1# Cloudflare Network Interconnect (CNI)
2 
3Private, high-performance connectivity to Cloudflare's network. **Enterprise-only**.
4 
5## Connection Types
6 
7**Direct**: Physical fiber in shared datacenter. 10/100 Gbps. You order cross-connect.
8 
9**Partner**: Virtual via Console Connect, Equinix, Megaport, etc. Managed via partner SDN.
10 
11**Cloud**: AWS Direct Connect or GCP Cloud Interconnect. Magic WAN only.
12 
13## Dataplane Versions
14 
15**v1 (Classic)**: GRE tunnel support, VLAN/BFD/LACP, asymmetric MTU (1500↓/1476↑), peering support.
16 
17**v2 (Beta)**: No GRE, 1500 MTU both ways, no VLAN/BFD/LACP yet, ECMP instead.
18 
19## Use Cases
20 
21- **Magic Transit DSR**: DDoS protection, egress via ISP (v1/v2)
22- **Magic Transit + Egress**: DDoS + egress via CF (v1/v2)
23- **Magic WAN + Zero Trust**: Private backbone (v1 needs GRE, v2 native)
24- **Peering**: Public routes at PoP (v1 only)
25- **App Security**: WAF/Cache/LB (v1/v2 over Magic Transit)
26 
27## Prerequisites
28 
29- Enterprise plan
30- IPv4 /24+ or IPv6 /48+ prefixes
31- BGP ASN for v1
32- See [locations PDF](https://developers.cloudflare.com/network-interconnect/static/cni-locations-2026-01.pdf)
33 
34## Specs
35 
36- /31 point-to-point subnets
37- 10km max optical distance
38- 10G: 10GBASE-LR single-mode
39- 100G: 100GBASE-LR4 single-mode
40- **No SLA** (free service)
41- Backup Internet required
42 
43## Throughput
44 
45| Direction | 10G | 100G |
46|-----------|-----|------|
47| CF → Customer | 10 Gbps | 100 Gbps |
48| Customer → CF (peering) | 10 Gbps | 100 Gbps |
49| Customer → CF (Magic) | 1 Gbps/tunnel or CNI | 1 Gbps/tunnel or CNI |
50 
51## Timeline
52 
532-4 weeks typical. Steps: request → config review → order connection → configure → test → enable health checks → activate → monitor.
54 
55## In This Reference
56- [configuration.md](./configuration.md) - BGP, routing, setup
57- [api.md](./api.md) - API endpoints, SDKs
58- [patterns.md](./patterns.md) - HA, hybrid cloud, failover
59- [gotchas.md](./gotchas.md) - Troubleshooting, limits
60 
61## Reading Order by Task
62 
63| Task | Files to Load |
64|------|---------------|
65| Initial setup | README → configuration.md → api.md |
66| Create interconnect via API | api.md → gotchas.md |
67| Design HA architecture | patterns.md → README |
68| Troubleshoot connection | gotchas.md → configuration.md |
69| Cloud integration (AWS/GCP) | configuration.md → patterns.md |
70| Monitor + alerts | configuration.md |
71 
72## Automation Boundary
73 
74**API-Automatable:**
75- List/create/delete interconnects (Direct, Partner)
76- List available slots
77- Get interconnect status
78- Download LOA PDF
79- Create/update CNI objects (BGP config)
80- Query settings
81 
82**Requires Account Team:**
83- Initial request approval
84- AWS Direct Connect setup (send LOA+VLAN to CF)
85- GCP Cloud Interconnect final activation
86- Partner interconnect acceptance (Equinix, Megaport)
87- VLAN assignment (v1)
88- Configuration document generation (v1)
89- Escalations + troubleshooting support
90 
91**Cannot Be Automated:**
92- Physical cross-connect installation (Direct)
93- Partner portal operations (virtual circuit ordering)
94- AWS/GCP portal operations
95- Maintenance window coordination
96 
97## See Also
98- [tunnel](../tunnel/) - Alternative for private network connectivity
99- [spectrum](../spectrum/) - Layer 4 proxy for TCP/UDP traffic
100