Connecting to Cloudflare with Megaport
Megaport makes it easy to provision fast, secure, and private connections to Cloudflare through our global software-defined network (SDN). As part of the Cloudflare Network Interconnect (CNI) Partner program, Megaport provides customers with direct, private access to the Cloudflare infrastructure.
The benefits of direct connectivity to Cloudflare through Megaport include:
- Private access that bypasses the public internet.
- High performance and predictability for your network.
- Improved data and operational security.
- Flexible and scalable cloud networking.
- Consistent connectivity while scaling bandwidth to Cloudflare. This means no downtime when you need to increase or decrease your speed.
- Connect to multiple regions from a single interconnection point, which uses multi-region redundancy at a fraction of the cost.
Availability
Cloudflare Network Interconnect is available in these locations with Megaport:
Asia Pacific
Singapore, Equinix SG1
Sydney, Equinix SY 1/2
Tokyo, Equinix TY2
Europe
Amsterdam, Equinix AM1
Frankfurt, Equinix FR5
London, Telehouse North
North America
Ashburn, Equinix DC/6
Chicago, Equinix CH1/2/4
Los Angeles, Equinix LA1
Miami, Equinix MI1
New York City, Digital Realty NYC2
San Jose, Equinix SV1/5/10
Seattle, Equinix SE2
Toronto, Equinix TY2
Prerequisites
Before you begin, notify Cloudflare. If you are an existing Cloudflare customer, contact your Cloudflare Account Manager.
If you are a new business looking to use Cloudflare Network Interconnect (CNI) to connect securely and reliably with Megaport, you can email Cloudflare directly. In addition to performance benefits, Cloudflare services include Magic Transit, authenticated origin pulls for large content delivery network (CDN) customers, and Cloudflare for Teams.
If you are a new business that requires a public peering service, you can request peering service. Examples include ISPs, service providers, large networks, and CDNs that exchange a significant amount of data.
After you notify Cloudflare, ensure you have a Megaport connection:
- Port – You can create a 1 Gbps or 10 Gbps Port onto the Megaport network, with Virtual Cross Connects (VXCs) that connect your data center and a Cloudflare location. 100 Gbps Ports are available in limited locations. If you haven’t already created one, see Creating a Port.
- MCR – An MCR enables data transfer between multicloud and hybrid cloud environments, network service providers, and cloud service providers. For more information, see Creating an MCR.
Note
Public ASNs are required.
Creating a connection to Cloudflare
The easiest way to create a connection between Megaport and Cloudflare is with a service key. A service key includes the essential configuration details and automates much of the configuration process. After obtaining the service key from Cloudflare, you can create a VXC from the Port or MCR to Cloudflare.
To request a connection to Cloudflare
- Contact Cloudflare to obtain a service key.
- In the Megaport Portal, go to the Services page.
- Select the Port or MCR for the connection and click +Connection.
- Click Enter Service Key and click Next.
-
Enter the key provided by Cloudflare.
Megaport validates the key. For more information about using a service key, see Setting up Service Keys. -
Click Next.
-
Specify the connection details:
-
Connection Name – The name of your VXC to be shown in the Megaport Portal.
-
Service Level Reference (optional) – Specify a unique identifying number for your Megaport service to be used for billing purposes, such as a cost center number, unique customer ID, or purchase order number. The service level reference number appears for each service under the Product section of the invoice. You can also edit this field for an existing service.
-
Rate Limit – The speed of your connection in Mbps. Accepted values start at 1 Mbps and scale in 1 Mbps increments. Maximum available speed depends on location and service availability. Note the sum of all hosted virtual VXCs to a service can exceed the Port capacity (1 or 10 Gpbs) but the total aggregate will never burst beyond the Port capacity. Higher speeds might be available depending on location and Port capabilities.
-
VXC State – Select Enabled or Shut Down to define the initial state of the connection. For more information, see Shutting Down a VXC for Failover Testing.
Note
If you select Shut Down, traffic will not flow through this service and it will behave as if it was down on the Megaport network. Billing for this service will remain active and you will still be charged for this connection.
-
Preferred A-End VLAN – The VLAN for this connection that you will receive through the Port.
This must be a unique VLAN ID on this Port and can range from 2 to 4093. If you specify a VLAN ID that is already in use, the system displays the next available VLAN number. The VLAN ID must be unique to proceed with the order. If you don’t specify a value, Megaport will assign one.Alternatively, you can click Untag. This selection removes the VLAN tagging for this connection but also means that only one VXC can be deployed on this Port. You must use untagged VLANs if you are creating a MACsec connection.
-
Minimum Term – Select No Minimum Term, 12 Months, 24 Months, or 36 Months. Longer terms result in a lower monthly rate. 12 Months is selected by default. Take note of the information on the screen to avoid early termination fees (ETF).
Enable the Minimum Term Renewal option for services with a 12, 24, or 36-month term to automatically renew the contract at the same discounted price and term length at the end of the contract. If you don’t renew the contract, at the end of the term, the contract will automatically roll over to month-to-month contract for the following billing period, at the same price, without term discounts.
For more information, see VXC Pricing and Contract Terms and VXC, Megaport Internet, and IX Billing.
-
Resource Tags – You can use resource tags to add your own reference metadata to a Megaport service.
To add a tag:- Click Add Tags.
- Click Add New Tag.
- Enter details into the fields:
- Key – string maximum length 128. Valid values are a-z 0-9 _ : . / \ -
- Value – string maximum length 256. Valid values are a-z A-Z 0-9 _ : . @ / + \ - (space)
- Click Save.
If you already have resource tags for that service, you can manage them by clicking Manage Tags.
Warning
Never include sensitive information in a resource tag. Sensitive information includes commands that return existing tag definitions and information that will identify a person or company.
-
-
Click Next.
The summary page shows the monthly cost.
- Click Add VXC to move the configuration to your cart.
- Click Review Order to continue through the checkout process, or create a new connection.
- Review the Order Services agreement and click Order Now.
Once you deploy a VXC connection to Cloudflare, you need to configure the Layer 3 BGP connectivity between your network equipment and Cloudflare, including a Public ASN and Public IPs to peer with Cloudflare.
Redundancy
To establish full redundancy between your data center and Cloudflare, we recommend deploying redundant VXCs between two different Cloudflare regions (or availability zones within a region) and two corresponding Ports at each Megaport-enabled data center.
Cloudflare Frequently Asked Questions (FAQs)
Does Cloudflare offer BYOIP?
Cloudflare is a public service, so you can use your own public IPs.
Does Cloudflare support public or private ASNs?
Cloudflare supports public ASNs. If you are using a public ASN, you must own it. Cloudflare will verify ownership for Magic Transit before announcing network routes.