[afnog] BGP peering via VPN tunnel
Shepherd Magumo
shepherd at snowball.co.za
Fri Jul 1 15:26:41 UTC 2011
Andy,
> Most IXes do one-MAC per-port for port-security reasons, so you will still
> need someone to carry your own individual connection between the peering LAN
> to the gre tunnel endpoint device at your virtual layer 2/tunnel provider.
>
> This gives you some nasty shared fate between your transit and peering, and
> a very significant risk of MTU issues, unless your layer 2 provider can
> guarantee the gre/tunnel will run over a jumbo path. If it can run over a
> jumbo path, why not just find a provider who can backhaul your own layer 2
> connection to the exchange over a clean dedicated path to your peering
> router ? The MTU issues will cause you unexpected problems with reaching
> various sites, and performance issues with high-speed transfers, also the
> constant encapsulation/decapsulation work that your router will need to do
> will cost you performance at high load, too.
>
>
Thanks, I will check with the INX for port security. From what you just
explained I foresee a huge challenge ahead and even worse I might degrade my
main line by high load on my router.
> Can you identify who your main traffic peers would be and organise private
> interconnect with them, if the costs of IX peering are too high at this
> stage ?
I tried to explore private interconnect and my only solution would have been
via wireless and there so much interference on one relay tower the
throughput gets to usable levels at the worst.
Shepherd
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://afnog.org/pipermail/afnog/attachments/20110701/382ebb29/attachment.html>
More information about the afnog
mailing list