Organisations are not limited to only a single cloud network providers solution option. Furthermore, they’re not merely able to access valuable cloud resources via the Internet. We advocate a combination of the solutions below to form a resilient, high-speed, high-availability, hybrid cloud network.
We’ve covered Cloud Connect and Cloud Connectivity Providers previously. Subsequently, a customer asked us to provide an overview of the options that they had available to them. The brief was:
“How do I connect my private network to my cloud network providers”
In order to implement a connection from their private network space to their cloud network providers, there were questions we needed to ask:
Will the connection be temporary or permanent?
Temporary connections limit available options because of the potential contractual commitments. These can often be mitigated by utilising existing arrangements if your current suppliers are flexible and technically capable.
What is the capacity required?
If you are moving a large volume of data utilising already hard pressed capacity via the Internet is going to struggle and will impact on existing usage. Bursting capacity for a short period of time may be an option, dependent upon your existing supplier delivery. Serviceteam IT have previously moved very large data volumes (tens of Terabytes) via 10Gbps internet access within our colocation provider.
How resilient does it need to be?
This is of course dependent upon how important access to the data you’ll have with the private cloud network provider. You should already have resilient access to the Internet. Meaning it will be simpler to ensure access to the cloud network provider is equally resilient.
Where will the connection be coming from?
[av_one_half first min_height=” vertical_alignment=’top’ space=” custom_margin=” margin=’0px’ padding=’0px’ border=” border_color=” radius=’0px’ background_color=” src=” background_position=’top left’ background_repeat=’no-repeat’ animation=” mobile_display=” av_uid=’av-1h8vn9′]
[av_textblock size=” font_color=” color=” admin_preview_bg=” av_uid=’av-clvglx’]
Is the private network located at a fixed office site?
- Are there multiple office locations?
- How are the multiple office locations connected, physically and logically?
- What is the primary leased line from the site? Is it fibre Ethernet?
- Does the primary leased line provider support 802.1Q VLANs?
- What major data centres, such as Telehouse or Telecity, is the primary leased line provider present in?
- What resiliency exists for the leased line?
- Who provides the physical connectivity resiliency?
- Who manages the physical and logical resiliency?
- Is the logical private network resilient, such as failover routes via alternate leased line providers to another site?
- What firewall devices are present at the site?
- How are they configured, such as High Availability Active/Active?
- Are site-to-site licenses available on the devices?
- Are there VPN failover policies enabled?
- Who manages these devices?
- Do the office locations have sufficient internet access capacity?
- Is there sufficient fibre Ethernet capacity to upgrade internet access?
[/av_textblock]
[/av_one_half][av_one_half min_height=” vertical_alignment=’top’ space=” custom_margin=” margin=’0px’ padding=’0px’ border=” border_color=” radius=’0px’ background_color=” src=” background_position=’top left’ background_repeat=’no-repeat’ animation=” mobile_display=” av_uid=’av-auk0f9′]
[av_textblock size=” font_color=” color=” admin_preview_bg=” av_uid=’av-9r4wgl’]
Is the private network in a colocation facility?
- Are there multiple colocation facilities?
- Who provides the network connectivity between the facilities?
- Do the colocation providers supply backhaul via 802.1Q VLANs?
- What physical and logical connectivity resiliency is in place?
- Are the colocation providers supplying Managed Internet Access (MIA)?
- How are they connecting you to the internet, such as their own feed or a third party transit provider?
- How are the public peering arrangements organised? What are the private peering arrangements?
- In which major data centres, such as Telehouse or Telecity, are the colocation providers present in.
- What firewall devices are present at the colocation sites?
- Who manages the firewall devices?
- What edge routers do they operate?
As an aside, we’ve worked with customers who have infrastructure in colocation facilities, where not only has the colocation facility been unable to supply backhaul via 802.1Q VLANs, but also had no internet peering arrangements. They at least had two colocation facilities for resilience!
[/av_textblock]
[/av_one_half]
[av_hr class=’default’ height=’50’ shadow=’no-shadow’ position=’center’ custom_border=’av-border-thin’ custom_width=’50px’ custom_border_color=” custom_margin_top=’30px’ custom_margin_bottom=’30px’ icon_select=’yes’ custom_icon_color=” icon=’ue808′ font=’entypo-fontello’ admin_preview_bg=” av_uid=’av-7tsjmt’]
[av_masonry_gallery ids=’2010,741,2007′ items=’3′ columns=’3′ paginate=’pagination’ size=’fixed’ gap=’large’ overlay_fx=’active’ container_links=’active’ id=” caption_elements=’title’ caption_styling=” caption_display=’always’ color=” custom_bg=” av_uid=’av-5gleyt’]
Smart Network Explainer Video
Virtual Private Network (VPN)
In almost all cases, public cloud services begin via publicly accessible services, such as websites. As organisations become ever increasingly comfortable with public cloud, the practicalities of hosting more business critical information increases. And yet, the security of the information and access to the information remains paramount. An Internet VPN is the first, and arguably the simplest, option. It provides the shortest lead time of all of the options.
