Setup Direct Link Connectivity
Journey Map
Overview
In this part of the journey, we will cover how to establish provides private connectivity between VPC and on-prem. To accomplish this, IBM Cloud Direct Link will be used. You'll find there are different types of IBM Cloud Direct Link services available to you:
- IBM Cloud Direct Link Connect (DL 1.0 and DL 2.0)
- IBM Cloud Direct Link Dedicated (DL 1.0 and DL 2.0)
- IBM Cloud Direct Link Dedicated Hosting on Classic (DL 1.0)
- IBM Cloud Direct Link Dedicated Exchange on Classic (DL 1.0)
Direct Link on Classic is also referred to as Direct Link 1.0 and is traditionally used in an environment mainly focussed around IBM Cloud Classic Infrastructure. As we will be working with a VPC based environment, this deployment guide will focus on Direct Link 2.0. (A decision tree which which leads to Direct Link 2.0 can be found in the documentation.)
When reviewing location names in the Direct Link documentation, be aware that Dallas and Washington are unique in that their datacenter ids do not match the VPC zone numbers. Dallas 10, Dallas 12, and Dallas 13 map to Dallas 1 (Zone1), Dallas 2 (Zone2), and Dallas 3 (Zone3) in VPC. Likewise, Washington DC 4, Washington DC 6, Washington DC 7 map to Washington DC 1, Washington DC 2, and Washington DC 3 in VPC.
Before moving on, be aware of the following attributes of the Direct Link 2.0 service and its limitations:
| Feature | Direct Link (2.0) |
|---|---|
| Locations | All IBM Cloud MZRs have support and SZR support is being rolled out on a location-by-location basis. Please see the Direct Link location table for a detailed listing. |
| Connectivity/Peering to IBM Cloud | Supports connectivity to multiple VPCs, VPCs in another IBM Cloud Account, IBM Cloud Classic Infrastructure, and Transit Gateway |
| BGP ASN supported | Allowed to use any ASN outside these blocked ranges: 0, 13884, 36351, 64512, 64513, 65100, 65201–65234, 65402–65433, 65500 and 4201065000–4201065999 |
| BGP Authentication | Supported for Dedicated and Connect offerings through automation. Need to store the MD5 secret in Key Protect or an HPCS instance in the customer account. |
| Default BGP IP address range for automation | 169.254.0.0/16. |
| Manual IP address ranges supported | 172.16.0.0/12, 192.168.0.0/16, 10.254.0.0/16, any public IP addresses |
| Bring Your Own IP (BYOIP) | Supports BYOIP for non-overlapping RFC-1918 IP ranges between VPC networks and on-premise networks (see Routing considerations for IANA-registered IP assignments for details). ADDITIONAL NOTE: While we are focussed on a VPC environment, in some cases you may still have resources on IBM Classic Infrastructure which you will need to include as part of the on-prem connectivity. Be aware that IBM Classic Infrastructure uses a 10.0.0.0/8 range so additional considerations with BYOIP may need to be made as described in the documentation. |
| Bi-directional Forwarding Detection(BFD) | All MZRs have Direct Link (2.0) offering support. |
| Billing/Pricing | Metered based on the data utilization and unmetered flat rate support. Inbound data transfer to IBM Cloud is free. Data transfer for egress varies based on region. Global routing (access to all IBM Cloud data centers globally) is free. |
Connection Patterns
The following pattern depicts how individual infrastructure (VPC and Classic) can be added as connections
In above pattern, each connections has its own VRF and connection#1 prefixes cannot communicate with connection#2 prefixes by default.
The following pattern depicts how Transit Gateway (VPC and Classic) can be added as connection and advertise all the learnt routes from VPC and Classic infrastructure across accounts
In above pattern, transit GW will provide connections across infrastructures within IBMCloud and as well advertise all its prefixes to Directlink
GW
Ordering Direct Link
- Detailed steps (including screenshots) to order Direct Link Dedicated are available in the documentation.
- Detailed steps (including screenshots) to order Direct Link Connect are available in the documentation
Next Steps
The next step on the deployment journey is: