Connect Colocation to Network Edge

Network Edge works with Equinix Fabric to provide a virtual cloud on-ramp that can be deployed in minutes. Colocation resources that are connected to Fabric in one metro location can connect to cloud Fabric participants in another metro location across the Equinix Fabric.

Architecture

This reference architecture scenario consists of a primary database deployed in an Equinix colocation cabinet in Metro A that must be replicated to a cloud-hosted database in Metro B. There are no plans to deploy hardware in Metro B, so all components must be deployed virtually. Metro B also includes a hosted application that will access data from the replicated database. To optimize application performance, the hosted application and the replicated database must be in close proximity.

Network communication between the metro locations is provided by Equinix Fabric over a remote virtual circuit. The low latency connections between the replicated database and the hosted application are provided over local virtual circuits, which interconnect the application to the replicated database hosted on different cloud providers.

Equinix Components

  • Equinix Fabric – Equinix Fabric is a switching platform that provides private connectivity to a wide selection of providers that are participants on the Fabric. Virtual circuits are provisioned on the Fabric using software-defined networking to establish connectivity to providers that are connected to the Fabric. Virtual connections can be created using the Fabric Portal or APIs.

  • Equinix Network Edge – Network Edge is an ETSI-compliant NFV platform that hosts virtual network functions (VNFs) (routers, firewalls, and SD-WAN) from various vendors such as Cisco, Juniper, Palo Alto, Fortinet, Versa, Aruba, and Check Point. VNFs can be deployed in real-time and, once deployed, you can start building virtual connections to providers on the Fabric.

  • Remote virtual circuit – Remote virtual circuits are used to build Layer2 circuits across the Fabric. The Layer 2 underlay is stitched together using a combination of VNIs and VLANs so you can form Layer 2 adjacencies to establish Layer 3 connectivity. Virtual circuit bandwidth can be dynamically adjusted as application needs change.

  • Local virtual circuit – Local virtual circuits function the same as remote virtual circuits and are deployed within the same metro when building interconnections to Fabric participants.

  • Network rack/colocation – Network equipment and the primary database would be hosted in an Equinix data center in Metro A and the network equipment would be connected to the Equinix Fabric. The network equipment in the network rack would establish Layer 3 peering over the remote virtual circuit to the Network Edge virtual device in Metro B.

Cloud Service Provider (CSP) Components

  • Private interconnection – Private interconnections from the CSP are Layer 2 partner or hosted connections that connect to the Equinix Fabric. Partner or hosted connections provide an intermediate switch between a device and the CSP router it peers with. Once the private Layer 2 interconnection has been established, you can set up Layer 3 peering with the CSP gateway. Private interconnections bypass the internet.

  • Cloud hosted service – The application and replicated database are hosted in cloud providers located near the Network Edge virtual device in Metro B.

  • Optimized connectivity – Due to the proximate location of the cloud-hosted components and the Network Edge virtual device that are interconnected through virtual circuits, the application is optimized for performance.

Recommendations

These recommendations provide a starting point. Customer requirements might differ from this list.

  • Choice of location – This architecture example shows connections between the same region. Depending on the region for deployment, latency will vary, which is an important consideration when designing applications with stringent latency requirements. However, some applications might require inter-region connectivity. In those cases, use the global reach of Equinix Fabric to create those connections.

  • High Availability – This architecture shows a single-threaded deployment with no fault-tolerance. Equinix recommends that customers deploy the level of fault -tolerance needed for their business requirements. Network Edge can be deployed with redundant devices or, in the case of some vendors, devices be deployed as a high-availability pair.

  • IP addressing – For connections to private services over a private virtual interface, customers can use private IP addressing. For some public services, the customer’s own public IP addresses and NAT might be required for the Network Edge device. Because each CSP is different when it comes to public addressing requirements, research is required before trying to create public connections.

Considerations

When implementing this architecture, consider the following factors:

Performance

In addition to latency, bandwidth between the components and device throughput must is important. The virtual circuits must be sized appropriately, and the devices must support the desired throughput.

Security

Private interconnections on the Fabric to the cloud provider are not encrypted. An application that requires encryption must encrypt either at the application layer, or at the network layer where IPSEC tunnels can be built between the Network Edge device and a cloud gateway. IPSEC tunnels involve overhead, which also affects the device selection.

Equinix Costs

  • Device instance – The cost for the virtual device (does not include the license cost).

  • License for the virtual device – Customers can purchase a subscription license for some vendors. Bring Your Own License (BYOL) is available for all vendors.

  • Virtual circuits – Monthly recurring charges are based on the size of the circuits. Connections between metros across the Equinix Fabric, incur an additional surcharge for the remote connection.

CSP Costs

  • Egress charges – Charged by some service providers based on the amount of data that is transmitted over the private interconnection. These charges vary based on the provider. Using a private interconnection reduces the egress charges when compared to the Internet.

  • Fixed port charges – Charged by some providers based on the circuit size, in addition to the egress charges. Both egress and fixed port charges factor into your application design.

 

Related Topics Link IconRelated Topics