Connecting VPC to upstream networks (use one of two options)

Using a VLAN with public IP addresses (DMZ)

Netris VPC can use a traditional subnet or vlan with public IP addresses (a DMZ network) for upstream network peering.

logical diagram


physical diagram


BGP Upstream

BGP Upstream: overview

A BGP peering between Netris VPC and upstream routers is the most recommended option, especially for production use.

In this scenario, SoftGate nodes form BGP peering with upstream routers. Typically each BGP session will use an individual VLAN id and /30 subnet. Upstream BGP router should advertise the default route or full Internet table if necessary. Netris SoftGate nodes are designed to handle over 1M routes in the routing table and can perform as border routers for the full-view table. SoftGate nodes will automatically advertise public IP subnets in the current site as defined under the Net->IPAM section. Alternatively, you can optionally alter the default settings for full granular control over sent and received prefixes.

Logical diagram


Physical diagram


BGP Upstream: configuration

Your local public AS number is a site attribute located under the Net->Sites section. You can use the default private AS number or change to a real AS number depending on local network architecture needs.


BGP peers can be defined under the Net->E-BGP section.


Check BGP neighbor statuses under the Net->E-BGP


To check/trobleshoot BGP use Net->Looking Glass