Peering has evolved as an effective method to optimize network infrastructure and improve the performance of software and digital products in today's digital landscape, where connectivity is critical for corporate growth and success.  But what is peering, and why is it so crucial for businesses?

The Importance Of Network Connectivity For Businesses

Peering can be defined as the connection between two networks, enabling them to communicate directly with each other.  Let's consider a scenario where a business has an on-premises network and desires expansion, whether to another on-premises office or a cloud environment.  Peering allows for secure communication between the Cloud and on-premises infrastructure. It eliminates the requirement for a complete migration to the Cloud by seamlessly integrating the Cloud into the existing infrastructure.  As a result, businesses can continue to leverage their on-premises resources while gradually transitioning to the Cloud at their own pace or just extending on-prem networking possibilities with new Cloud capabilities.

In case of multi-cloud environments, establishing peering connection is also the way to create connections between required providers network. Of course, if needed, on-prem can also be connected to this whole network mesh.

The value of peering becomes even more evident when we consider the numbers.  According to Equinix's Global Interconnection Index (GXI) report, enterprise industries are projected to consume 43% of interconnection bandwidth, surpassing service providers.  Additionally, they are forecasted to grow global interconnection bandwidth at a 40% five-year CAGR, reaching 27,762 Tbps, equivalent to 110 zettabytes of data exchanged annually.

Connectivity and network optimization driving global forecast

This forecast indicates the significant role that peering plays in network optimization and future-proofing businesses.  Organizations can unlock various benefits that directly contribute to their success by embracing peering.

1. Improved Performance: With 5.18 billion active internet users globally, the demand for reliable and efficient network connectivity is higher than ever.  Peering enables businesses to enhance network performance by reducing latency and improving routing efficiency and data transfer speeds.  This translates to faster access to critical resources, enhanced user experiences, and increased customer satisfaction.

2. Enhanced Security and Privacy: In the age of increasing cyber threats, security and privacy are paramount concerns for businesses and their customers.  Peering promotes secure communication by establishing dedicated connections between networks.  This reduces the risks of transmitting data over public networks and enhances overall data protection.

3. Access to Cloud Capabilities: As digital transformation spending is projected to reach $2.8 trillion by 2025, businesses need to leverage the power of the Cloud to drive innovation and growth.  Peering with cloud providers like Google Cloud Platform empowers organizations to integrate their existing infrastructure with cloud capabilities seamlessly.  This enables businesses to leverage Cloud's scalability, flexibility, and advanced services without fully migrating their operations.

Factors such as the projected acceleration of enterprise interconnection bandwidth demand and the increasing reliance on digital infrastructure underscore the critical role of peering in driving network optimization and overall business success.  This article will explore the benefits of peering and demonstrate how our expertise with the Google Cloud Capabilities can help your business.


Google Cloud Capabilities for Creating Peering Connections: Bridging On-Premises with the Cloud

Our prior experience creating peering connections comes from working with one of the of largest cloud providers, Google Cloud Platform. Each cloud provider typically offers specific out-of-the-box options for configuring peering connection between networks or subnets within the same provider, which can be easily implemented as long as they do not overlap.  Google Cloud offers a range of capabilities for establishing peering connections, including dedicated interconnect, partner interconnect, VPC peering, and VPN for all possible business scenarios. Now, let's delve into these solutions in more detail, starting with the ones that are easier to configure and progressing to the more complex options.

VPC peering

VPC peering in Google Cloud Platform offers businesses a secure, efficient, and simplified method for establishing private connections between VPC networks.  Whether for multi-project collaboration, data migration, or hybrid cloud architectures, VPC peering provides a reliable solution for secure and direct communication between VPCs within Google Cloud, empowering businesses to optimize their network infrastructure and streamline data exchange processes.

Key Features:

Secure Communication: VPC peering establishes private, encrypted connections between VPC networks within Google Cloud, the preferred way to establish connection between two GCP VPC. This ensures that data transmitted between VPCs remains safe and protected from unauthorized access.

Private IP Connectivity: With VPC peering, VPC networks can communicate using their private IP addresses as if they were part of the same network. This allows seamless and efficient data transfer between VPCs without public internet access.

Shared Resources: VPC peering enables sharing resources such as virtual machines (VMs), subnets, and other services across VPC networks. This promotes collaboration and simplifies the management of multi-tiered applications spread across different VPCs.

Benefits and Use Cases:

1. Simplified Network Architecture: VPC peering simplifies network design by eliminating the need for complex VPN configurations or setting up dedicated interconnects. It provides a straightforward and efficient way to connect and communicate between VPCs within Google Cloud.

