-VLAN: I-VLAN ngayinye iyisizinda sokusakaza esizimele. Ngisho noma ama-VLan amaningi eshintshana ngokomzimba, ukusakazwa kwawo kuhlukanisiwe, okunciphisa ithrafikhi yokusakaza engadingekile.
○ Ukudlulisela Idatha: Iswishi idlulisela phambili iphakethe ledatha echwebeni elihambisanayo ngokuya ngamathegi e-VLAN ahlukene. Uma amadivayisi aphakathi kwama-VLan ahlukene edinga ukuxhumana, kumele adluliselwe ngamadivayisi esigaba sesi-3, njengama-router.
Ake sithi unenkampani eneminyango eminingi, ngayinye esebenzisa i-VLAN ehlukile. Nge-switch, ungahlukanisa wonke amadivayisi emnyangweni wezezimali abe yi-VLAN 10, lawo asemnyangweni wokuthengisa abe yi-VLAN 20, kanye nalawo asemnyangweni wezobuchwepheshe abe yi-VLAN 30. Ngale ndlela, inethiwekhi phakathi kweminyango ihlukaniswe ngokuphelele.
Izinzuzo
○ Ukuphepha Okuthuthukisiwe: I-VLAN ingavimbela ngempumelelo ukufinyelela okungagunyaziwe phakathi kwama-VLan ahlukene ngokuhlukanisa izinsizakalo ezahlukene kumanethiwekhi ahlukene.
○ Ukuphathwa Kwethrafikhi Yenethiwekhi: Ngokwaba ama-VLan, iziphepho zokusakaza zingagwenywa futhi inethiwekhi ingasebenza kahle kakhulu. Amaphakethe okusakaza azosakazwa kuphela ngaphakathi kwe-VLAN, kunciphisa ukusetshenziswa komkhawulokudonsa.
○ Ukuzivumelanisa Nezimo Kwenethiwekhi: I-VLAN ingahlukanisa inethiwekhi ngendlela eguquguqukayo ngokwezidingo zebhizinisi. Isibonelo, amadivayisi emnyangweni wezezimali angabelwa i-VLAN efanayo noma ngabe atholakala ngokoqobo ezitezi ezihlukene.
Ukulinganiselwa
○ Ukukhuliswa Okulinganiselwe: Njengoba ama-VLan ethembele kumaswishi avamile futhi esekela ama-VLan afinyelela ku-4096, lokhu kungaba yisithiyo kumanethiwekhi amakhulu noma ezindaweni ezinkulu ezisebenza nge-virtual.
○ Inkinga Yokuxhumeka Kwesizinda Esihlukene: I-VLAN iyinethiwekhi yendawo, ukuxhumana kwe-VLAN okuphambene kudinga ukwenziwa ngeswishi noma i-router enezingqimba ezintathu, okungase kwandise ubunzima benethiwekhi.
Isimo Sesicelo
○ Ukuhlukaniswa Nokuvikeleka Kumanethiwekhi Ebhizinisi: Ama-VLan asetshenziswa kabanzi kumanethiwekhi ebhizinisi, ikakhulukazi ezinhlanganweni ezinkulu noma ezindaweni ezihlanganisa iminyango ehlukene. Ukuphepha nokulawula ukufinyelela kwenethiwekhi kungaqinisekiswa ngokuhlukanisa iminyango ehlukene noma izinhlelo zebhizinisi nge-VLAN. Isibonelo, umnyango wezezimali uvame ukuba se-VLAN ehlukile kumnyango we-R&D ukuze kugwenywe ukufinyelela okungagunyaziwe.
○ Nciphisa Isiphepho Sokusakaza: I-VLAN isiza ukunciphisa ithrafikhi yokusakaza. Ngokuvamile, amaphakethe okusakaza azosakazwa kuyo yonke inethiwekhi, kodwa endaweni ye-VLAN, ithrafikhi yokusakaza izosakazwa kuphela ngaphakathi kwe-VLAN, okunciphisa ngempumelelo umthwalo wenethiwekhi obangelwa isiphepho sokusakaza.
