What is NVGRE and VXLAN?

- Dec 09, 2020-

Definition of NVGRE

The NVGRE standard was proposed by Microsoft, Arista, Intel, Hewlett-Packard, Dell, and Broadcom. It is a method for network virtualization, providing a large number of virtual local area networks for subnets through encapsulation and tunneling technology. NVGRE fully considers that the virtual local area network can be expanded across distributed data centers and data link layer and network layer, so the virtual local area network provides subnets, so that the multi-tenant and load-balanced network can be shared in the local and cloud environments.

All in all, NVGRE aims to solve a series of problems caused by the inability of virtual local area networks to work in a complex virtualized environment, and to expand network segments when long-distance transmission cannot be carried out in scattered data centers.

Definition of VXLAN

The VXLAN specification was created by Cisco, VMware, Citrix, Red Hat, Arista, Broadcom, etc. It is a network virtualization technology that expands VLAN and aims to solve the current problem of insufficient virtual networks in large data centers. In fact, network engineers have used virtual local area networks to separate cloud applications and tenants in cloud computing data centers, but virtual local area networks only allow up to 4096 network IDs to be allocated at a specific time, which is far from enough for large cloud computing data centers. Therefore VXLAN came into being. VXLAN expands the virtual local area network address space by adding 24-bit segment IDs, thereby increasing the number of available IDs to 16 million. At the same time, it logically separates cloud applications and tenants. The VXLAN segment ID in each frame can distinguish each logical network and network ID of the tenant, so millions of independent layer 2 VXLAN networks can coexist with a common layer 3 infrastructure. For more information about VXLAN, please visit "QinQ vs VLAN vs VXLAN".

What is the difference between NVGRE and VXLAN?

From the above, it can be seen that NVGRE and VXLAN have the same purpose and almost the same actual use, but there are also some differences in the transmission protocol, data packet format, transmission mode, and fragmentation.


The difference in packet format

The packet format is the most obvious difference between VXLAN and NVGRE. The packet header of VXLAN contains a 24-bit ID segment (representing 16 million unique virtual segments), which is usually generated by a pseudo-random algorithm on the UDP port (UDP port is generated by the original MAC Hash in the frame of). This will help ensure load balancing based on 5-tuples, and save the order of data packets between virtual machines (VMs) by mapping the MAC group in the data packet to a unique UDP port group. VXLAN encapsulation expands the size of the data packet to 50 bytes, as shown in the following figure:


Although NVGRE can support 16 million virtual networks like VXLAN, its data packets use the lower 24 bits of the GRE header as the tenant network identifier (TNI). In order to provide a flow describing the granularity of bandwidth utilization, the transmission network needs to use the GRE header, which makes NVGRE incompatible with traditional load balancing. This is also the biggest difference from VXLAN and the biggest disadvantage.

Different transmission methods

VXLAN uses multicast in the transport network to simulate broadcast, unknown unicast, and multicast flooding in the layer 2 segment. This is for MAC address learning and address resolution protocol (ARP) and neighbor discovery in the VXLAN working process Protocol (NDP/ND) and so on are very important. In order to improve load balancing, NVGRE usually uses multiple IP addresses on each NVGRE host to ensure that more traffic can be load balanced. NVGRE no longer needs to rely on flooding and IP multicast for learning, but broadcasts in a more flexible way.


Different transmission protocols

VXLAN uses a standard transmission protocol, namely TCP/UDP protocol; while NVGRE uses a general routing encapsulation protocol, namely GRE protocol. In addition, the former is driven by Cisco and the latter is supported by Microsoft.

The difference in sharding

NVGRE supports the maximum transmission unit of fragmented data packets, which can reduce the size of internal virtual network data packets, without the need for a transmission network to support the transmission of large frames. But VXLAN does not support fragmentation, it needs a transmission network that supports large frames to bear the expansion of the data packet size.


All in all, VXLAN and NVGRE are advanced network virtualization technologies that implement tunneling. They expand the size of virtual networks from 4094 to 16 million, and allow Layer 2 packets to be transmitted on Layer 3 networks, so large data The center usually adds network equipment that supports NVGRE and VXLAN to expand the network. For example, the use of switches that support NVGRE and VXLAN overcomes the limitations of virtual local area networks in large data centers and provides a more agile virtual machine network environment.