s*****g
发帖数: 1055 | 1 Guys, I am wondering anybody has any inside knowledge how Amazon implemented
their VPC VPN gateways. For those who are not familiar with this, Amazon
allows VPC customers to establish private IPsec connectivity to their corp
network with dynamic (BGP only) routing.
I am not sure there is any commercial product that can
1) allow customers to establish IPsec tunnels and run dynamic routing with
overlapping BGP ASN and customer routes
2) allow true programablility of this VPN gateway
3) Scale indefinitely?
I heard that Amazon is using home grown solution for this VPC VPN gateway,
but I can not find any technical documentation about this. | s*****g
发帖数: 1055 | 2 Looks like not many people worked on this, one thing I can tell you, it is
not as NB as I originally thought, many problems and limitations especially
when your network is not trivially simple, we are going to ditch it and in
favor of N1KV. | c*a
发帖数: 806 | 3 你们用N1KV 或者 VPC 主要目的是什么?
最近我也要接触一些VPC, 你能展开讲讲?
especially
【在 s*****g 的大作中提到】
: Looks like not many people worked on this, one thing I can tell you, it is
: not as NB as I originally thought, many problems and limitations especially
: when your network is not trivially simple, we are going to ditch it and in
: favor of N1KV.
| s*****g
发帖数: 1055 | 4 用 VPC 的主要目的是能快速,实时地给内部工程,财务,商业分析等部门提供计算服务,
如果自己做的话会省钱,但会花很长时间(从计算机供应商,网络设备供应商选择,数据中
心场地租赁,以前后期的管理等等),而且先期投入大,对将来的计算需求很难准确预测等
因素决定了建私有数据中心来满足某些内部需求不一定都是最好的选择. VPC 给私有数
据中心提供了一个非常好的互补.
Nexus1000V 主要提供 VPC 和企业内部网的互联, Amazon提供的VPN Gateway有太多的
限制, BGP 的功能非常少, 只能满足小用户的需求.
Amazon 关于VPC的文档很多.
【在 c*a 的大作中提到】
: 你们用N1KV 或者 VPC 主要目的是什么?
: 最近我也要接触一些VPC, 你能展开讲讲?
:
: especially
| z**r
发帖数: 17771 | 5 check out Cisco InterCloud
,
【在 s*****g 的大作中提到】
: 用 VPC 的主要目的是能快速,实时地给内部工程,财务,商业分析等部门提供计算服务,
: 如果自己做的话会省钱,但会花很长时间(从计算机供应商,网络设备供应商选择,数据中
: 心场地租赁,以前后期的管理等等),而且先期投入大,对将来的计算需求很难准确预测等
: 因素决定了建私有数据中心来满足某些内部需求不一定都是最好的选择. VPC 给私有数
: 据中心提供了一个非常好的互补.
: Nexus1000V 主要提供 VPC 和企业内部网的互联, Amazon提供的VPN Gateway有太多的
: 限制, BGP 的功能非常少, 只能满足小用户的需求.
: Amazon 关于VPC的文档很多.
| s*****g
发帖数: 1055 | 6 Cool, obviously Cisco InterCloud is not as well known as AWS, can you do a
comparison between the two offerings?
【在 z**r 的大作中提到】
: check out Cisco InterCloud
:
: ,
| c*a
发帖数: 806 | 7 guess the comparison would be the gateway, not the cloud itself.
【在 s*****g 的大作中提到】
: Cool, obviously Cisco InterCloud is not as well known as AWS, can you do a
: comparison between the two offerings?
| s*****g
发帖数: 1055 | 8 Gateway is just a tiny part of the offering, IMHO
【在 c*a 的大作中提到】
: guess the comparison would be the gateway, not the cloud itself.
| z**r
发帖数: 17771 | 9 they don't compete, they work together
【在 s*****g 的大作中提到】
: Cool, obviously Cisco InterCloud is not as well known as AWS, can you do a
: comparison between the two offerings?
| s*****g
发帖数: 1055 | 10 用了一下 CSR-1000v,挺好用,比AWS的VPN appliance 有无可争议的优点. 但TMD的贵了
, 一个 Instance 500M 的吞吐量一个月要 $2000 (AWS 费用不到 $200, 其他是CSR-
1000v license 费), 如果在三个region都有VPC, 考虑
redundancy, 一个月就要$12,000, 也只有不差钱的大公司才负担得起. 有这个budget
我就直接 private peering/direct connect 或者用 MPLS-VPN 了.
【在 z**r 的大作中提到】
: they don't compete, they work together
|
|
