nanog mailing list archives

Re: Cogent Layer 2

From: Rod Beck <rod.beck () unitedcablecompany com>
Date: Wed, 14 Oct 2020 18:03:41 +0000

I always heard this service was really Layer 3 disguised as Layer 2.

________________________________
From: NANOG <nanog-bounces+rod.beck=unitedcablecompany.com () nanog org> on behalf of Ryan Hamel <ryan () rkhtech org>
Sent: Wednesday, October 14, 2020 7:54 PM
To: Mike Hammett <nanog () ics-il net>
Cc: nanog () nanog org <nanog () nanog org>
Subject: Re: Cogent Layer 2

Mike,

Layer 2 is fine once it works.

  *
You will have to put up with whatever VLAN tags they pick, if you plan on having multiple virtual circuits on a 10G hub.
  *
They do like to see into the flows of traffic, as they only allow up to 2Gbits/flow, per there legacy infrastructure.
  *
If the circuit doesn't work on turn up (which is more than likely), you'll have to be abrasive with their NOC and 
demand escalations.

IMO, if it's 1Gbit or less per circuit and can deal with ^, you're fine, otherwise look for another carrier.

-----

Below is what I got from Cogent about their layer 2:

We offer Ethernet over MPLS transport utilizing Cisco FAT Pseudowire (Flow Aware Transport). Our service is a fully 
protected service, so if we suffer a fiber cut or other disruption along the primary path, our IS-IS IP fast-reroute 
enabled MPLS backbone will swing all traffic over to another pre-determined path across our backbone with usually no 
packet loss or disruption in service.

In order for our service to work correctly and provide the automatic redundancy, we need to verify that the traffic 
traversing the network can be hashed correctly by our routers. For this to happen, Cogent has to see the src-dst IP 
address or if you are running MPLS over the circuit, we need to see your MPLS labels. The hashing works by placing each 
flow of data on a separate 10GE or 100GE interface between the routers, so that traffic is evenly dispersed across all 
available capacity along the path. A flow is defined as a src-dst IP pair or a customer MPLS label, so the more IP 
pairs or MPLS labels, the better the traffic load-balances. Cogent has decided to impose a 2Gbps/flow restriction for 
our own traffic engineering purposes, which aim to make sure that no single customer can overrun a 10GE interface 
anywhere on our network (since we do not sell 10GE Wave services).

The reason we have the limitation in place is for our own traffic engineering purposes, which aims to make sure that no 
single customer can overrun a 10GE interface anywhere on our network (since we do not sell 10GE Wave services). Since 
most uplinks between routers are Nx10GE or Nx100GE, we want to make sure that all customer traffic can be load-balanced 
across the uplink capacity evenly, which makes it easier to reroute traffic in the event of a fiber cut or other 
disruption. One would think that with 100GE interfaces, it would not be possible to overrun the interface if we allowed 
full 10Gbps/flow, however most 100GE interfaces, at the chip level are broken down into 10Gbps lanes and the interfaces 
do not have a way to easily determine that a lane through the interface is at capacity, so as new flows enter the 
interface, they could get allocated to a lane that is already full and therefore experience packet loss.

So that we can complete our technical review for this request, need the following questions answered:

1 - What equipment will be directly connected to Cogent interface?

2 - How are the servers/equipment behind the edge device connected, GE or 10GE interfaces?

3 - Will you be doing any type of tunneling or load-balancing that would hide the src-dst IP addresses or MPLS labels 
of the servers/equipment?

4 - Will any single data flow (src-dst IP pair or MPLS label) be more than 2Gbps?

5 – What is the purpose of the connection? (Internet traffic backhaul, data center connectivity, replication, extending 
point-of-presence, etc..)

6 – Will you be running MACSec over our L2 service?

7 – Will you need to pass multiple VLANs and/or Jumbo frames?

----------

Ryan
On Oct 14 2020, at 10:36 am, Mike Hammett <nanog () ics-il net> wrote:
Are any legitimate beefs with Cogent limited to their IP policies, BGP session charges, and peering disputes? Meaning, 
would using them for layer 2 be reasonable?

-----
Mike Hammett
Intelligent Computing Solutions<http://www.ics-il.com/>
[http://www.ics-il.com/images/fbicon.png]
[http://www.ics-il.com/images/googleicon.png]
[http://www.ics-il.com/images/linkedinicon.png]
[http://www.ics-il.com/images/twittericon.png]

Midwest Internet Exchange<http://www.midwest-ix.com/>
[http://www.ics-il.com/images/fbicon.png]
[http://www.ics-il.com/images/linkedinicon.png]
[http://www.ics-il.com/images/twittericon.png]

The Brothers WISP<http://www.thebrotherswisp.com/>
[http://www.ics-il.com/images/fbicon.png]
[http://www.ics-il.com/images/youtubeicon.png]

Current thread:

Cogent Layer 2 Mike Hammett (Oct 14)
- Re: Cogent Layer 2 David Hubbard (Oct 14)
  - Re: Cogent Layer 2 Shawn L via NANOG (Oct 14)
    - Re: Cogent Layer 2 Robert Blayzor (Oct 15)
    - Re: Cogent Layer 2 Brandon Martin (Oct 15)
- Re: Cogent Layer 2 Dale W. Carder (Oct 14)
- Re: Cogent Layer 2 Ryan Hamel (Oct 14)
  - Re: Cogent Layer 2 Rod Beck (Oct 14)
    - Re: Cogent Layer 2 Ryan Hamel (Oct 14)
    - Re: Cogent Layer 2 Rod Beck (Oct 14)
    - Re: Cogent Layer 2 Ryan Hamel (Oct 14)
    - Re: Cogent Layer 2 Rod Beck (Oct 14)
    - Re: Cogent Layer 2 Radu-Adrian Feurdean (Oct 14)
  - Re: Cogent Layer 2 James Jun (Oct 14)
- Re: Cogent Layer 2 Mike Hammett (Oct 14)
  - Re: Cogent Layer 2 Ryan Hamel (Oct 14)
    - Re: Cogent Layer 2 Saku Ytti (Oct 14)
    - Re: Cogent Layer 2 Ryan Hamel (Oct 15)

(Thread continues...)