○ Inethiwekhi Yendawo Encane Noma Ephakathi: Kwamanye amabhizinisi amancane naphakathi, i-VLAN inikeza indlela elula nephumelelayo yokwakha inethiwekhi ehlukanisiwe ngokunengqondo, okwenza ukuphathwa kwenethiwekhi kube lula.
I-VXLAN (Inethiwekhi Yendawo Enwetshiwe Ebonakalayo)
I-VXLAN (i-Virtual Extensible LAN) ubuchwepheshe obusha obuhlongozwayo ukuxazulula imikhawulo ye-VLAN yendabuko endaweni enkulu yedatha kanye nendawo ye-virtualization. Isebenzisa ubuchwepheshe be-encapsulation ukudlulisa amaphakethe edatha engqimba 2 (L2) ngenethiwekhi ekhona ye-Layer 3 (L3), ephula umkhawulo wokukhula kwe-VLAN.
Ngobuchwepheshe bokuthungela kanye nendlela yokufaka i-capsulation, i-VXLAN "isonga" amaphakethe edatha okuqala engqimba 2 kumaphakethe edatha e-IP engqimba 3, ukuze amaphakethe edatha akwazi ukudluliselwa kunethiwekhi ye-IP ekhona. Ingqikithi ye-VXLAN isekufakweni kwayo kwe-capsulation kanye ne-unecapsulation, okungukuthi, uhlaka lwedatha lwendabuko lwe-L2 lufakwe i-capsulation ngephrothokholi ye-UDP futhi ludluliselwa ngenethiwekhi ye-IP.
Ukuhamba komsebenzi
○ Ukufinyezwa Kwekhanda Le-VXLAN: Ekusetshenzisweni kwe-VXLAN, iphakethe ngalinye lesendlalelo 2 lizofinyezwa njengephakethe le-UDP. Ukufinyezwa kwe-VXLAN kuhlanganisa: Isihlonzi senethiwekhi ye-VXLAN (VNI), inhloko ye-UDP, inhloko ye-IP kanye nolunye ulwazi.
○ I-Tunnel Terminal (VTEP): I-VXLAN isebenzisa ubuchwepheshe bokuhudula futhi amaphakethe ahlanganiswe futhi angahlanganiswa ngamadivayisi amabili e-VTEP. I-VTEP, i-VXLAN Tunnel Endpoint, ibhuloho elixhumanisa i-VLAN ne-VXLAN. I-VTEP ihlanganisa amaphakethe e-L2 atholiwe njengamaphakethe e-VXLAN bese iwathumela endaweni oya kuyo i-VTEP, okuthi kamuva ihlukanise amaphakethe ahlanganisiwe kumaphakethe okuqala e-L2.
○ Inqubo Yokufaka I-VXLAN: Ngemva kokunamathisela i-VXLAN header kuphakethe ledatha lokuqala, iphakethe ledatha lizodluliselwa ku-VTEP yendawo ngenethiwekhi ye-IP. I-VTEP yendawo iyayihlukanisa iphakethe bese iyithumela kumukeli ofanele ngokusekelwe kulwazi lwe-VNI.
Izinzuzo
○ Iyakhula: I-VXLAN isekela amaNethiwekhi abonakalayo afinyelela ku-16 million (VNI), okungaphezu kakhulu kwezihlonzi ze-VLAN ezingu-4096, okwenza kube kuhle kakhulu ezikhungweni zedatha ezinkulu kanye nasezindaweni zamafu.
○ Ukusekelwa Kwesikhungo Sedatha Ehlukahlukene: I-VXLAN inganweba inethiwekhi ebonakalayo phakathi kwezikhungo zedatha eziningi ezindaweni ezahlukene zezwe, yephule imikhawulo ye-VLAN yendabuko, futhi ifanelekela izindawo zesimanje zokubala amafu kanye nokwenza i-virtualization.
○ Yenza Inethiwekhi Yesikhungo Sedatha Ibe Lula: Nge-VXLAN, amadivayisi ehadiwe avela kubakhiqizi abahlukene angasebenzisana, asekele izindawo eziqasha abantu abaningi, futhi enze lula ukwakheka kwenethiwekhi yezikhungo zedatha ezinkulu.
