IP VPNs and Reliability

Alexei Roudnev alex at relcom.net
Thu Mar 25 16:31:10 UTC 2004


Why don't use 2 vendors in every _important_ site, using routing (OSPF or
EGRP) for VPN balancing? Or just add 1 low performance link to _another_
vendor and build traditional (tunnel + IPsec) VPN structure in addition to
MPLS-based provider's solution?


>
> We've been researching various VPN options for past year or so and we're
> in discussions with yet another vendor regarding their MPLS-based
> solution. All but one of the vendors we've talked to suffer from a
> similar 'problem', but I'm curious to get your opinions on this. I'm
> wondering if I'm more concerned about this problem than I should be.
>
> Most of the vendors we've talked to only have a single POP in our area.
> It seems to me that if we were to choose an option like that we'd, in
> effect, have a network of point-to-point circuits terminating at that
> one POP. I'm not that familiar with the hardware but I suppose it's
> possible that all of those circuits would be terminating on just a
> couple of huge routers. My concern is that a problem in one POP could
> take down our entire network, whereas with our current frame relay
> vendor we have great geographic diversity with the frame/ATM switches.
>
> The vendors who have a single POP that we've looked at are MCI and
> Virtela. [I must say hello to Gene and Brice at Virtela since I know
> they'll get a copy of this. <g>]  Given that these vendors seem to have
> rather robust infrastructure, am I more worried than I need to be that
> all of our connections might terminate at the same spot? I'm sure those
> POPs are almost bullet-proof, but I'm still a little leary to put all of
> our eggs into a single basket like that.
>
> Any opinions would be welcome, especially if my assumptions are wrong
> and you'd like to correct me.
>
> Regards,
> John
> --




More information about the NANOG mailing list