You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: src/content/docs/reference-architecture/diagrams/network/optimizing-roaming-experience-with-geolocated-ips.mdx
+5-5Lines changed: 5 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -12,20 +12,20 @@ updated: 2024-12-13
12
12
13
13
## Introduction
14
14
15
-
A private APN enables devices, like connected vehicles, connected containers, healthcare devices or drones, to be connected while roaming across different countries. The device connects with a SIM or eSIM card to a dedicated network and as the device moves to a new country, it automatically selects the appropriate private APN for the local provider.
15
+
A private [Access Point Name](https://en.wikipedia.org/wiki/Access_Point_Name) (APN) enables devices, like connected vehicles, connected containers, healthcare devices or drones, to be connected while roaming across different countries. The device connects with a SIM or eSIM card to a dedicated network, and as the device moves to a new country, it automatically selects the appropriate private APN for the local provider.
16
16
17
-
APN traffic, typically managed by a third party provider such as a telecommunications company, is routed through specific regional Internet breakouts to get access to the Internet. This architecture can create challenges in regards to the localization of that traffic. For example, a device roaming in France, might have traffic exit to the Internet from a UKbased Internet breakout. Therefore web sites and other Internet services will treat the device as if it is in the UK, and deliver content in the wrong language or apply regional restrictions.
17
+
APN traffic, typically managed by a third party provider such as a telecommunications company, is routed through specific regional Internet breakouts to get access to the Internet. This architecture can create challenges in regards to the localization of that traffic. For example, a device roaming in France might have traffic exit to the Internet from a UK-based Internet breakout. Therefore web sites and other Internet services will treat the device as if it is in the UK and deliver content in the wrong language or apply regional restrictions.
18
18
19
-
In this document, we'll discuss how Cloudflare can be used to solve this problem and we will use the example of a service provider using private mobile networks [Access Point Names](https://en.wikipedia.org/wiki/Access_Point_Name) (APN) to connect devices roaming across multiple countries through regional Internet breakouts. This use case is relevant to global enterprises with regional offices, transportation fleets with connected vehicles, or any organization needing to maintain consistent, secure, and region-specific connectivity for roaming devices.
19
+
In this document, we'll discuss how Cloudflare can be used to solve this problem and will use the example of a service provider using private mobile networks (APNs) to connect devices roaming across multiple countries through regional Internet breakouts. This use case is relevant to global enterprises with regional offices, transportation fleets with connected vehicles, or any organization needing to maintain consistent, secure, and region-specific connectivity for roaming devices.
20
20
21
21
![Figure 1: Showing how Internet breakouts can present an egress IP that doesn't match the country the device is in.](~/assets/images/reference-architecture/optimizing-roaming-experience-with-geolocated-ips/figure1.svg"Figure 1: Showing how Internet breakouts can present an egress IP that doesn't match the country the device is in.")
22
22
23
23
# Correctly locate and secure devices by connecting them to the Cloudflare global network
24
24
25
-
Cloudflare addresses these challenges by routing device traffic from the Internet breakout to our global network, where traffic is processed at a Cloudflare data center close to the Internet breakout. This allows for two benefits.
25
+
Cloudflare addresses these challenges by routing device traffic from the Internet breakout to our global network, where traffic is processed at a Cloudflare data center close to the Internet breakout. This allows for two benefits:
26
26
27
27
1. Cloudflare can analyse the traffic, determine the original country of origin, and then ensure that traffic egresses onto the Internet from an IP address that is geolocated to the same country of origin.
28
-
2. Cloudflare can filter traffic based on [secure web gateway](/cloudflare-one/policies/gateway/) policies, allowing you to protect devices from access risky Internet hosts. It also allows you to lock down access for devices to specific Internet hosts, such as only allow devices to make requests to APIs that support their function.
28
+
2. Cloudflare can filter traffic based on [secure web gateway](/cloudflare-one/policies/gateway/) policies, allowing you to protect devices from accessing risky Internet hosts. It also allows you to lock down access for devices to specific Internet hosts, such as only allow devices to make requests to APIs that support their function.
29
29
30
30
The architecture diagram below provides a visual representation of this solution, showing how traffic from various countries — routed via different mobile network APN — is directed through Internet breakouts. Cloudflare optimizes and secures the Internet connection by leveraging [geolocated public IPs](/cloudflare-one/policies/gateway/egress-policies/dedicated-egress-ips/), ensuring that the traffic is secure and regionally localized to the device location.
0 commit comments