

New Heroku Lab: Containerized-Network - bencevans
https://devcenter.heroku.com/articles/containerized-network

======
donavanm
Interesting. The /30 ptp interface makes me suspect this is built on top of
vpc. The other end of the connection would be a dedicated nat "router"
instance. Efficiency would suck in that case.

They could use a larger shared vpc (say /24). configure all the "worker"
instance interfaces with the /30s and a couple "router" instances with
multiple vifs on the top half of those /30s. Much better efficiency and
availability story that way.

Or I guess they could have gone all the way and done some layer 3 encap. Nvgre
or l2tp maybe?

I'm curious what a promisc interface would see. Or poke around the
network/broadcast ranges. Or check out some ttl/ mss/options recon.

