qstockmedia - Fotolia

Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

MPLS routing undergoes change, as SD-WAN gains traction

Enterprises are seeing cost-efficiencies as they transition their wide area networks to SD-WAN. What does this mean to MPLS routing?

Software-defined networking concepts, combined with the cost and bandwidth benefits offered by the internet and 4G LTE, have a created a new WAN architecture that is placing new attention on MPLS routing. The result, SD-WAN, makes it possible to reduce network operating costs, as well as decrease the time and effort required to bring up a new branch or update an existing network.

A large number of vendors now offer SD-WAN products -- ranging from Cisco and Silver Peak to startups, such as CloudGenix, VeloCloud and Viptela. All of these vendors' products take advantage of low-cost internet access and 4G Long Term Evolution (LTE) to make it more cost-effective for enterprises to connect their remote offices.

While features differ, all include a central controller and network edge elements. Some vendors implement the controller as a hardware appliance, while others do so as cloud-based or data-center-resident software. Each branch, central office and data center hosts one or more edge elements that also may be implemented as virtual machine software or as an appliance.

Controller location may differ, but, in each case, the controller's role is to configure each of the network edges and download to each edge element a set of policies that define the throughput and quality-of-service (QoS) requirements of each application used in the network. This approach eliminates the time-consuming process of updating each router individually onsite. In addition to configuring and updating sites, the controller collects statistics on link and application performance. Those statistics can then be presented to administrators to aid in maintaining network efficiency.

Enterprise traffic via the internet

The advent of SD-WAN means a recalibration of how enterprises deploy MPLS routing, which has been the most widely used WAN technology. It provides reliable performance, with QoS guarantees specifying throughput, delay and jitter. But it is expensive and time-consuming to install; setting up a new link can require months.

The advent of SD-WAN means a recalibration of how enterprises deploy MPLS routing, which has been the most widely used WAN technology.

Internet access is much less expensive and can be put in place more quickly. Price per megabit can range between one-tenth to one-hundredth the cost of MPLS routing, but internet links do not offer throughput and QoS guarantees. To that end, enterprise traffic moving across the internet shares the same links as movie downloads, streaming video and vacation-picture uploads.

Despite the lack of guarantees, SD-WAN customers have found that combining multiple internet or LTE connections alongside an MPLS link can achieve higher throughput and yield adequate QoS at a much lower cost than simply increasing MPLS capacity.

Customers recognize internet connection performance can vary, and they typically install two or more internet links, each connected to a different service provider. MPLS routing rarely experiences slowdowns, but they do occur; LTE performance can vary greatly. Experience has shown that during a period when one connection has slowed, another is usually exhibiting good performance. Periods when all are slow are relatively rare.

Edges direct the traffic via policies

Edges identify each data flow by the application that generated the flow, and then rely on the set of policies provided by the controller to determine the flow's throughput and QoS requirements. Edge functions constantly monitor link performance and direct each data flow to the link exhibiting the level of service appropriate for that flow. As a result, a data flow is not assigned to a specific link, nor does it necessarily remain on a single connection until completion. Forwarding decisions are made packet by packet. 

Customer-specified policies rank applications by order of priority in addition to defining QoS requirements. During periods when available performance across all links is not adequate to support total application performance, edge functions can slow down or terminate low-priority traffic to ensure adequate performance for high-priority applications. Some vendors use forward error correction and jitter buffering to maintain performance, despite very poor conditions across all links.

Bandwidth rationing and error correction are implemented for rare cases when all links are experiencing problems. But this situation is rare, and some customers have found they can remove the MPLS routing link based on experience with the internet.

Security is another critical issue. Edge services are carefully authenticated when installed to prevent rogue devices from infiltrating the network. All enterprise data is encrypted and links are segmented, so enterprise data is isolated from sources such as customer internet access. Enterprise traffic, such as personnel information, can also be isolated from other traffic.

Growth of SD-WAN expected to accelerate
SD-WAN deployments are projected to skyrocket in the next few years, with 30% of enterprises using the technology by 2019, compared to only a handful today, according to Gartner.

Cloud services and network virtual services

Although SD-WAN continues to gain traction within the enterprise, services such as Office 365 and Salesforce don't support  an edge function compatible with any SD-WAN vendor. This means a direct connection to any of these services would lose the ability to spread a flow across multiple links.

To address this problem and provide efficient access to these services, some SD-WAN vendors have implemented and installed cloud gateways that incorporate a vendor-compatible edge function. Flows spread across multiple links are reassembled in the gateway before being forwarded to the cloud service. Gateways are distributed geographically to provide high-bandwidth connections to popular cloud services.

Vendors have also implemented virtual network functions, such as firewalls or deep packet inspection, in the cloud. These services can be inserted into customer data paths to eliminate the need to install software or appliances in each branch office.

Next Steps

SD-WAN: What you need to know

Can you live without MPLS and still feel secure?

Successful WAN means careful study of options

This was last published in December 2016

Dig Deeper on Software-defined WAN (SD-WAN)