2. Multi-Product Collaboration: VPC peering facilitates collaboration between different organizational products. It allows VPCs from separate products to communicate securely with each other, enabling teams to work together seamlessly while maintaining data privacy.

3. Multi-Tier Application Deployment: VPC peering is particularly useful for deploying multi-tier applications where different tiers reside in separate VPCs. It enables efficient communication and data transfer between the application tiers while maintaining network isolation and security.

4. Data Migration and Hybrid Architectures: VPC peering is crucial in data migration strategies and hybrid cloud architectures. It allows for seamless data transfer between on-premises environments and Google Cloud VPCs, ensuring a smooth transition and integration of workloads.

Drawbacks:

Only GCP Networks Peering: as the name says, this option is available only for peering connection across GCP VPC networks.

Subnet routes that can be exchanged cannot be selected: VPC Network Peering doesn’t provide granular route controls to filter out which subnet CIDR ranges are reachable across peered networks. It needs to be done using firewall rulesOnly directly peered networks can communicate: Transitive peering is not supported. In other words, if VPC network N1 is peered with N2 and N3, but N2 and N3 are not directly connected, VPC network N2 cannot communicate with VPC network N3 over VPC Network Peering.

Cloud VPN - Peering Swissknife

Businesses have access to a safe and dependable way to connect their on-premises networks to the Cloud via VPN connectivity. VPNs make secure data transmission, site-to-site connectivity, and remote access situations possible thanks to their support for commonly used VPN protocols, compatibility with various VPN devices, and simplicity of configuration. VPNs offer an easy and cost-effective method for creating private, encrypted connections between on-premises networks and Google Cloud, preserving the privacy and integrity of data while in transit for enterprises with low traffic requirements.

Key Features:

Secure Connectivity: VPNs establish encrypted connections over public networks, ensuring the confidentiality and integrity of data transmitted between on-premises networks and Google Cloud. Cloud VPN only supports IPsec. Other VPN technologies (such as SSL VPN) are not supported.

Compatibility: Google Cloud VPN supports industry-standard VPN protocols, making it compatible with many VPN devices and solutions. This flexibility allows businesses to leverage their existing VPN infrastructure or choose from various vendor options that best suit their requirements.

Easy Configuration: Setting up VPN connectivity in Google Cloud is straightforward and can be done using the Cloud Console or command-line tools. The intuitive configuration process enables businesses to establish secure connections without extensive network expertise quickly.

Benefits and Use Cases:

Secure Data Transfer: VPNs provide a secure channel for transferring data between on-premises networks and Google Cloud. This is particularly important when handling sensitive information, ensuring that data remains protected during transit.

Site-to-Site Connectivity: VPNs enable businesses to connect multiple on-premises sites to Google Cloud or a network that is located in another provider (like AWS or Azure Cloud), creating a seamless and private network environment. This facilitates the integration of geographically distributed locations, enabling efficient collaboration and data sharing.

Remote Access: VPNs also support remote access scenarios, allowing authorized users to connect to the corporate network from remote locations securely. This is particularly useful for remote employees or users accessing resources in the Cloud while ensuring data privacy and security.

Cost-Effective Solution: VPNs provide a cost-effective connectivity option for businesses with moderate traffic requirements. Compared to dedicated connections like Direct Interconnect, VPNs offer a more affordable solution for establishing secure connections between on-premises networks and the Cloud.

Drawbacks:

Relatively low transmission speed: Each Cloud VPN tunnel supports up to 250,000 packets per second for the sum of ingress and egress traffic. Depending on average packet size in the tunnel, up to 250,000 packets per second per tunnel is equivalent to between 1 Gbps and 3 Gbps of bandwidth, while the 3-Gbps limit refers to bits per second. So, in case of enterprise on-prem to cloud connection, it is preferable to consider other options.

Does not support client-to-gateway scenarios: Cloud VPN only supports site-to-site IPsec VPN connectivity, subject to the requirements listed in this section. It does not support client-to-gateway scenarios. In other words, Cloud VPN doesn't support use cases where client computers need to "dial in" to a VPN by using client VPN software.

Cloud Interconnect

Dedicated Interconnect and Partner Interconnect are two options for connecting on-premises networks to Google Cloud, each catering to different bandwidth requirements. Dedicated Interconnect provides a direct and effective solution for businesses with high bandwidth needs, while Partner Interconnect allows connectivity through a service provider, offering flexibility in location and capacity. Both options ensure reliable, secure and private connectivity to Google Cloud.

