Providing a comprehensive solution for global connectivity is still not a trivial task. As most global enterprises know, the scale both geographically and organizationally can kill almost any well engineered network design. Size and complexity aside, just designing for the next “XaaS” solution and cloud sprawl can greatly challenge most network engineers
One approach to help reduce the complexity is to leverage IXPs (Internet Exchange Points). For anyone new to the concept of an IXP, Russ White wrote a great article on How Internet Exchange Points work which gives a quick jumpstart of how they function for typical Internet peering. IXPs are more or less service provider hotels; the point at which many carriers and large content providers choose to interconnect. Many of the carriers and locations for these sites is available PeeringDB.com which contains a lot of detail. Not all IXPs have the same amenities, and it’s highly advisable to have an in-depth conversation with the colocation vendor to validate specifically which companies and what services are available at that location and about the specifics for how they operate.
Originally designed for a place where service and content providers could interconnect, it is becoming ever more feasible and financially viable for enterprises to also take advantage of this model. One of the primary driving factors which can encourage an enterprise to take advantage of this is the direct connection to the primary IaaS, XaaS, and cloud providers which the enterprise designates as “business critical”. Due to the high concentration of providers it is possible to build out connectivity and then leverage that for multiple purposes. One can shop providers for private transport, Internet connectivity, as well as build cloud integration. The three main design considerations that can contribute significantly to design are Private Transport, Internet Transport, and Cloud Integrations
Private Transport – Site to site circuits, MPLS, VPLS, etc. from a service provider. These can be procured at a lower rate as the access provider is simply a cross connect away. Additionally the high number of service providers aids in the competition reducing the cost compared to a private location. The advantage is a significant cost reduction for building a UNI between two or more networks as well as placing the UNI in a highly protected co-location space.
Internet Transport – Access to Internet transport is also very affordable and the same competitive aspects come into play as private transport. In these scenarios most of the services come in a burstable configuration allowing for flexibility and being able to adapt to the business demands. In some cases direct peering may be possible for high traffic loads leveraging the IXP fabrics that have been deployed. Depending on the situation this may be a SFI (Settlement Free Interconnect) or Paid Peering arraignment. In some cases this can reduce the sizing of the Internet transport and reduce latency to users for those that are based on getting content to Internet users.
Cloud Integrations – AWS and Azure both offer Direct Connect and ExpressRoute respectively. This allows peering directly into the cloud environments to avoid the Internet and VPN requirements. There is a list for locations for AWS connections and a list of Azure points for connectivity as well. The Azure locations leverage cloud exchange networks and should be discussed with providers to ensure where the integrations are physically available. An additional side effect is simplified management of the routing and security boundaries between the public cloud environments and other Enterprise network segments.
The resulting design creates a more integrated solution. With the proximity to the providers and the opportunities to interconnect the congestion and latency can be reduced with the bandwidth can be increased while maintaining or reducing the budget. The diagram is an example structure.
In summary, the architecture allows improved service provider selection at a better value, easier interconnection of multiple networks, more advanced Internet design, and improve cloud integration performance and security controls.
In future posts we can dig into some of these more specific areas.