Ukulinganiselwa
○ Ubunzima Obuphezulu: Ukucushwa kwe-VXLAN kuyinkimbinkimbi kakhulu, okubandakanya ukufakwa kwe-tunnel, ukucushwa kwe-VTEP, njll., okudinga ukwesekwa okwengeziwe kwe-technical stack futhi kwandisa ubunzima bokusebenza nokugcinwa.
○ Ukubambezeleka Kwenethiwekhi: Ngenxa yokucubungula okwengeziwe okudingekayo ngenqubo yokufaka i-capsulation kanye ne-unecapsulation, i-VXLAN ingase ingenise ukubambezeleka kwenethiwekhi, yize lokhu kubambezeleka kuvame ukuba kuncane, kodwa kusadingeka kuqashelwe ezindaweni ezidinga ukusebenza okuphezulu.
Isimo Sesicelo se-VXLAN
○ Ukwenziwa Kwenethiwekhi Yesikhungo Sedatha: I-VXLAN isetshenziswa kabanzi ezikhungweni zedatha ezinkulu. Amaseva esikhungweni sedatha avame ukusebenzisa ubuchwepheshe bokwenziwa kwe-virtualization, i-VXLAN ingasiza ekudaleni inethiwekhi ebonakalayo phakathi kwamaseva ahlukene angokwenyama, igweme ukukhawulelwa kwe-VLAN ekukhuleni.
○ Indawo Yamafu Enabantu Abaningi Abaqashayo: Efwini lomphakathi noma eliyimfihlo, i-VXLAN ingahlinzeka ngenethiwekhi ebonakalayo ezimele yomqashi ngamunye futhi ihlonze inethiwekhi ebonakalayo yomqashi ngamunye nge-VNI. Lesi sici se-VXLAN sifaneleka kahle kuma-cloud computing anamuhla kanye nasezindaweni ezinabantu abaningi abaqashayo.
○ Ukwenyuka Kwenethiwekhi Kuzo Zonke Izikhungo Zedatha: I-VXLAN ifaneleka kakhulu ezimweni lapho amanethiwekhi abonakalayo kudingeka asetshenziswe kuzo zonke izikhungo zedatha noma izindawo eziningi. Ngenxa yokuthi i-VXLAN isebenzisa amanethiwekhi e-IP ukuze ihlanganise, iyakwazi ukusabalala kalula izikhungo zedatha ezahlukene nezindawo zezwe ukuze ifinyelele ukwanda kwenethiwekhi engokoqobo emhlabeni jikelele.
I-VLAN vs VxLAN
I-VLAN kanye ne-VXLAN zombili ubuchwepheshe bokubuka inethiwekhi, kodwa zilungele izimo ezahlukene zohlelo lokusebenza. I-VLAN ifanelekela indawo yenethiwekhi encane noma ephakathi, futhi ingahlinzeka ngokuhlukaniswa kwenethiwekhi okuyisisekelo kanye nokuphepha. Amandla ayo asebulula bayo, ukulula kokucushwa, kanye nokusekelwa okubanzi.
I-VXLAN ubuchwepheshe obuklanyelwe ukubhekana nesidingo sokwandiswa kwenethiwekhi enkulu ezindaweni zedatha zanamuhla kanye nasezindaweni zokubala amafu. Amandla e-VXLAN asemandleni ayo okusekela izigidi zamanethiwekhi abonakalayo, okwenza ifaneleke ukufaka amanethiwekhi abonakalayo kuzo zonke izikhungo zedatha. Idlula umkhawulo we-VLAN ekukhuleni, futhi ifanele ukwakhiwa kwenethiwekhi okuyinkimbinkimbi kakhulu.
