Software-defined WAN has become popular for connecting remote sites to corporate data centers and to the internet. But before committing to a big rollout, you should verify each SD-WAN vendor's claims with your organization's mix of applications. Some pre-rollout SD-WAN testing can help you make the right choice.
SD-WAN routers support multiple types of interface links, such as MPLS, VPN via one or more internet broadband carriers, or VPN via cellular wireless. The routers are controlled and configured from a central controller, which may be on premises or provided as SaaS.
While enterprises are attracted to SD-WAN features, some vendors may have slightly different characteristics. As you conduct SD-WAN testing, be sure to measure these items before a full SD-WAN rollout:
- Rapid failover from a failed link/path to an operational path.
- Highly reliable packet delivery, where packets are duplicated over multiple links.
- Segregation of traffic types to different links, which keeps sensitive applications from being affected by bulk data applications.
- Low-cost links, primarily via broadband internet.
- Centralized control of many SD-WAN routers, which reduces management costs.
- Improved application performance through WAN optimization.
- Increased throughput by using multiple parallel links.
- Direct internet access and corporate network access.
How to perform SD-WAN testing
How do you know a proposed SD-WAN implementation will work for your organization? The best way to answer that question is with formal SD-WAN testing during a proof of concept (POC) in which you deploy SD-WAN to a few sites to evaluate its performance. This will mean procurement of some additional links. But it's the only way to accurately measure the performance difference against your current implementation or against each other.
This article is part of
You should have realistic expectations of what SD-WAN will do for your applications. For example the latency between Sydney and New York City is going to be high, and interactive applications will be slow over this path. Packet loss may be high for connections to geographic regions that have poor network infrastructure, causing TCP-based applications to perform poorly. Measurements before and during a POC will help set expectations with your organization's leadership.
Start by creating an SD-WAN test plan for your desired characteristics, and create a baseline of your current network's characteristics. An active path testing tool is best because it can emulate applications either through actual or synthetic network transactions.
Ideally the testing tool can create different types of traffic -- such as real-time, application and bulk data -- so that the SD-WAN's handling of each traffic type can be evaluated. An alternative tool is Ping with a fast timeout, but it can't emulate different traffic types. Measure the characteristics that are important to you. Applications that use TCP are affected by packet loss, while real-time voice and video are more tolerant.
9 steps of SD-WAN testing
1. Rapid failover
Measure packet loss of the critical applications when forcing the failure of the primary link. How much packet loss was experienced, and how long did it take to fail over? If you're looking at voice continuity, then some packet loss might be OK since codecs can handle random packet loss. TCP-based applications are much more sensitive to packet loss.
2. Reliable delivery
As you measure packet loss when failing the primary link, note that the latency over multiple parallel links will be different and may affect some applications. The SD-WAN system should transparently handle the sending and receiving of packets over multiple paths.
3. Segregation of traffic
Configure the SD-WAN system to segregate the traffic over different paths. For example, real-time traffic, such as voice and video, should take the low-latency link. Application traffic should take a reliable path. Bulk data should take a low-cost path.
You will need more advanced testing tools than Ping to verify that each traffic type is taking the desired path. Also test traffic segregation in conjunction with failover testing to understand how applications affect each other when link failures occur.
4. Low-cost links
Run your critical business applications over an SD-WAN low-cost path, typically an internet-based VPN. Does it have acceptable performance? Don't forget to measure performance at busy times of the day for the internet, like just after school is dismissed in different regions. You'll want to use this testing to determine if you need a different service, like MPLS, for your applications.
5. Centralized control
Evaluate the SD-WAN configuration and control system. How easily does it perform all functions across all SD-WAN elements? Is it cloud-based or on premises? What happens if your network connection to the cloud is down? Are there differences between the cloud-based controller and the on-premises version? How easy is it to manage your expected number of SD-WAN elements?
During your SD-WAN tests, learn what tools are available for troubleshooting and monitoring. Make sure you can identify the path that a specific application's traffic is taking.
6. WAN optimization
If the SD-WAN includes WAN optimization, work with your vendor to determine what types of optimization are performed and how you can test their performance. You'll want to know how well it works for your applications. If the application traffic is encrypted, the WAN optimization system may be unable to improve performance. Similarly, real-time traffic like voice and video may not be optimized because of the random nature of the data content.
Verify that the throughput of the SD-WAN meets the demands of your remote users. SD-WAN devices are essentially a "bump in the wire," and their performance must provide sufficient bandwidth for applications you need to support. If you need to increase overall throughput by using multiple parallel links, then the links should be no more than two times different in speed. Otherwise applications will suffer from out-of-sequence packet arrival.
8. Direct internet access
An advantage of SD-WAN is direct access to internet-based cloud providers of XaaS-based applications. Your SD-WAN testing should include an evaluation of how well this access works, compared with traffic that goes via your other mechanisms. Don't forget to evaluate the security of direct connectivity.
9. Results compilation
The final step is to compile the results and communicate them to your organization's leaders. This is where expectations should be set. Like any new technology, the results can vary. Work with the vendors during the POC to make sure your implementation emphasizes the strengths of their product and minimizes their weaknesses. A methodical SD-WAN testing process will guarantee that you understand which products work best for your organization.