Zero Risk Architecture
Autonomous Internet and Risk Management
Risk Management is not about minimizing risk to zero or almost zero however. Risk reduction, even with Autonomous Routing technology, is not free, and for many application some level of risk is acceptable, as long as it is assessable and controllable.
Making the initial transition from traditional provider-based Internet to Autonomous Internet is Zero-Risk: Open Peering simply guarantees the transition will work and deliver a turn-key production-ready network within 10 working days.
The risk level (potential downtime) of the network during it's operational life however depends largely on the architecture that is chosen in the design of the network.
In this page we describe Open Peerings Zero-Risk Guarantee for the initial transition, and different classes of Autonomous Internet architectures with their associated risk levels.
Zero Risk Guarantee
Assumptions and exclusions
The guarantee assumes the datacenter rackspace has been pre-arranged by the customer (in a location where Open Peering provides services), the customer provides Open Peering with adequate remote access to the BGP4 router hardware (for setup and support) in time, and the datacenter provides any required (customer-ordered) patchcables in a timely fashion.
The guarantee does not cover the customers internal switches network, any customer equipment (e.g. servers), renumbering IP addresses and customer-provided services (e.g. dns, www, etc.).
Open Peering delivers an Autonomous Internet network under the Zero Risk Guarantee on turn-key basis. That means that if all of the above conditions are met, the customer only needs to connect it's internal network, and then has a solution thats works, guaranteed.
Other then datacenter rackspace Open Peering offers all components (see the Open Shopping List) required for an Autonomous Internet network. Only a subset of those components (as described above) is required to qualify for the Zero Risk Guarantee, but of course all other components ordered via Open Peering fall under the same guarantee.
Architectures and associated risk level
This table shows a ranking of 5 risk levels (AAA+ through B), associated reasonable minimal availability and maximum downtime and specification of what architecture provides such a level.
Availability and downtime
The availability and maximum downtime per year a described in this table per risk level are estimated based on history and experience, and are averages over longer time.
Actual numbers depend largely on the specific individual choices that are made for solution components like the BGP4 Router hardware brand/model, a datacenter rackspace provider and Global Transit providers, and can only be guaranteed via service level agreements (SLA's) with those component providers.
In general terms it is advisable the choose Proven Technology and use Proven Services that are on the market for at least three years and are successfully used by a larger group of comparable reference customers. This can however conflict with the interest of using top of the line and technology edge products and services in a AAA+ ranked architecture which can provide substantially improved performance or lower cost.
Dual IP block in Dual Datacenter architecture
In this solution for each datacenter a local IP block (subnet) of at least 256 IP's in size each is allocated for local equipment on each datacenter. For external routing (eBGP) each router originates (creates) only the IP block that is local for his datacenter. But it does also accept the block that is local for the other datacenter from the other router(s) via internal routing (iBGP) when available. It announces both IP blocks externally (eBGP) to its Global Transit upstream providers for maximum path and upstream redundancy.
During an outage of the link between the datacenters, the announcement of the local IP blocks between the datacenters (iBGP) stops, and the routers on both datacenters fall back to only announcing their own local IP block to the rest of the Internet on Global Transit (eBGP). Both datacenter setups are still fully functional and operational, but temporarily loose some Global Transit path options and router redundancy.
This solution requires the equipment on both datacenter to operate completely independent from each other, user only local IP addresses, and continue to work if the other datacenter is unreachable (because the link between the datacenters is down or the equipment there is down. This requires that services (e.g. dns, www) are redundantly serviced by equipment on both datacenters. A resilient routing network architecture is useless if the services provided over that network are not resilient.
Fully portable Provider Independent IP Addresss
Get your own provider independent IP addresses and never renumber your network again. And still retain full flexibility to mix and change upstream carriers and move your traffic.