Public cloud providers offer VPN appliances, or an option for native VPN through the cloud providers control panel. Device support includes many options from hardware VPN concentrators to OS-based VPN solutions, such as OpenVPN. Cloud network providers will charge for the compute instances hosting the VPN appliance. Bear in mind cloud network providers charge for the bandwidth. Data transferred via a VPN counts against data transfer cost. There are no minimum commitments associated with VPN options. VPN connections to the cloud network provider are most suited to temporary or network failover.
Direct Connectivity
The VPN option limits the ability to offer a consistent experience over a common internet connection. It’s bandwidth you share with user and service access, which can become saturated with high capacity users, or reduce service effectiveness for voice and video. For a far more predictable connection, cloud network providers offer direct private connections via major data centre facilities.
Cloud providers ordinarily partner with large data centre operators. These operators terminate multiple cloud provider networks into their facilities, often via a meet-me room. Other providers rent facilities from these data centre providers, and the data centre provider offers a cross-connect, known as an Xconnect, from the cloud provider’s facilities to customer facilities. This can sometimes involve many parties. For example, if your private network is located in a colocation data centre, you will need to:
Creating your own connection to Cloud Network Providers
[av_promobox button=’no’ label=’Click me’ link=’manually,http://’ link_target=” color=’theme-color’ custom_bg=’#444444′ custom_font=’#ffffff’ size=’large’ icon_select=’no’ icon=’ue800′ font=’entypo-fontello’ box_color=’custom’ box_custom_font=’#333333′ box_custom_bg=’#ffffff’ box_custom_border=’#333333′ admin_preview_bg=” av_uid=’av-43pihh’]
- create a VLAN to the local edge router, lets call it A, of the colocation provider;
- backhaul via a VLAN to an edge router, lets call it B, of your third party colocation provider in the major data centre provider facility;
- set-up a cross-connect from edge router B, to the edge router, lets call it C, of the major data centre provider;
- install a cross-connect from edge router C, to the edge router, lets call it D, of the probable additional cabling provider within the facility;
- organise a cross-connect from edge router D, to the edge router, lets call it E, of the cloud network provider;
- enable a Cloud Connect service from edge router E, to the LAN, lets call it F, of the VPC;
- in each of the steps you will have options for either a port based VLAN or an ID based VLAN, sometimes both, sometimes only one;
- once all the physical connections have been enabled and tested, then the real fun begins as you have to logically address and apply a routing schema, ordinarily BGP, between your private network and the cloud network provider.
[/av_promobox]
Direct connections generally come in two Ethernet speeds of 1Gbps or 10Gbps. With AWS you then have a CDR, which is carried over the Ethernet capacity, and is a minimum of 10Mbps. The data centre provider charges for the cross connect, while the cloud provider charges for the port, and everyone else charges for backhauls and cabling.
Most cloud providers allow unlimited transfer over direct connect, which brings down the per gigabyte transfer cost. Often the major data centre providers offer shorter terms, such as 1-month commitments. Cross-connects usually carry a 12 month term. Customers can leverage the shorter commitments for short-term projects to transfer lots of data, or to test a new service from a cloud provider.
Connect to Cloud Network Providers with Serviceteam IT
Telco providers are increasingly offering services based on a Cloud Connect model. Capacity (speeds) between 1Gbps and 10Gps are more desirable. Telco providers bundle connectivity to a cloud network provider. More often, these connections are Cloud Connect to the major data centre providers without the complications of cross connects or VLAN type mismatch, robust physical failover and resilience of the route with a cohesive routing schema between the private network to the cloud network provider.
Organisations have a far wider variety of connectivity options. Telco providers can offer Ethernet connection options with MPLS and VPLS to your preferred cloud network provider. This can be delivered as one-to-many, many-to-one or many-to-many. Telco terms don’t always mimic existing WAN commitment lengths, ordinarily 24 or 36 months, as we have contracts with 36 month resilient fibre Ethernet connections and only 12 month Cloud Connect services carried over the resilient fibre Ethernet.
Cloud Connect Explainer Video
[av_sidebar widget_area=’Blog Footer’ av_uid=’av-2yd68l’]
1 Comment
[…] Provisioning connections between data centres and external services has always been a problem, either due to cost or due to complexity. A decade ago I remember the only viable option was a direct Point-to-Point, which unless the two locations were within reasonable proximity, high capacity connections were an eye-watering expense. Connections between diverse geo-locations, such as between countries, required backhauls and XConnects between friendly data centres or peers, often taking weeks or months to provision. You can read more about the many DIY options in Cloud Network Providers | Connect Your Private Network to the Cloud. […]