Re: AWS VPC - Region to Region
Posted: Fri Nov 07, 2014 12:15 am
In most cloud environments like AWS, only direct UDP and TCP connections work as expected. L2 bridging, ICMP, and anything with an unusual protocol number is not [reliably] carried by the virtual network.
The best solution is usually:
1. Never change eth0 in a virtual machine hosted at any of the major cloud vendors.
2. Put all VPN traffic through a tap interface created by SoftEther.
When I last checked, neither EC2 nor Azure permitted L3 routing through any gate on the eth0 segment except as specified in the DHCP lease. Azure, in particular, has way more intelligence in its network fabric layer than you might assume, such that it is better to think of eth0 as a fancy emulation instead of a virtual device.
The best solution is usually:
1. Never change eth0 in a virtual machine hosted at any of the major cloud vendors.
2. Put all VPN traffic through a tap interface created by SoftEther.
When I last checked, neither EC2 nor Azure permitted L3 routing through any gate on the eth0 segment except as specified in the DHCP lease. Azure, in particular, has way more intelligence in its network fabric layer than you might assume, such that it is better to think of eth0 as a fancy emulation instead of a virtual device.