i have the below query regarding VMware on AWS.
VMC support L2 extension, which means I can extend my on premise network to AWS
Were will be the default gateway for a network when I extend using L2 ? Will it be in on prem or will it be in both
If it is on prem then different vlan communication has to go through my on prem DC
If the DG is both on prem & in AWS, does it mean it uses some thing like Universal logical switch , Universal distributed router functionality using Anycast?
The default gateway will be the T1 (DLR) Router which is distributed across hosts, theyre not appliances like with NSX-V, The T1 router handles east west traffic
Well as the T1 router is distributed across hosts, the DG for a given subnet technically resides on all hosts...
Yes, Its applicable to VMC on AWS. They have to be created via the VMC Cloud console though, not via your on prem vcenter
Gateway (SVI) remains on-prem. Intra-vlan communication within an SDDC stays within the SDDC. Communication to other vlans within the same SDDC must go back on-prem to the gateway unless proximity routing (PR) is enabled. PR is enable first on the vlan, then on VMs. VMs with PR enabled can talk across VLANS within the SDDC without return to the on-prem gateway.
Thanks. Few clarifications.
Based on your explanation with PR, the D.G will be available in both on Prem & SDDC
For ex VLAN 10 : 10.10.10.0/24 & VLAN 20 : 188.8.131.52/24
The above VLAN is available in On Prem. With network extension using HCX the same network will also be available in SDDC (VMC)
The DG for both VLAN 10(10.10.10.1) & 20(184.108.40.206) will be available both on prem & on SDDC
With SDDC Communication:
VMS in VLAN 10 & VMs in VLAN 20 (within SDDC) can communicate with each other using the DG available in SDDC.
This communication will not cross the SDDC
Communication between SDDC & On Prem
VMS in VLAN 10 (On Prem- on prem DG ) & VLAN 20 (SDDC- SDDC DG) has to go through the L2 extension
Let me know if my understanding is right
If you make reference to the "Extending Networks with VMware HCX" here is the right documentation: Extending Networks with VMware HCX
Walkthrough link: HCX Network Extension and Traffic Flow | VMware Cloud on AWS | VMware
If you make reference to L2 VPN with SDDC, here is the right documentation: Configure a Layer 2 VPN and Extended Network Segment
Walkthrough link: Setting up L2 VPN in NSX-T | VMware Cloud on AWS | VMware
Both option are providing the same functionalities: extending an OnPrem subnet to VMC on AWS (Layer 2 VPN).
In addition to the L2 VPN (HCX network extension) HCX is providing more functions:
- HCX IX: allows you to use Migration (Live vMotion, Cold vMotion and Bulk Migration) and HCX DRaaS based on Replication Protocol ()
Here is an video from an old HCX version, but the principle is the same for the new HCX with Service Mesh topology.
Even if both are doing L2 Extension, it's slightly different:
- L2 extension is the way to go, if you just need to get workloads on both side (on premises and cloud) to communicate or eventually doing a VM per VM migration. But you really need to plan this interconnection for workload communication at an app level within same subnet.
- HCX Network extension: HCX main purpose is to migrate with many options (cold migration, hot migration, change VM options like thin/thick disk, VM tools version, virtual hardware...) with the ability to stretch a DVS to the Cloud. So, you have the ability to migrate VMs and keeping same IP, same subnet and eventually unstretch this network once your entire subnet has been migrated if needed to avoid the tromboning effect (default gateway stays at source side).
I hope these explanation helps you to understand the difference between the two. You have to know that both of these are included in VMware Cloud on AWS at no additional costs: virtual appliance are provided within the interface.