Broadcast, unknown-unicast and multicast traffic (BUM traffic)[1] is network traffic transmitted using one of three methods of sending data link layer network traffic to a destination of which the sender does not know the network address. This is achieved by sending the network traffic to multiple destinations on an Ethernet network.[2] As a concept related to computer networking, it includes three types of Ethernet modes: broadcast, unicast and multicast Ethernet. BUM traffic refers to that kind of network traffic that will be forwarded to multiple destinations or that cannot be addressed to the intended destination only.[3] [4]
Broadcast traffic is used to transmit a message to any reachable destination in the network without the need to know any information about the receiving party. When broadcast traffic is received by a network switch it is replicated to all ports within the respective VLAN except the one from which the traffic comes from.[5]
Unknown-unicast traffic happens when a switch receives unicast traffic intended to be delivered to a destination that is not in its forwarding information base. In this case the switch marks the frame for flooding and sends it to all forwarding ports within the respective VLAN. Forwarding this type of traffic can create unnecessary traffic that leads to poor network performance or even a complete loss of network service.[6] This flooding of packets is known as a unicast flooding.[7]
Multicast traffic allows a host to contact a subset of hosts or devices joined into a group. This causes the message to be broadcast when no group management mechanism is present. Flooding BUM frames is required in transparent bridging and in a data center context this does not scale well causing poor performance.
One issue that may arise is that some network devices cannot handle high rates of broadcast, unknown-unicast or multicast traffic. In such cases, it is possible to limit the BUM traffic for specific ports in order to have a control on the number of packets or bytes that are flooded on the VLAN to other devices. This threshold is represented in kilobits per second (kbps), and it can be set for broadcast rate, multicast rate and unknown unicast rate independently.[8] [9]
In the case of unknown-unicast traffic, a security issue may arise. To prevent flooding unknown-unicast traffic across the switch, it is possible to configure the network equipment to divert unknown-unicast traffic to specific trunk interfaces in order to split broadcast coming from different VLANs or to use specific trunk interfaces for multiple VLANs.[10] [11]
The use of VXLAN as overlay technology allows for providing data link layer connectivity services between endpoints that may be deployed across network layer network domains. Since those endpoints are logically part of the same data link layer domain, they must be capable of sending and receiving data link layer multi-destination frames (BUM traffic). BUM traffic can be exchanged across network layer network boundaries by encapsulating it into VXLAN packets addressed to a multicast group, so to leverage the network for traffic replication services.[12] [13]
In Data Plane Learning the broadcast traffic is flooded to multicast group members. In Control Plane Learning addresses are collected and forwarded via BGP. Broadcast traffic is reduced and VXLAN tunnel endpoints (VTEPs) reply to the caller directly.
VXLAN can handle BUM in two ways: Multicast and Head End Replication.
Multicast is the most common approach, and each VXLAN network identifier (VNI) is mapped to a single multicast group, while each multicast group may map to one or more VNIs. When a VTEP comes alive it uses the Internet Group Management Protocol to join the multicast groups for the VNIs it uses. When a VTEP has to send BUM traffic it will send it only to the relevant multicast group. This is a method for VTEP discovery.[14]
Head End Replication is only available if using BGP EVPN. It is less efficient than multicast and does not scale well but it is simpler to implement if you do not have a multicast-enabled infrastructure. In Head End Replication, when BUM arrives, the VTEP creates several unicast packets and sends one to each VTEP that supports the VNI.[15]
Ethernet VPN (EVPN) and Provider Backbone Bridging EVPN (PBB-EVPN) provide Ethernet multipoint services over MPLS networks. In EVPN operations, the Provider Edge (PE) routers automatically discover each other when connected on the same Ethernet segment and select a Designated Forwarder (DF) responsible for forwarding BUM traffic.[16]
In a VXLAN-EVPN, MAC learning occurs via the control plane instead of data plane. Furthermore, it is accepted only traffic from VTEPs whose information is learnt via the control plane, otherwise it is dropped. This presents a secure fabric where traffic will only be forwarded between VTEPs validated by the control plane.[17]