For geographically distributed companies, the decision to move to an SD-WAN is a no-brainer. Cost savings is certainly a factor as is greater network and business agility. However, one of the perceived “key features” of SD-WAN, active-active configurations, needs to be well understood and implemented the right way to realize success.
For decades there was one and only one way to architect a wide area network with multiple paths and that was to deploy the two links in an “active-passive” mode with one active link and the ability to fail over to the backup or passive link would happen only when the primary connection failed. Many SD-WAN solutions leverage an always-on VPN overlay across both circuits simultaneously, with more advanced solutions employing something called dynamic path selection (DPS) to route different types of traffic down the separate links. For example, unified communications and video traffic, which are two of the biggest drivers for SD-WAN adoption, could be routed down MPLS, while best effort traffic is sent over an Internet link. Because both links are actively sending traffic at the same time, this architecture is known as active-active. This makes sense but there are some scenarios where problems can still occur. This includes situations where two wired broadband circuits are not possible, where there is a desire for greater path diversity, and where overall cost and availability are a higher priority than network performance.
Companies are wise to look beyond DPS to SD-WAN solutions that employ even more advanced features like tunnel bonding where a virtual overlay can utilize all available bandwidth of two or more WAN transport links to deliver greater performance than each individual underlay link, path conditioning to correct for lost or out of order packet to make broadband and wireless links perform as well or better than private circuits and traffic shaping to assure quality of service and provide continuous transport monitoring, automatically adapting to changing conditions.
This advanced set of features and capabilities provides companies with the flexibility to leverage any combination of WAN transport, enabling the routing of particular traffic across all or specified links, with the ability to utilize a range of WAN transport links including, DIA, consumer broadband 3G/4G and soon 5G or satellite, delivering the highest quality of experience to users. By using an always on overlay and enabling applications to maintain state and seamlessly switch paths in under a second from the moment a WAN issue is detected, network and application availability is also greatly increased. This overcomes one the biggest shortcoming of the legacy “active-passive” approach, which often created several minutes of downtime during link failures, causing applications to reset because they couldn’t survive the transition, impairing user productivity.
Whichever configuration of SD-WAN is implemented, it is critical to understand that the benefits of SD-WAN are further optimized when coupled with WAN optimization, so I always recommend the two should go together. WAN optimization can often prevent failover by improving the performance of all underlay links even under increased load conditions. Also, while bandwidth is plentiful in metro connections, global or even some nationwide connections may still rely on T1s or E1s so the bandwidth of the primary connection is 1.5 or 2 MB. It’s rare to find a company paying for trans-oceanic links for more than 10MB because of cost. WAN optimization can help squeeze more traffic over these links and greatly improve overall network performance. Acceleration and QoS have been around for decades now and I’m continually surprised when I run into companies that aren’t taking full advantage of both.
With the ability to optimize all underlay links, the company must then determine how it wants to allocate available bandwidth based on the type of network service available and the unique business needs of the company and branch.
If budget is limited, then the best configuration would be to augment the primary circuit with something like cable or DSL and run in active-active mode as the cost of the connection is flat rate regardless of the volume of network traffic. In fact, an MPLS + broadband hybrid WAN configuration is often the first step in migrating to an all broadband WAN. The downside of services like DSL and cable is that the throughput and performance can vary greatly depending on location and time of day, because they have shared service elements that are often oversubscribed.
If budget isn’t an issue and the company is concerned about network resiliency and cost effectiveness, a better option would be something like satellite or cellular (3G/4G) connectivity as it won’t be impacted by a facilities issue. These services are typically low cost but are often metered services so the more bandwidth that is used, the more expensive the service gets. Putting a metered connection in an active-active configuration could potentially cost an organization thousands per link per month and obviate any other cost savings gained by shifting to an SD-WAN.
Below is a summary of how highly distributed businesses should approach the use of multiple WAN links:
- Ensure WAN optimization is integrated into any SD-WAN plan
- If more bandwidth is needed in an MPLS network, use an active/active hybrid WAN model by adding broadband with an eye towards transitioning to all broadband in the future
- If resiliency and cost efficiency is more important than bandwidth needs then use active/active with 3G/4G and/or satellite connectivity
- If the company wants to achieve both consider MPLS + broadband + cellular / satellite and architect a network that is active/active
It’s important to note that the last configuration may seem like the best option, but it is the most expensive one. In summary, all organizations should be looking at leveraging the benefits of an SD-WAN but how the multiple connections are used should depend on the needs of the company now and into the foreseeable future.