Docs / Networking / How to Set Up a VXLAN Overlay Network

How to Set Up a VXLAN Overlay Network

By Admin · Mar 2, 2026 · Updated Apr 24, 2026 · 26 views · 3 min read

How to Set Up a VXLAN Overlay Network

VXLAN (Virtual Extensible LAN) creates Layer 2 overlay networks on top of a Layer 3 infrastructure, enabling you to build flexible virtual networks across multiple Breeze instances. This is essential for multi-tenant environments, container orchestration, and extending broadcast domains across data centers.

How VXLAN Works

VXLAN encapsulates Ethernet frames inside UDP packets (port 4789 by default). Each virtual network is identified by a 24-bit VNI (VXLAN Network Identifier), supporting up to 16 million isolated segments. A VTEP (VXLAN Tunnel Endpoint) handles the encapsulation and decapsulation on each host.

Prerequisites

Ensure your Breeze instances have:

  • Linux kernel 3.12 or later (VXLAN support)
  • The iproute2 package installed
  • UDP port 4789 open between all participating hosts
  • IP connectivity between hosts on the underlay network

Creating a VXLAN Interface (Unicast Mode)

On Breeze Host A (IP: 10.0.0.1), create the VXLAN interface pointing to Host B:

sudo ip link add vxlan100 type vxlan \
    id 100 \
    dstport 4789 \
    remote 10.0.0.2 \
    local 10.0.0.1 \
    dev eth0

sudo ip addr add 192.168.100.1/24 dev vxlan100
sudo ip link set vxlan100 up

On Breeze Host B (IP: 10.0.0.2), create the reciprocal interface:

sudo ip link add vxlan100 type vxlan \
    id 100 \
    dstport 4789 \
    remote 10.0.0.1 \
    local 10.0.0.2 \
    dev eth0

sudo ip addr add 192.168.100.2/24 dev vxlan100
sudo ip link set vxlan100 up

Testing the Overlay

From Host A, ping Host B over the overlay network:

ping -c 4 192.168.100.2

You can verify encapsulation with tcpdump:

sudo tcpdump -i eth0 -n udp port 4789

Multicast-Based VXLAN

For environments with more than two hosts, use multicast instead of unicast to avoid configuring every peer manually:

sudo ip link add vxlan100 type vxlan \
    id 100 \
    dstport 4789 \
    group 239.1.1.1 \
    dev eth0 \
    ttl 10

sudo ip addr add 192.168.100.1/24 dev vxlan100
sudo ip link set vxlan100 up

Bridging VXLAN with Local VMs

To connect local virtual machines to the overlay, bridge the VXLAN interface with a Linux bridge:

sudo ip link add br-vxlan type bridge
sudo ip link set vxlan100 master br-vxlan
sudo ip link set br-vxlan up
sudo ip addr add 192.168.100.1/24 dev br-vxlan

Making Configuration Persistent

Add the configuration to your Netplan or NetworkManager settings so it survives reboots. For Netplan on Ubuntu, create a file in /etc/netplan/ with the appropriate tunnel configuration. For CentOS, use nmcli connection profiles. Always test connectivity after a reboot to confirm persistence on your Breeze instances.

Performance Considerations

VXLAN adds approximately 50 bytes of overhead per packet. Ensure your underlay MTU accommodates this — set the physical interface MTU to at least 1550 if your overlay uses 1500. Enable offloading features where supported:

sudo ethtool -K eth0 tx-udp_tnl-segmentation on
sudo ethtool -K eth0 tx-udp_tnl-csum-segmentation on

Was this article helpful?

Related Articles