Tshirt with 'Thinking' progress bar

How Should You Be Thinking About Your WAN?

Tshirt with 'Thinking' progress barFor a twenty year period that began in the mid-1980s the enterprise WAN went through a series of transitions, starting with Time Division Multiplexing (TDM) based on T1 access and then moving on to Frame Relay, ATM, and finally to MPLS. Unfortunately, over the last decade there hasn’t been a new transmission service introduced into the market, nor are there any in the pipeline. This lack of new transmission services means that if you are a WAN architect you have to be asking the question: Are there any alternative designs for my company’s branch office WAN?

WAN design goals & concerns

In order to evaluate alternative branch office WAN designs, it is helpful to understand what’s impacting the WAN. The 2014 State of the WAN Report reported on a survey in which the survey respondents were asked to indicate the factors that are impacting their WAN. In descending order of importance, those factors were:

  • Improve application performance
  • Support real-time applications such as voice and/or video
  • Support mobile workers
  • Reduce cost
  • Increase availability
  • Provide access to public cloud computing services
  • Prioritize business critical application traffic
  • Increase security

What ONUG overlooked

In October 2014 the Open Networking User Group (ONUG) published a white paper entitled Software-Defined WAN Use Case. One thing that this white paper did was to identify six WAN architectural models. While I generally really liked the white paper, I have some minor concerns with the WAN designs ONUG discussed in it, and a major concern with a WAN design they left out.

The design that was left out occurs when a branch office’s WAN connectivity is provided by multiple Internet connections. This design tends to be low cost, but it raises a number of concerns, such as the uptime of the WAN. One way to improve WAN uptime is to use multiple ISPs, and to use a different access service with each ISP; e.g., DSL, cable, 3G/4G. To me, this is a viable and important WAN design option.

While having multiple Internet connections is a viable design, most branch office networks will be based on MPLS, or some combination of MPLS and the Internet. My previous blog post pointed out the key concerns that network organizations have with each of those WAN services. In the case of MPLS those concerns are cost, uptime, and the lead time to implement new circuits. In the case of the Internet, those concerns are uptime, latency, and security. So the question facing all WAN architects and engineers is how to respond to all these factors by taking maximum advantage of the strengths of MPLS and the Internet, while minimizing the weakness of each service.

ONUG WAN Designs

One of the designs that the ONUG paper did identify was one having two T1 access lines, each of which go to different MPLS providers. This is certainly a viable option — as long as you don’t think that having multiple MPLS providers is going to dramatically increase availability. Availability is not dramatically increased in this design because the way that access links into a branch office are engineered means all of the MPLS access links are likely to share the same conduit for a few miles. The result is that if a major problem occurs, such as a backhoe cutting the conduit, it will cause an outage on all of the MPLS links. While it is usually possible to get fully diverse routing into a building, this option is typically only used for a data center because of the high cost.

Another design that the ONUG paper identified was having multiple T1 access lines to an MPLS provider and a single Internet access link that runs over either a DSL or a cable connection.  One attractive thing about this design is that it combines the perceived security of MPLS with the low cost and quick installation associated with the Internet. However, it did seem strange to me that while Internet access over 4G was included in another one of the ONUG WAN designs, it was not an option in this design. To understand why that concerns me, assume that a branch office had multiple T1 access lines to an MPLS provider and also had Internet access that runs over DSL. Similar to what I discussed above, this design doesn’t have a notably high level of availability because it is highly likely that the DSL link is in the same conduit as the MPLS access links and hence subject to the same situations and outages that impact the MPLS links. To increase availability, a better option would be to have the Internet access be based on 4G as that is inherently routed differently than the MPLS access lines.

Another interesting WAN design that was not mentioned in the ONUG white paper is to combine some of the approaches described above. Such a design would have multiple T1 access links, potentially to alternative MPLS service providers, and multiple Internet access links to alternative ISPs each of which uses a different access service.

Additional Functionality

As described, being able to dynamically load-balance traffic over multiple transmission services that wherever possible are diversely routed provides great value. However, in my next post I’ll explain that there is additional functionality that network organizations should be looking at to add yet more value to their branch office WAN.