Analysis of the security of a VXLAN network

Abstract: Traditionally, VLANs have been the most suitable solution for connecting computers. This, in line with the increased use of cloud services in recent years, has given rise to problems with scalability and security within VLAN networks, which need to be investigated. An alternative to VLAN is VXLAN, which was created specifically to be able to solve the shortcomings brought about by VLAN and to be able to function within a cloud environment.VXLAN has inherited many of VLAN's shortcomings, which is why this thesis concerns the security aspects within a simulated VXLAN network. This has been carried out by attacking the simulation with well-known attacks such as ARP spoofing, Ping of Death, MAC flooding, UDP flood attack, Time to live expiry attack, ICMP port unreachable and Sockstress. The goal of this thesis was to examine the attacks in terms of effectiveness and how well the proposed countermeasures worked. From the results of the study, it can be stated that the proposed measures did not necessarily have to be complicated in design, but as long as they were well-planned and feasible, the measures could defend the network against most of the attacks used in the study.