Connecting Your Legacy WAN to Cloud is Harder than You Think

Unless you’re working for a cloud-only startup, you’ll always have to connect applications running in a public cloud with existing systems or databases running in a more traditional environment, or connect your users to public cloud workloads.

Public cloud providers love stable and robust solutions, and they took the same approach when implementing their legacy connectivity solutions: you could use routed Ethernet connections or IPsec VPN, and run BGP across them, turning the problem into a well-understood routing problem.

Check out how you can connect your data center to AWS or Azure workloads.

Unfortunately, many customers prefer believing in fairy tales instead of investing in understanding the routing fundamentals, and a plethora of vendors quickly explored that niche market with products implementing GUI-based deployments or stretching layer-2 networks into a public cloud (or not, once you look under the hood).

Connecting your existing legacy WAN infrastructure to a public cloud deployment is even more interesting. Networking- and SD-WAN vendors are more than happy to sell you their products in VM format that you can deploy in any public cloud environment… conveniently forgetting to mention that you cannot implement dynamic routing or first-hop router redundancy protocols in most public clouds. What should be a relatively easy task in a layer-2-happy enterprise environment could quickly turn into Mission Impossible.

Don’t despair: we’ll help you get the job done in our Networking in Public Cloud Deployments online course, with Ed Horley going one step further and explaining how to deploy your workloads in multiple public cloud environments.


  1. I’m looking forward to testing the Arista vEOS Instance in Azure and Amazon... to build VXLAN over IPSEC tunnels back to our Equinix locations. We’ll see how it goes.
Add comment