Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

IBM Cloud (SoftLayer) Direct Link Guide 2017/12/14

1 610 vues

Publié le

A practical guide for administrators of IBM Cloud (SoftLayer) accounts who want to implement private connectivity to the cloud from their on-premise network. (updated as of 2017/12/14)

Publié dans : Technologie
  • Soyez le premier à commenter

IBM Cloud (SoftLayer) Direct Link Guide 2017/12/14

  1. 1. © 2017 IBM Corporation IBM Cloud (SoftLayer) Direct Link Guide 2017/12/14 Cloud Computing IBM Japan Tomoyuki Niijima
  2. 2. © 2017 IBM Corporation Direct Link Overview ▪ IBM Cloud Infrastructure (SoftLayer) offers Direct Link services to allow customers to establish private connectivity from their premise. ▪ There are the following two types. – Direct Link Exchange • Single connection over Exchange service provided at PoP by 3rd party service providers such as ECX (Equinix Cloud Exchange). Cost effective solution especially for those who will connect multiple clouds. – Direct Link Dedicated • Use this if you need a dedicated port • Use this if you need a connection at a DC location CAUTION: Now BGP is mandatory to manage routing via Direct Link. An account that orders Direct Link will be migrated to VRF environment. (See P.10 - 12 for details) Inter-account VLAN spanning will not be allowed in VRF environment. VPN service will be limited. You can configure redundant links by ordering two Direct Links. Please explain that you intend to configure redundant links on a ordering ticket for a Direct Link by referring the other ticket number. You will need to explain it on both tickets. Direct Link CSP is now called as Direct Link Dedicated Hosting and offers rack and cross connects. Direct Link Dedicated Hosting is out of the scope of this document. 2
  3. 3. © 2017 IBM Corporation3 Direct Link Exchange overview ▪ Single connection over Exchange service provided at PoP by 3rd party service providers such as ECX (Equinix Cloud Exchange) or Verison. ▪ Customers needs to cover process and cost to establish connect from their premise to the data center where a target PoP is located, including that of exchange service. ▪ Typically requires 30 to 60 days to complete the link. ▪ 50M, 100M, 200M, 500M and 1Gbps speeds are available. ▪ Subnets required in between routers will be provided by SoftLayer. ▪ 1000BASE-LX or10GBASE-LR, both with single mode fibre will be used for the link. ▪ VLAN trunking of 802.1Q or 802.1ad will be used. Customer PoP DC of a PoP SoftLayer DC BCR VM Private VLAN Public VLAN Internet CX 802.1Q Or 802.1ad 802.1Q Customer’s responsibility SoftLayer’s responsibility CER XCR BGP VC
  4. 4. © 2017 IBM Corporation4 Direct Link Exchange ordering process 1. Sign up for SoftLayer. 2. Order a server on SoftLayer to find a subnet on a Private VLAN. 3. Order the following to the exchange service provider such as Equinix. – Co-location space to install the customer’s router at PoP location – Exchange service such as ECX – Cross connect to the exchange service 4. Order a Direct Link for Cloud to confirm connection parameters. 5. Request SoftLayer to migrate the account to VRF. 6. Order a VC to the exchange providre. 1. Specify VLAN type 2. Specify VLAN ID for the customer’ s side 3. Specify the ticket number of the Direct Link order as a Service Key. 4. Notify SoftLayer of the VC order completion. 7. Configure the customer’s side router. 8. Verify connectivity in between CERs and XCRs. 9. Configure NAT gateway or GRE tunnels based on a design. 10.Verify end to end testing. 11.Notify completion of the connection via ticket. 12.Charge for the link will be started.
  5. 5. © 2017 IBM Corporation5 Direct Link Exchange ordering process (using automation for ECX) Before following the process; VRF migration of the account must be completed. ECX account must be ready. 1. Order a Direct Link Exchange 2. Confirm provided IP addresses and a service key. 3. Order a VC to the exchange providre. 1. Specify VLAN type 2. Specify VLAN ID for the customer’ s side 3. Specify the service key provided at step 2. 4. Configure the customer’s side router. 5. Verify connectivity in between CERs and XCRs after VC will be connected status. 6. Configure NAT gateway or GRE tunnels based on a design. 7. Verify end to end testing.
  6. 6. © 2017 IBM Corporation6 Direct Link Exchange physical wiring ▪ From customer’s premise to the target PoP – Remote network from the customer’s premise to the target PoP location will be provided by a carrier, and co-location space at the data center will be provided by a data center provider, based on the customer’s order. ▪ In house connection at the target DC – 1000BASE-LX or 10GBASE-LR with single mode fibre – The customer is responsible to the customer’s side connection. – From the customer’s rack to the exchange service will be connected by a data center provider based on the customer’s order. – Connection in between the exchange service and SoftLayer is done by SoftLayer. CER Patch panel XCR Patch panel SoftLayer DC A Data center of a PoP location ECX Remote lines To customer’s place Customer’s responsibility SoftLayer’s responsibility SoftLayer PoP
  7. 7. © 2017 IBM Corporation7 Direct Link Dedicated overview ▪ Customers needs to cover process and cost to establish connect from their premise to the data center where a target PoP is located, including that of cross connect. ▪ Typically requires 30 to 60 days to complete the link. ▪ 1G, 2G, 5G and 10Gbps speeds are available. ▪ Subnets required in between routers will be provided by SoftLayer. ▪ 1000BASE-LX or10GBASE-LR, both with single mode fibre will be used for the link. Customer NAT PoP Data Center SoftLayer Data center BCR VM Private VLAN Public VLAN Internet Customer’s responsibility SoftLayer’s responsibility CER XCRBGP
