About
The extended network functions as a single subnet with one broadcast domain, allowing VMs to keep their existing IP addresses even when moved between sites. This enables seamless VM migration across locations, whether on VNI-based or VLAN-based networks. For cloud providers, L2 VPN supports tenant onboarding without IP address changes.
Beyond migration, extending an on-premises network with L2 VPN is valuable for disaster recovery and scaling compute resources during demand spikes.
Preparation
Before using this guide, please ensure these following:
- You are subscribing to Virtual Data Center and access to vCloud Director
- L2 VPN configuration understanding
- Topology or knowledge about the connection you want to established
Guide
This guide is divided into two sections, the first section is for the Server Mode and the second section is for the Client Mode.
Section 1:
On the Server side
Go to your vCloud Director, Edges > L2 VPN
Click New
On the session Mode, chose Server and Next
On the General section, Define Name and Pre-shared Key.
Endpoint Setup:
Local IP: Fill with the IP Public DC
Tunnel Interface CIDR: You may leave this column in blank
Remote IP: Fill with the IP Public Destination
Initiation Mode:- Initiator: Local endpoint initiates tunnel setup and will also respond to incoming tunnel setup requests from the peer gateway.
- Respond Only: Local endpoint shall only respond to incoming tunnel setup requests, it shall not initiate the tunnel setup.
- On Demand: In this mode local endpoint will initiate tunnel creation once first packet matching the policy rule is received, and will also respond to incoming initiation requests.
Choose network that you want to extend
Click Finish
Once L2 VPN created, click COPY PEER CODE for use on the Client side.
Section 2:
On the Client side
Click L2 VPN and New
Choose session mode to Client
Define the L2 VPN name and paste the Peer Code which was previously copied from the Server side
On Endpoint Setup, fill:
Local IP: Fill with the IP Public DC
Remote IP: Fill with the IP Public on Server Side
Checklist the network that you want to extend as on the Server side, and define Tunnel ID. By default tunnel ID start from 1
Click Finish
Test Connection
The screenshot below shows VMs on the different site that uses a network that has been extended using L2 VPN.
Both VMs use the same network segment and can connect to each other.
Another testing