Before going there, 
What is CNI?
A framework for dynamically configuring network resources is known as a container network interface (CNI), and CANAL is the standard CNI network provider. Particularly written in Go are the CNI libraries. 
The CNI plugin allows you to accept traffic directly to your pods if you're using a sensitive application.
Encapsulated Network
<img src="https://cdn.hashnode.com/res/hashnode/image/upload/v1663053943396/T8fSeAdo_.png" alt="image.png" />
A logical Layer 2 (L2) network is provided by this network model, which is encapsulated over the current Layer 3 (L3) network topology that connects the Kubernetes cluster nodes. With this paradigm, you can have an isolated L2 network for containers without the requirement for routing distribution, all for the small additional cost of processing and larger IP packages, which are brought on by an IP header produced by overlay encapsulation. Kubernetes workers exchange network control plane knowledge about how MAC addresses can be accessible by exchanging encapsulation information over UDP ports. VXLAN, Internet Protocol Security (IPSec), and IP-in-IP are common encapsulations used in this type of network paradigm.
In simple terms, this network model generates a form of network bridge that is stretched between Kubernetes workers, where connected pods are located.
Thank You for reading!!!
Author: <a target="_blank" href="https://www.linkedin.com/in/ravi-shankar-b56286194/">Ravishankar</a>
<a target="_blank" href="https://www.bootlabs.in/">BootLabs</a>


Before going there, 

**What is CNI?**

A framework for dynamically configuring network resources is known as a container network interface (CNI), and CANAL is the standard CNI network provider. Particularly written in Go are the CNI libraries. 
The CNI plugin allows you to accept traffic directly to your pods if you're using a sensitive application.

**Encapsulated Network**



![image.png](https://cdn.hashnode.com/res/hashnode/image/upload/v1663053943396/T8fSeAdo_.png align="left")

A logical Layer 2 (L2) network is provided by this network model, which is encapsulated over the current Layer 3 (L3) network topology that connects the Kubernetes cluster nodes. With this paradigm, you can have an isolated L2 network for containers without the requirement for routing distribution, all for the small additional cost of processing and larger IP packages, which are brought on by an IP header produced by overlay encapsulation. Kubernetes workers exchange network control plane knowledge about how MAC addresses can be accessible by exchanging encapsulation information over UDP ports. VXLAN, Internet Protocol Security (IPSec), and IP-in-IP are common encapsulations used in this type of network paradigm.

In simple terms, this network model generates a form of network bridge that is stretched between Kubernetes workers, where connected pods are located.


Thank You for reading!!!


Author: [Ravishankar](https://www.linkedin.com/in/ravi-shankar-b56286194/)

[BootLabs](https://www.bootlabs.in/)