  8. 8. © 2017 IBM Corporation8 Direct Link Dedicated ordering process 1. Sign up for SoftLayer. 2. Order a server on SoftLayer to find a subnet on a Private VLAN. 3. Order a co-location space to install the customer’s router at PoP location 4. Order a Direct Link Dedicated to get LOA (Letter of Agreement) and other information. 5. Order connections from customer’s premise to the data center. 6. Order cross connects to the data center provider. 7. Configure the customer’s router (CER). 8. Send SoftLayer a completion notice for the cross connects issued by the data center provider via a ticket of the Direct Link order. 9. Verify connectivity in between CER and XCR. 10.Configure NAT gateway or GRE tunnels based on a design. 11.Verify end to end testing. 12.Notify completion of the connection via ticket. 13.Charge for the link will be started.
  9. 9. © 2017 IBM Corporation9 Direct Link Dedicated physical wiring ▪ From customer’s premise to the target PoP location – Remote network from the customer’s premise to the target PoP location will be provided by a carrier, and co-location space at the data center will be provided by a data center provider, based on the customer’s order. ▪ In house connection at the target PoP location – 1000BASE-LX or 10GBASE-LR with single mode fibre – The customer is responsible to the customer’s side connection. – From the customer’s rack to SoftLayer’s patch panel will be connected by a data center provider based on the customer’s order. – SoftLayer is responsible to connect from SoftLayer’s side patch panels to SoftLayer’s routers. CER Patch panel XCR Patch panel A Data center of a PoP locationCustomer’s responsibility SoftLayer’s responsibility SoftLayer PoP SoftLayer DC Remote lines To customer’s place
  10. 10. © 2017 IBM Corporation10 Contracts and payments around PoP/DC ▪ Remote connection – Carrier will provide a quote – Data center provider will provide a quote for a co-location space to install customer’s routers. ▪ Cross connect at PoP/DC – Data center provider will provide a quote for cross connects ▪ Direct Link – Direct Link should be ordered on the SoftLayer portal Customer NAT SoftLayer’s scope VM Private VLAN Public VLAN Internet Customer’s responsibility SoftLayer’s responsibility CER XCR
  11. 11. © 2017 IBM Corporation11 Direct Link routing ▪ A customer’s router at PoP/DC is called as CER (Customer’s Endpoint Router). A SoftLayer’s side router is called as XCR (Cross Connect Router). ▪ SoftLayer provides subnet (10.254.x.x/31*) in between CER and XCR. ▪ VRF environment will be configured around XCR and BCR which enables routing from the private VLAN to the customer’s network. ▪ BGP need to be configured in between CER and XCR. ▪ CER advertise routes to customer’s network to XCR, XCR advertise SoftLayer’s network to CER. ▪ CER is inhibited to advertise the following subnets which is reserved by SoftLayer. 10.0.0.0/14, 10.200.0.0/14, 10.198.0.0/15, 169.254.0.0/16, 224.0.0.0/4 Subnet for Direct Link (/31 or /30 size subnet from 10.254.0.0/16 range) Subnets on Private VLANs CER BCR Private VLAN Public VLAN VM XCR 10.254.x.x/31* VRF Customer SoftLayer scope Customer’s address SoftLayer’s address *Request /30 subnet if CER will not support /30.
  12. 12. © 2017 IBM Corporation12 Direct Link: some more details about BGP use 1. What AS number can be used? SoftLayer’s ASN is 13884, for both public and private. SoftLayer will specify private ASNs as AS PATH attribute for each route advertisements from the range of 65200-65235 and 65400-65435. Customer can use public ASN (1 - 64495) or a private ASN 64999 or a 4byte Private ASN between 4201000000 to 4201064511. 2. How SoftLayer advertises routes through BGP from XCR to CER? For each private subnets on Private VLANs that are assigned to the account and should be reachable through the Direct Link will be advertised. 3. Which attributes are supported? Well-kwon mandatory and Well-known discretionary are supported. 4. Supported capabilities? The following capabilities are confirmed to be supported. XCR will just ignore non- supported capabilities sent through a BGP session and will keep the session. Multi protocol Extensions Capability (address family IPv4 unicast only) Route-Refresh Capability 4 Octets-AS Capability 5. keepalive/hold timer setting? keepalive 30sec / hold time 90sec
  13. 13. © 2017 IBM Corporation13 Direct Link routing (optional) Address conflict in between customer’s network and SoftLayer network may be avoided by the following method. ▪ Configure GW using Vyatta or Linux server on SoftLayer. ▪ Establish GRE or IPsec tunnel in between GW and CER, or a router that can be reachable by using a route which is advertised in BGP. ▪ Use customer’s address from customer’s side up to GW through the tunnel, use SoftLayer’s address from CER to SoftLayer side out side of the tunnel. ▪ NAT still may be required at GW depending on IP addresses involved on both end. CER Private VLAN Public VLAN VMGW NAT XCR 10.254.x.x/31Customer SoftLayer scope Customer’s address SoftLayer’s address BGP GRE tunnel
  14. 14. © 2017 IBM Corporation References ▪ IBM Cloud / Direct Link https://console.bluemix.net/docs/infrastructure/direct-link/getting-started.html#get-started-with- ibm-cloud-direct-link 14

×