FlexTunnel – Knowledgebase

Knowledgebase Contents

Overview

FlexTunnel is an automated, virtual connectivity service that allows customers to quickly establish controlled connectivity to Inter.link without relying on physical ports, cross connects, or on-site installation work.
The primary use case enabled by this approach is off-net access to Inter.link’s carrier-grade DDoS protection, where customers can integrate quickly and apply routing based traffic redirection only when mitigation is required.

Benefits

  • Service integration without physical cross connects
  • Fast time to market through automation
  • Purpose built tunnel layer for DDoS protection use cases

Primary Use Case: DDoS Protection over FlexTunnel

One of the primary use cases for FlexTunnel is off net access to Inter.link’s DDoS Protection service.

In this scenario, FlexTunnel provides the access layer and return path for clean traffic, while routing based traffic redirection using BGP is applied only during mitigation events. When a DDoS attack occurs, affected IP prefixes are redirected to Inter.link for scrubbing, malicious traffic is filtered, and only clean traffic is returned to the customer through the tunnels.

This allows customers to retain their existing upstream providers and network autonomy while benefiting from Inter.link’s carrier grade DDoS mitigation capabilities without physical connectivity.

Compatibility and Integrations with Inter.link Services

FlexTunnel is designed as the primary connectivity option for off net consumption of Inter.link DDoS Protection.

DDoS Protection is ordered independently of FlexTunnel and determines the customer’s protection tier and features.

Service Boundaries and Expectations

FlexTunnel is intended to provide a controlled integration layer rather than a connectivity replacement. Traffic profiles, routing behavior, and performance characteristics are defined by the consuming service and by the public Internet paths used to establish the tunnels.

Customers seeking sustained high throughput, full transit replacement, or strict latency guarantees should use physical connectivity options instead.

Availability and Limitations

FlexTunnel is available as a virtual service and does not require physical connectivity to Inter.link. It is provisioned through an automated, software driven process and establishes tunnels between the customer and Inter.link tunnel endpoints. Traffic inside the tunnel is handled within the Inter.link network.

FlexTunnel is not designed to replace physical cross connects or high capacity links and does not provide Layer 2 connectivity or deterministic end to end performance guarantees. Technical limitations such as reduced MTU and tunnel specific constraints apply. Any routing or traffic redirection is configured by the service using FlexTunnel and is not part of FlexTunnel itself.

Technical Dependencies and Components Required

  • Customers must be able to establish IP connectivity to the selected Inter.link tunnel endpoints over the public Internet.
  • FlexTunnel is implemented using GRE tunnels and requires customers to configure GRE termination on their network equipment.
  • Customers must provide at least one public IPv4 address as the tunnel source address. IPv6 is supported inside the tunnel but not as an underlay for tunnel establishment.
  • Inter.link provides the tunnel endpoint addresses and assigns the overlay IP addresses used inside the tunnel.
  • Due to tunneling overhead, the effective MTU is reduced. Customers are responsible for configuring appropriate MTU settings and TCP MSS clamping where required.
  • FlexTunnel does not provide routing by default. Any routing configuration, such as BGP sessions or prefix announcements, is defined by the service using FlexTunnel.
  • When FlexTunnel is used for services that require routing control, such as DDoS Protection over GRE, customers must be able to establish BGP sessions over the tunnel and manage prefix announcements accordingly.
  • FlexTunnel operates as a virtual service and does not involve physical ports, cross connects, letters of authorization, or on site installation work.

Service Delivery Time

The service is activated immediately, as soon as it is ordered through the portal.

Billing

FlexTunnel service pricing is expressed as a per Mbps unit fee, based on the size of the committed data rate (CDR) configured for each tunnel. Customers select a committed capacity that reflects their expected clean traffic volume delivered over the tunnel. Higher committed rates benefit from lower per Mbps pricing.

FlexTunnel allows bursting above the committed data rate. Traffic exceeding the ordered CDR is charged at a higher per Mbps burst rate. Usage is measured using the industry standard 95th percentile methodology. Burst usage is calculated as the difference between the measured 95th percentile value and the ordered CDR.

FlexTunnel pricing covers the delivery of clean traffic from Inter.link to the customer over upstream and peering links and is independent of physical ports and IPv4 address allocation. When used together with DDoS Protection, FlexTunnel covers the delivery of mitigated traffic, while DDoS Protection is billed separately according to the selected service tier.

How to Order through the portal

FlexTunnel can be provisioned through the Inter.link portal. Below are the steps explaining how to do this.

Setting up an account in the portal is the very first step and this is explained in the Using the Portal section of the knowledgebase.

    Step 1

    Click on ‘Add a Service’ and select ‘FlexTunnel’

    Step 2

    Select your desired location.

    Step 3

    Enter your GRE Tunnel Source IP, select your bandwidth, and decide whether you want aggregated billing.

    Step 4

    Enter your BGP session details.

    Step 5

    Place your order.