Nakuba igama le-VXLAN libonakala liyiphrothokholi yokwandisa i-VLAN, empeleni, i-VXLAN ibilokhu ihluke kakhulu ku-VLAN ngekhono layo lokwakha imigudu ebonakalayo. Umehluko omkhulu phakathi kwayo umi kanje:
Isici | I-VLAN | I-VXLAN |
|---|---|---|
| Okujwayelekile | I-IEEE 802.1Q | I-RFC 7348 (IETF) |
| Isendlalelo | Isendlalelo 2 (Isixhumanisi Sedatha) | Isendlalelo 2 phezu kwesendlalelo 3 (L2oL3) |
| Ukufakwa kwe-encapsulation | Isihloko se-Ethernet esingu-802.1Q | I-MAC-in-UDP (ifakwe ku-IP) |
| Usayizi Womazisi | Ama-bit angu-12 (ama-VLAN angu-0-4095) | Ama-bit angu-24 (ama-VNI ayizigidi ezingu-16.7) |
| Ukusabalala | Kunqunyelwe (ama-VLAN angu-4094 angasetshenziswa) | Ingakhuliswa kakhulu (isekela amafu aqasha abantu abaningi) |
| Ukuphathwa Kokusakaza | Izikhukhula zendabuko (ngaphakathi kwe-VLAN) | Isebenzisa i-IP multicast noma i-head-end replication |
| Ngaphezulu | Ithegi ye-VLAN ephansi (4-byte) | Okuphezulu (~50 bytes: UDP + IP + VXLAN headers) |
| Ukuhlukaniswa Kwethrafikhi | Yebo (ngokwe-VLAN ngayinye) | Yebo (ngokwe-VNI) |
| Ukuthungatha | Akukho ukugoba (i-L2 eyisicaba) | Isebenzisa ama-VTEP (ama-VXLAN Tunnel Endpoints) |
| Amakesi Okusetshenziswa | Ama-LAN amancane/aphakathi, amanethiwekhi ebhizinisi | Izikhungo zedatha yamafu, i-SDN, i-VMware NSX, i-Cisco ACI |
| Ukuthembela Kwesihlahla Esibanzi (STP) | Yebo (ukuvimbela izihibe) | Cha (isebenzisa umzila we-Layer 3, igwema izinkinga ze-STP) |
| Ukusekelwa Kwehadiwe | Kusekelwa kuzo zonke izinkinobho | Kudinga amaswishi/ama-NIC anekhono le-VXLAN (noma ama-VTEP esofthiwe) |
| Usekelo Lokuhamba | Kunqunyelwe (ngaphakathi kwesizinda esifanayo se-L2) | Kungcono (ama-VM angahamba ngokusebenzisa ama-subnet) |
Yini umthengisi we-Mylinking™ Network Packet angayenza kubuchwepheshe be-Network Virtual?
I-VLAN Ithegiwe, I-VLAN Ayinamathegiwe, I-VLAN Ithathelwe indawo:
Kusekelwe ukufana kwanoma iyiphi insimu yokhiye kuma-byte okuqala angu-128 ephakethe. Umsebenzisi angenza ngokwezifiso inani le-offset kanye nobude bensimu yokhiye kanye nokuqukethwe, futhi anqume inqubomgomo yokukhipha ithrafikhi ngokuya ngokucushwa komsebenzisi.
Ukuhlubula i-Tunnel Encapsulation:
Kusekelwe i-VxLAN, VLAN, GRE, GTP, MPLS, IPIP header ekhishwe kuphakethe ledatha lokuqala kanye nomphumela odluliselwe.
Ukuhlonza Iphrothokholi Yokuthungela Umhubhe
Isekelwa ikhomba ngokuzenzakalelayo izinqubo ezahlukahlukene zokuhambisa imihubhe njenge-GTP / GRE / PPTP / L2TP / PPPOE/IPIP. Ngokusho kokucushwa komsebenzisi, isu lokukhipha ithrafikhi lingasetshenziswa ngokuya ngesendlalelo sangaphakathi noma sangaphandle somhubhe.
Ungahlola lapha ukuthola imininingwane eyengeziwe mayelana nalokhu okuhlobeneUmthengisi Wephakethe Lenethiwekhi.
Isikhathi sokuthunyelwe: Juni-25-2025
