Cloud computing architectures allow for multi-tenancy. That is, multiple tenants can set up their own logical networks on the cloud. Each logical network can have a unique network identifier. Traditionally, network engineers have used virtual local area networks (VLANs) to isolate applications and tenants in a cloud computing environment but VLAN specifications only allow for up to 4,096 network identifiers to be assigned at any given time, which may not be enough addresses for a large cloud computing environment.
Customers can extend their existing datacenters into the cloud, including L2. To do so, the same set of VLANs that exist on the on premise network may be extended to also exist on the cloud network. When the VLANs of different customers existing on the on premise network are extended into the cloud, there is a possibility that a VLAN of one customer may overlap with VLANs of other customers in the cloud. To ensure that packets of a particular VLAN do not get routed to a VLAN of another customer, customers may establish and utilize tunnels that extend between two tunnel endpoints to allow packets to be transmitted The customers may utilize tunnels that extend between two tunnel endpoints.
A device can serve as an intermediary between a plurality of clients and a plurality of servers. In some embodiments, the device can be configured to establish a client-side connection with a client and a separate server-side connection with a server with which the client wishes to communicate. The device may function as a connection proxying device like a load balancer. In some such embodiments, the device can establish a plurality of client-side connections with a plurality of clients and establish a plurality of server-side connections with a plurality of servers. The device can receive requests from the plurality of clients via the plurality of client-side connections and then transmit the received requests to the plurality of servers via one or more of the server-side connections that are established between the device and the plurality of servers. The device can feed a respective request from a client into the server-side connection to one of the servers. The device can then receive, from the server, a response via the server-side connection and then the device can transmit the response to the client device via the appropriate client-side connection.