# XDR Interconnect Instances

Instances to interconnect govcloud with commercial

## Testing Performance

Easiest way to test performance is via iperf. One instance needs to act as a server. The security group should allow inbound port tcp/5001.
```
iperf -s
```

The second server will act as a client.
```
# test single connection performance
iperf -c 10.20.10.8 -w 2m -t 300s -i 1 --parallel 2 --enhanced

# test multithread performance
iperf -c 10.20.10.8 -w 2m -t 300s -i 1 --parallel 10 --enhanced | grep SUM
```

Notes:
* AWS ipsec VPNs have an aggregate throughput limit of 1.25Gbps
* Initial testing showed that multithread performance far exceeds single thread.

## Full Connectivity Update

There will be a brief (30s-90s) interruption to existing connections. It may be possible to 

1. Verify that nothing would be rebuilt
```
terragrunt plan
```
1. Make changes that would cause a rebuild, or taint one instance if you just want to replace it.
```
terragrunt taint aws_instance.interconnects[0]
```
1. Rebuild just one instance
```
terragrunt apply -target=aws_instance.interconnects[0]
```
1. Validate routing has come back up. 
```
# On interconnection node
sudo vtysh
sh ip bgp summary
# The Up/Down column should have times in all 5 entries
```
1. Repeat for other instances.