Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

A VPN connection is an encrypted and secure site-to-site virtual private network tunnel over the Internet. Monthly Recurring Cost is assessed on a per VPN tunnel basisunique customer gateway. When requesting a VPN, at no additional cost, a VPN setup is issued for the the secondary site. The minimum commitment period is 6 months. 

Overview:

Table of Contents
maxLevel2

Access Design

Delta1 TPIs are accessible via VPN gateways hosted at two US-based geographically separated sites. Each site hosts a a public gateway (with the exception of site-2 which hosts an additional gateway dedicated for the UAT Delta1 TPI, see Delta1 UAT VPN). For additional information regarding what services are available at each site please see Connecting to Services.

Panel
borderWidth0


Data CenterSite MonikerPublic Gateway
Equinix NY4Site-1vpn.site-1.onechicago.com
Equinix CH1Site-2vpn.site-2.onechicago.com


Suggested Customer Configuration

Both Production and Disaster Recovery Trading Platform Instances are available from VPN Site-1 and Site-2. When a customer requests a VPN setup, configurations are deployed at Site-1 and Site-2. This provides site-level (geographically diverse) redundancy for access to Delta1. Customers are encouraged to configure connectivity to both public gateways (vpn.site-1.onechicago.com, vpn.site-2.onechicago.com) and ensure the appropriate routing design to eliminate downtime in the event of a single site outage. Customers can elect to establish multiple customer gateways to support site-level redundancy for their source infrastructure. To determine what networks to route over VPN tunnels please see Required Networks and Ports.

Minimal Recommended Design 

In the below design, a customer has provided the exchange one (1) gateway from which their tunnel will initiate. The exchange has deployed two (2) configurations to support exchange side multi-site redundancy. The customer has configured two (2) exchange gateways to support active IKE security associations to each site.

Drawio
bordertrue
viewerToolbartrue
fitWindowfalse
diagramNameVPN Minimal Design
simpleViewertrue
width400
linksauto
tbstyletop
lboxtrue
diagramWidth669
revision3

Customer Multi-Site Redundant Design (Preferred)

In the below design, a customer has provided the exchange two (2) gateways from which their tunnels will initiate. The exchange has deployed four (4) configurations to support exchange side multi-site redundancy for each customer gateway. The customer has configured two (2) exchange gateways at each customer site to support active IKE security associations to each site. 

Drawio
bordertrue
viewerToolbartrue
fitWindowfalse
diagramNamePreferred VPN Design
simpleViewertrue
width600
linksauto
tbstyletop
lboxtrue
diagramWidth910
revision2

Supported Devices

A Customer selecting a VPN connection as its desired connection method is required to have an internet connection and one of the following manufacturers:

...