When do I use multiple network providers for branch offices and how do I take advantage of them? What modern network use-cases will influence my decision? Do new technologies such as SD-WAN enable better use of them? We’ll take a glimpse at that.
Multiple providers are used for branch offices for the same reasons as for data centers: redundancy and load balancing. Yet there are special needs for branches that we need to consider, such as the increasing use of cloud SaaS apps and demanding apps like video and voice.
As a refresher, the benefits of multiple providers for both data centers and branch offices are:
- Failover support with alternative network paths during failure. Failover policies are set up in a router.
- Load Balancing to provide efficient bandwidth utilization. This is also typically configured in a router to direct traffic to different connections to make efficient use of bandwidth and for different data and destinations.
Branch offices also have additional requirements.
They traditionally backhauled traffic back to data centers, which then send traffic to the internet. With the increased use of cloud-based SaaS apps, it is better to use direct internet access, rather than the “hairpin” traffic from the backhaul. To accommodate both data center and internet traffic and for redundancy, a branch requires at least two connections.
Unlike data centers, with somewhat predictable and controllable traffic patterns, branch offices need to accommodate traffic generated by end users who can behave in unpredictable ways. If a cafe provides public network access, customers may connect to its Wi-Fi and stream video or share large files. By examining traffic, data needs to be segregated so that low priority traffic can travel over one path and not clog up business-critical traffic such as voice or video over the priority path. A common technique to accomplish this is policy-based routing.
What type of connection to get?
What connection should the branches get, and should branch offices choose different ISPs? A branch may traditionally have an MPLS based primary connection to a data center. A supplemental connection for a direct internet connection can be via cable, DSL, or wireless.
When getting multiple connections to branch offices, avoid getting them from the same ISP. If there is an ISP-wide failure, then all links may fail, which defeats the purpose of having a backup connection.
Let’s consider a hypothetical branch design using three connections: A reliable MPLS connection links to a data center. There are two direct internet connections, which can be less reliable than MPLS, so act as a backup for each other.
While each connection serves a purpose, are the backup links sitting idle being wasted? In practice, can they all do some work?
Some people may be concerned that if a backup link stays idle or is underutilized if used for load balancing. Isn’t that a waste? You can’t have your cake and eat it too. This is an issue of managing risk, and a price to pay for reliability. Yet, don’t we want to make use of what we have? It’s possible for example, consider the case of two direct internet connections.
The primary direct internet connection may be a cable line to augment the primary MPLS network. What should the backup be for the cable line? An emerging alternative is to acquire an LTE wireless connection. Wireless download speeds in excess of 20 Mbps are possible, and by paying for use, costs can be controlled. Of course, the costs will depend on the contract, but it may be a convenient backup plan. For branch locations with constraints on connecting to a wired network, such as sub-tenants in a shopping center, this may be a simple solution.
Using SD-WAN solutions at the branch, it’s possible to aggregate all the links into one virtual link and start to disregard the performance differences between each link. If you don’t have SD-WAN, it’s still possible to utilize all the links, but the steering of packets won’t be dynamic or as transparent. But traditional routing methods still do work.
There are many other benefits for using SD-WAN. But getting independence of the transport for each link is a key capability, and even potentially moving away from relying on MPLS.
By using software and edge devices, it’s now possible to make flexible decisions on the transport. These two areas were independent but now can work in concert. In other words, getting the properly configured software and hardware will allow more choices in acquiring network services.
In summary, a contemporary branch network can use multiple network links to provide better reliable services that users expected today. New applications make demands that were not accounted for in old designs, so it’s time to revisit those assumptions as one examines a refresh of their network.