I don’t think that I’ve understood how a L2 VPN actually works. Whenever I ask someone about it they always answer that an L2 VPN works at layer 2 (frame) of the OSI model while an L3 vpn at the network layer (3). Okay. I don’t know much more now than I did before. I mean, I understand the L3 one, packets need to be routed across the internet as usual, but what about L2? How can your provider or any other router on the internet route a frame to its destination?
Thanks
No sure if I fully understand what information you are looking for here, but the L2 frame can be said to be encapsulated and then transferred over the internet to it’s destination with protocols on higher levels of the OSI-model (the L2 VPN service would be on the application layer), then “extracted” from the encapsulation.
A bit simplified, a L2 VPN can to some degree be looked upon as a “virtual network cable” where you originally had ethernet frames going.
I mean, I understand the L3 one, packets need to be routed across the internet as usual, but what about L2?
Taking OpenVPN as an example (since it does both L2 & L3), the routing over the internet works the same. The L2/L3 packets are encapsulated in another protocol (UDP for OpenVPN) and sent to the destination where they are converted back into L2/L3 packets.
The main difference is just the layer of the packet that is encapsulated inside. L2 packets can include broadcast traffic on the local segment. L3 packets cannot do that. So if you’re working with a subnet of devices that send L2 discovery packets, for example, it’s easiest to join that subnet with an L2 VPN. There are ways to forward such traffic over and L3 VPN, but using an L2 VPN avoids the need for specialized forwarding.
L2 VPNs have the overhead of the encapsulated L2 headers, and normally broadcast traffic isn’t needed over a VPN, so most VPNs only support L3.
There’s a ton of YouTube videos you can search for that will explain it in detail. YouTube is a great place to learn.
To be blunt, you’re basically asking for a networking course explaining how layer 2 and layer 3 communication work. It’s very useful to know, so would recommend looking it up, but it’s more involved than is suitable for a text format like this (diagrams and visualizations are very helpful).
I think I got it. Can we say that it resembles how VXLANs work somehow? Thanks
Not exactly. Anyway, I think I found something useful here:
VXLAN is a L2VPN. Its just a bit more advanced, especially together with EVPN
I have very limited knowledge of VXLAN. I would say a L2 VPN resembles VXLAN with encryption.
Hm. You did ask about the differences vs. a L3 VPN and about how general internet routing works, so I assumed you wanted a discussion comparing the two and analyzing the differences - but if you found what you’re looking for, that’s good.