In the following text, we will provide a more detailed explanation of each connection option, highlighting its features and benefits.

Partner Interconnect

Partner Interconnect allows businesses a reliable and secure means to connect their on-premises networks with Google Cloud.

Whether for hybrid cloud deployments, large data transfers, or enhanced network reliability, Partner Interconnect provides organizations with a robust solution to enhance their network connectivity and leverage the full potential of the Google Cloud Platform.

Key Concepts:

1.  Partner Network: Partner Interconnect utilizes a partner's network infrastructure to establish connections between on-premises networks and Google Cloud.  These partners are authorized service providers who have direct peering relationships with Google.

2. Dedicated Connection: With Partner Interconnect, businesses can establish dedicated and private connections with Google Cloud using their partner's network.  This connection bypasses the public internet, ensuring secure and reliable data transmission.

3. High Bandwidth Options: Partner Interconnect offers a range of bandwidth options, allowing businesses to choose the capacity that suits their needs.  Bandwidth options can vary from 50 Mbps to 50 Gbps, enabling organizations to scale their network capacity accordingly.

Benefits and Use Cases:

1. Enhanced Performance and Reliability: Partner Interconnect provides a reliable, high-performance connection between on-premises networks and Google Cloud.  Organizations can experience low latency, reduced packet loss, and improved overall network performance by utilizing a dedicated connection.

2. Secure Data Transfer: Partner Interconnect ensures secure data transmission by utilizing a private connection rather than relying on the public internet.  This reduces the exposure to potential security risks associated with transmitting data over public networks.

3. Hybrid Cloud Deployments: Partner Interconnect enables seamless integration between on-premises infrastructure and Google Cloud for businesses adopting a hybrid cloud strategy.  It allows organizations to extend their network into the Cloud, facilitating hybrid deployments and data exchange between environments.

4. Large Data Transfers: Partner Interconnect is ideal for transferring large volumes of data between on-premises networks and Google Cloud.  With its high-bandwidth options, businesses can efficiently migrate large datasets, perform backups, or replicate data on time.

5. Global Connectivity: Partner Interconnect is available in multiple locations globally, allowing organizations to establish connections from various geographic regions.  This enables businesses to benefit from Google Cloud services regardless of location.

Dedicated Interconnect

This feature provides a dedicated physical connection between on-premises data centers and Google Cloud.  Dedicated Interconnect allows organizations to establish private, high-performance connections to the Cloud with guaranteed bandwidth.  This option is ideal for companies that require large data transfers and want to eliminate network congestion and bottlenecks.

Key Concepts:

1.  Dedicated Connection: Dedicated Interconnect allows businesses to establish a dedicated physical connection between their on-premises network and Google Cloud.  This connection is private, bypassing the public internet, ensuring the security and reliability of data transmission.

2. High Bandwidth Capacity: Dedicated Interconnect offers high-bandwidth options, allowing organizations to transfer large volumes of data quickly and efficiently.  Bandwidth options can range from 10 Gbps to 100 Gbps, allowing businesses to scale their network capacity according to their needs.

3.  Google Partner Connections: Dedicated Interconnect requires the involvement of a Google Cloud Partner who operates a colocation facility and provides physical connectivity.  These partners have established connections with Google's network infrastructure, ensuring a direct and optimized path for data transfer.

Benefits and Use Cases:

1. Enhanced Performance and Reliability: Dedicated Interconnect provides a dedicated and private connection between on-premises networks and Google Cloud.  This results in low latency, reduced packet loss, and improved overall network performance, enabling organizations to achieve optimal application performance and user experience.

2. Secure Data Transfer: Using a private connection, Dedicated Interconnect ensures that data transfers between on-premises networks and Google Cloud are secure and protected.  The dedicated nature of the connection minimizes the risks associated with transmitting data over public networks, enhancing data privacy and compliance.

3. High-Speed Data Transfer: With high-bandwidth capacity options, Dedicated Interconnect is well-suited for organizations that require fast and efficient data transfer between their on-premises infrastructure and Google Cloud.  It enables rapid migration of large datasets, backups, disaster recovery, and real-time data replication.

4. Hybrid Cloud Deployments: Dedicated Interconnect is particularly beneficial for businesses adopting a hybrid cloud strategy.  It provides a dedicated link between on-premises environments and Google Cloud, enabling seamless integration, workload mobility, and data exchange between the two environments.

5. Global Reach: Dedicated Interconnect is available in various locations globally, allowing businesses to establish connections from multiple geographic regions.  This global reach enables organizations to extend their network into Google Cloud, regardless of their physical location, and leverage the full benefits of Google Cloud services.

