
Cloudflare Network Interconnect - adspedia
https://blog.cloudflare.com/cloudflare-network-interconnect/
======
zaroth
So I currently rent data center space which includes 100Mbps (95th%) on a
1Gbit drop in a full rack with 4kW of power for about $500/month.
Interconnects within the building (an IX where CloudFlare resides) I think
cost maybe $100 a month or in that range.

Since CloudFlare apparently doesn’t charge for peering, does that mean I can
rent the fiber for $100/mo and get a interconnect into CloudFlare’s backbone,
and gain access to publically routable unmetered 10GBe with my own IP cloaked
behind CloudFlare?

Obviously at some point they have to charge for bandwidth, maybe I’m just
wildly misunderstanding the offering, but where does pricing come in?

~~~
parliament32
You'll only be able to route traffic to their IP ranges, they're not offering
to be a gateway for you.

~~~
Wintereise
But their hosted / proxy solution effectively makes them a gateway for you
(albeit HTTP only)?

~~~
parliament32
That solution, yes, but this is specifically peering for origins that are
behind their proxy defense product. They won't route traffic that's not
destined for their IP ranges. Further, they'll probably only advertise their
backend ranges so you won't even be able to get the front of other CF-hosted
sites.

------
exabrial
> We have had an open peering policy for years with any network and will
> continue to abide by that policy

FTA, didn't know this... explains how they took over the world though

~~~
virtuallynathan
Almost any content-heavy network operator will do this, its free bandwidth.

------
vinay_ys
I can see how this can be quite successful. On the one hand, private
interconnect from your DC to a nearby Cloudflare PoP can be cheaper per Mbps
or Gbps of bandwidth provisioned and hence can help reduce your overall
network bandwidth costs. But on the other hand, you have to pay Cloudflare for
their services and since they are bundling a lot of complex services they can
justify charging a lot more than what a typical ISP's fees per Mbps of
Internet would be.

If they succeed in attracting a lot customers to ride on their private network
across any geography, over time their network will have the same jitter
performance issues like Internet. If they grow too big, then they would have
effectively privatized large parts of the Internet. That cannot be good for
anyone.

------
redm
I really love this offering and I don't think it gets enough attention. We are
an on-prem company and we use CloudFlare. Our users pay for that latency (in
time) for us to traverse our IP providers to get to a CF pop. Since all our
traffic goes over CF, directly connecting makes a lot more sense. I'm going to
investigate further for the latency benefits.

I've also backhauled lots of IP over the years and it can be a real pain.
Fiber cuts are common, keeping redundant wave service or dark fiber drives up
the cost, and in the end, its often cheaper to hand off to an IP providers
meshed network, then to backhaul any distance for latency.

------
gpm
> What’s the difference between CNI and peering?

I don't understand the answer here, can someone explain for us non-networking
folk?

~~~
eastdakota
Generally, peering is how we connect with network providers like ISPs. CNI is
for Cloudflare customers. Technically, they're trying to accomplish the same
thing. Logistically, the way they're done could be the same — through a
private network interface (a piece of fiber between our network and our peer
or customer's) — or could be different (e.g., we'd be more likely to connect
to a peer over an Internet Exchange (IX) where we'd be more likely to connect
with a customer over a cloud network exchange). We generally hadn't offered
peering or any other way to directly connect to Cloudflare's network to anyone
but our largest customers in the past. CNI opens up who can take advantage of
this faster, more secure, more consistent path much more broadly.

~~~
lpage
It's fantastic that Cloudflare is offering this. You might want to reconsider
calling it CNI, or at least clarify that CNI is just an umbrella term for PNI
and/or public peering. I'm the person that handles the PNI/IX stuff and after
reading the article but before reading your comment I wasn't 100% sure if CNI
was something Cloudflare specific (which we wouldn't immediately adopt) or
PNI/public peering at an IX (which we would).

------
EE84M3i
Due to the focus on security, I'm curious about customer isolation here. When
you do interconnect with a cloud provider, it's traditionally into a VPC. Does
cloudflare have a similar concept in play?

How, for example, am I prevented from setting up a CDN configuration and/or
EdgeWorker that talks to someone else's "private" (or non-internet routable)
IP addresses? From the article it sounds like edge nodes have routeability to
them, so is there some additional layer of packet encapsulation/tagging or
something performed by proxy server?

~~~
matsur
Specific isolation mechanisms depend on what products a customer is using. In
general, there is additional encapsulation happening as data is ingested and
before it's sent onward to customers.

~~~
EE84M3i
Neat! It would be interesting to see some writing about this in the future.

