5.1 Customer On-Premises-to-Hosted Cloud Connectivity
One key VMware Cloud Provider use case is to provide services that enable the end customers to connect their on-premises vSphere implementations to the hosted cloud service.
With VMware NSX, there are several options available to create a common network between the customer and provider.
• IPsec VPN – The consumer can configure an IPsec VPN service from their hosted cloud NSX Edge gateway device that is configured to pair with a third-party VPN endpoint or standalone NSX Edge in the customer’s data center. The VPN connectivity is achieved over L3 connectivity.
• L2VPN – The consumer can create a L2 VPN service from their hosted cloud NSX Edge services gateway device that is configured to pair with a standalone NSX Edge device in the customer’s data center. The L2 VPN stretches the same Layer 2 network between sites.
VMware NSX supports L2VPN connectivity for both VLAN-backed and VXLAN-backed networks as described in the VMware NSX for vSphere Administration Guide – NSX 6.1 for vSphere, and this capability can be leveraged between private and public cloud environments (NSX version 6.1) as shown in the following figures.
Figure 8. VMware NSX L2VPN Using a VLAN/VXLAN-Based Solution
As depicted in the figure, a VMware NSX Edge services gateway must be deployed in the private and public cloud environments. In the case of a VLAN-backed network in the private cloud, a standalone NSX Edge gateway must be used for the end-to-end deployment (edge services gateway is deployed without the entire site being VMware NSX enabled). This allows for the seamless migration of VLAN-based or VXLAN-based workloads between locations.
Figure 9. VMware NSX L2VPN Using VXLAN-to-VXLAN-Based Solution
Note The data center connectivity options can either be self-serviced by the end users or provider managed, depending on the service model offered.