Google Cloud: Enhanced Connectivity & Performance with Internet Exchange Points, Latency, Bandwidth, Routing Efficiency, Cost Savings, Scalability in Dedicated vs. Partner Interconnect

Drawbacks:

Relatively expensive: Both interconnect solutions are more expensive compared to VPN when creating a peering connection with on-prem.

Cloud Interconnect does not encrypt traffic by itself: You can deploy HA VPN over Cloud Interconnect if you need to encrypt the traffic carried by your VLAN attachments. HA VPN over Cloud Interconnect is supported for both Dedicated Interconnect and Partner Interconnect.

Also, it is worth mentioning “Cloud Peering” (“Direct” and  “Carier“), whichallow creation of connections from on-prem to cloud. You might consider these options if you do not need RFC1918-to-RFC1918 private address connectivity and your current connection to Google Cloud does not perform well. In this case, peering may be your best connectivity option. Conceptually, peering gets your network as close as possible to Google Cloud public IP addresses. Peering has several technical requirements that your company must meet to be considered for the program. Also, it is the preferred option over “Interconnect” if access to Google Workspace required.


Techstack Experience

Based on our experience, Partner and Dedicated Interconnect are the most reliable solution with the highest transition speed for enterprise solutions in the case of on-prem to cloud peering connection.

For instance, we encountered a situation where we needed to grant our client's on-premises network access to the Cloud. And in this case, we had not only the actual users, but also IoT devices in a factory that required high-speed connectivity, which Partner Interconnect efficiently provided (due to a lack of Google PoP nearby, it was decided to go with Partner connection). We also had a scenario where the partner changed, and we were able to change a connection to another GCP partner without any impact on reliability or down-time on production users.

Furthermore, Partner Interconnect allowed us to connect not only to on-premises networks, but also to Azure Cloud. So, in this case, the GCP interconnect partner was like a connectivity center for three large networks: on-premises, Google Cloud, and Azure. This solution ensures both security and fast connections between these networks for specific routes.

In addition, we utilized VPN solutions to access subnets within our client's large GCP network, including management and support of applications running on the Kubernetes cluster.  For example, we used a VPN connection for a team located in Europe, while the main office is located in the US and is using a Partner Interconnect solution to access to GCP environment. The decision to use a VPN connection was driven by the needs of the small team, cost-effectiveness, and ease of configuration.  In cases where there are small teams located worldwide, we typically configure private, secure connections to the Cloud using VPN.

VPN is the versatile way to go for most use-cases. Some small remote teams need quick and cheap access to the Google Cloud? You need to connect your GCP network to a network that is served by another providers? Or maybe you are in a big enterprise with complex infrastructure in GCP with dozens of VPCs across multiple organizations peered together and now you need to make them accessible from on-prem via hub-and-spoke network topology? These are common use cases we have implemented for our customers, where a VPN might be not just the best, but the only option for establishing a peering connection.

VPN solutions offer advantages in terms of cost-effectiveness and ease of setup.  They are particularly suitable for Proof of Concept (POC) startups and small companies that must establish a peering between the cloud and on-premises networks.  However, it's important to note the drawbacks, such as the relatively small transition speed, 1 to 3 Gbits/sec.

And, of course, we have also encountered cases where network peering was utilized to connect two existing networks within the Cloud. For example, when the same customer absorbed another company that had all infrastructure in GCP, we were able to quickly and easily connect them via VPC peering by making a few network configuration adjustments. So in this case, peering becomes the best option to facilitate communication between the networks reliably, cost-effectively, and securely.


Conclusion

Ultimately, the peering solution you require depends heavily on your prerequisites and circumstances. It's important to consider that the "best practice" may not always align with the specific needs of your clients. For example, if you're a small company connecting to the GCP, Dedicated/Partner Interconnect may not be a worthwhile investment. Similarly, if you're an enterprise seeking GCP access without making substantial investments in Proof of Concept (PoC), Dedicated/Partner Interconnect may not be the most practical choice.

Another consideration arises when you're designing your GCP infrastructure and managing multiple departments, each requiring its own Virtual Private Cloud (VPC). In such cases, creating a centralized Shared VPC might offer better long-term maintenance and cost-effectiveness.

In summary, carefully evaluate your requirements and consider the trade-offs before determining the most suitable peering solution for your situation.If you are interested in learning more about how our Cloud & DevOps services can help your business get the most out of peering, please visit our service page or contact us for personalized assistance. Feel free to schedule a consultation to discuss your business needs further.