------
cbg0
If I'm understanding this CNI + Magic Transit correctly, it seems that
Cloudflare is moving towards becoming a fully-fledged ISP.

~~~
johnklos
An ISP is an Internet Service Provider. Cloudflare wants people to use their
services and boasts that these are "safe" because you're not "directly
exposed" to the Internet. In other words, they're proprietary.

The problem with all of this, regardless of whether Cloudflare is good or
evil, is that it's a huge tie-in. Once companies are using some or all of
Cloudflare's offerings, they're stuck. Should Cloudflare go down, there's
nothing anyone can do but wait.

Also, when companies have deployed proprietary, non-standard solutions, moving
will be expensive and arduous, and Cloudflare will jack up prices.

They're not becoming an ISP at all. They're becoming a service provider, sure,
but of proprietary stuff intended to lock people in to using them and only
them.

~~~
vinay_ys
You are right. They are renting dumb fiber interconnects between their PoPs,
their datacenters and to various IXs and then they are asking their customers
to rent dumb fiber interconnects from _their_ offices and datacenters to
connect with nearest Cloudflare PoPs and then use their proprietary services
within that network, usually to reach eyeball networks (the end user ISPs). In
this way, they slowly become the largest customer of transit ISPs and become
the largest content providers for eyeball-ISPs. Once they get into this
dominating position, they can pretty much command those ISPs on price and
terms.

------
nayuki
An image on the page has some weird text that seems to say milliseconds-
squared: "The variation in delay of received packets (or jitter) decreased
from 82.9ms² to 0.3ms²". Maybe they are quoting variance instead of standard
deviation?

~~~
wmf
Is that a footnote not a square?

~~~
nayuki
Good guess, but I can't find any footnote named "2" on the page.

------
m3kw9
Hmm still don’t get how and why this is needed or not already there: a network
to connect to another network.

~~~
whalesalad
Would you rather drive from LA to SF by driving straight north? Or would you
like to make a pit stop in Dallas first?

Same principle applies. Lower latency if you have a direct connection. It
makes sense when you send a lot of traffic between the two locations and don’t
want a lot of hops.

------
rorozozo
How is this different than SD WAN? or is this CF's version of SD WAN?

------
Jnr
I read it and all I see is “Cloudflare VPN”. Am I missing something?

~~~
aseriesoftubes
It's a similar concept, except for a couple of key things:

1) It's not virtual: it's a physical interconnect between two networks.

2) It doesn't allow for public internet connectivity out. So this is basically
a way for customers to connect their networks to Cloudflare's to receive the
benefits of our DDoS protection, firewalls, cache pulls, etc.

But it does allow for traffic to flow back from Cloudflare to a connected
network over a dedicated link (which can, and often is private).

------
gambler
Remember: Cloudflare has been loosing millions of dollars each year they
existed.

[https://www.sec.gov/Archives/edgar/data/1477333/000119312519...](https://www.sec.gov/Archives/edgar/data/1477333/000119312519222176/d735023ds1.htm)

 _" As we continue to invest in our business, we have incurred net losses of
$17.3 million, $10.7 million, and $87.2 million for 2016, 2017, and 2018,
respectively. For the six months ended June 30, 2018 and 2019, our revenue
increased from $87.1 million to $129.2 million, an increase of 48%, and we
incurred net losses of $32.5 million and $36.8 million, respectively. "_

The fact that they are injecting themselves into more and more basic internet
infrastructure is genuinely scary.

~~~
MikeCapone
That's a misunderstanding of how companies at this phase of growth work. They
are only "loosing" money because they invest so much in growth. If they slowed
down growth, they could be profitable (they have 78% gross margins), but over
time, it creates more value to keep investing at this phase of things and
become profitable later, when they're more mature and the land-grab phase is
over.

~~~
danShumway
I'm not sure I understand how that's different than what GP is saying.

Cloudflare is aggressively investing into growth during the 'land-grab' phase
of development so that they can become one of, if not the, dominant player in
regards to this kind of core Internet infrastructure. They view the 'land' of
Internet infrastructure as a limited resource, and they want to own all of it.

I'm seeing a comparison to Amazon, but that doesn't make me feel better.
Amazon's aggressive expansion has been a net negative for multiple segments of
the market -- particularly e-books and audio books.

What makes Cloudflare's growth strategy less concerning when compared to
companies like Amazon and Uber? Aren't they all still basically trying to
become indispensable private monopolies within their given niches?

~~~
treis
They make a profit of 30 million in 6 months before Sales and marketing
expenses. So they charge more money than it costs to provide their services.

When you look at Sales/Marketing expenses it changes depending on your
perspective (and underlying facts). It could be that they are spending ~60
million a year to get ~100 million NPV worth of customers. In that case,
they're not losing money. They're making an investment that will return cash
in future years. On the other hand, that 60 million could represent a bunch of
discounts and incentives. Then they'd be selling $1 worth of stuff for $0.90
and once they stop doing that their market share evaporates.

