The 2020 WAN takes shape - SDN, virtualisation, and hybrid WANs
- 15 August, 2015 00:49
The gold standard for corporate networks today is MPLS, but carrier pricing issues and MPLS's failure to play well with new, cost-efficient forms of network access are causing problems for the legion of enterprise customers that rely on it.
- TDM dedicated access (T-1 and DS3) is expensive; Ethernet access isn't universally available and, though economical on an ongoing basis, can cost a bundle (and take months) to install because only about half of the major commercial buildings in the US are served by fiber.
- It takes a lot of CPE and management to integrate MPLS with broadband public Internet access, which is widely available and fast, but doesn't come with robust SLAs (other than site availability).
- MPLS itself may not require a lot of management, but the CPE that accompanies it does.
- The explosion of collaboration tools like Skype for Business and cloud based apps are straining capacity and management. The desire to leverage today's robust software/cloud applications is driving a need for more sophisticated routing schemes and greater control over how WAN traffic is handled.
It's not clear how fast MPLS will go the way of Frame Relay and ATM, but changing apps and bandwidth needs, coupled with the impending disappearance of TDM access, will soon force enterprises to embrace a set of technologies -- software defined networks ("SDN"), virtualisation, and hybrid WANs -- that address many of MPLS's cost and performance issues. Together they are likely to be very big very soon, initially as part of "managed solutions" and then on an unbundled basis.
Software Defined Networks
SDN basically separates the brains (the network control function) from the body (the data plane). The biggest thing in network architecture since packet switching, SDN will become predominant in corporate networks by 2020 or shortly thereafter.
The guts of a modern network are the routers, which receive streams of data and send (route) them on their way. In the legacy -- e.g., Cisco -- world, the routers don't just do routing, they also have a lot of control (and other) software and application-specific integrated circuits (ASICS), pretty much all of which is proprietary. In the SDN world, a centralized controller houses most of the software/brains and basically runs everything -- often using open source software -- and the routers are relatively dumb "appliances" (they can even be virtual, and in fact SDN is frequently tied to Network Function Virtualization, which is touched on below). In sum, SDN separates the control from the flow.
That may not sound like a big deal, but the difference turns out to have enormous financial and technical implications.
First, SDN routers cost less than half as much as proprietary routers, a cost advantage that is not overcome by the expense of separate SDN controllers. And open source software is far cheaper than Cisco's or Juniper's or anyone else's secret sauce. The savings from "genericization" may be small in the beginning because of the need to invest in new equipment, but in the medium to long run it will be large.
Second, if you want to upgrade the software on a standard network or install a new app you have to upgrade each of hundreds, or thousands, of routers. If you want to upgrade an SDN network you just upgrade the software in the central controller(s). Much faster, cheaper and less prone to errors. Moreover, network functionality can evolve more rapidly when it's tied to software rather than hardware (like ASICs). And centralized control offers the potential for substantial automation and standardization, potentially reducing the demand for scarce (and expensive) network engineers.
Third, centralized control leads to much more efficient use of bandwidth because the centralized controller has a view of the traffic flowing through the network, rather than just knowing what's coming from and going to its immediate neighbor. Google famously increased the utilization of one of its WANs from 60% to 95% by switching to SDN, almost halving its WAN costs per unit of traffic (see "Google's software-defined/OpenFlow backbone drives WAN links to 100% utilization").
Centralized control also permits advanced traffic engineering -- to the point of allowing an enterprise to customize routing by application and time of day -- and faster rerouting if part of the network goes down or becomes congested. And it makes SDN networks a lot easier to scale than traditional networks.
Open source software's cousins in the server world are virtualization and "appliances." They are not the same, but the theory/business case behind both is the replacement of customized, proprietary, single-purpose servers/routers with generic hardware on which you run software -- proprietary or open source -- that gives the box the functionality of a specialized server/router without the price tag. Network Function Virtualization (NFV) is already becoming pervasive in carrier networks, and will dominate them before the decade is out.
Hybrid WANs -- not new, but enhanced
A lot of the early use cases for SDN and virtual routers involved data centers and carrier networks, but given our focus, it is the WAN developments that excite us. When you apply SDN to WAN design, the resulting separation of network control/intelligence from the underlying media paves the way for enhancements that address many pressing WAN concerns -- business continuity/disaster recovery, application (including cloud) performance, bringing new locations online quickly and cheaply, and network reconfiguration.
The "hybrid WAN" as a concept has been energized by the emergence of Cloud services, the lure of low cost, high speed Internet circuits, and SDN. A hybrid WAN combines 'traditional' network transport (including MPLS) with substantial use of dedicated and broadband Internet access. It frequently involves two connections to each site, which can be selected according to traffic type and performance parameters.
The obvious -- but not only -- payoff from this is the ability to bring branches and other remote sites on line quickly and inexpensively in places where broadband dedicated access is expensive or can take a long time to implement or both (e.g., when you want Ethernet Access at a site and discover there's no fiber to the building and it will take 6 months and $25,000-$100,000 to get it there).
Hybrid WANs can also make better use of wireless LTE access, even to MPLS, and they allow users to allocate premium MPLS bandwidth to applications that really need it, mitigating the need for costly port or circuit upgrades or allowing for a reduction in MPLS bandwidth (and cost). For many enterprises, a hybrid-WAN is also a way to begin abandoning the back-haul architecture that MPLS networks often employ to access Internet based services.
Hybrid WANs predate SDN, and can be implemented without SDN. But setting up policy based routing and the right mix of traffic off-load required engineering expertise and was relatively static. SDN makes it possible to manage and route globally from a single location/controller, and considerably enhances the hybrid-WAN concept.
As already mentioned, SDN's centralized control/management facilitates simpler and easier configuration and oversight of branches or remote locations, including: much improved path selection/prioritization; better monitoring; cheaper CPE; and simpler/faster upgrades (because if you're changing a control function you only have to update one machine, not dozens or hundreds). In sum, SDN makes hybrid WANs compelling.
Issues? What issues?
There are several:
- The CapEx associated with new hardware and software. Fortunately, engineers have figured out how to combine SDN and traditional networks, which allows for gradual transition rather than expensive and nail-biting flash cuts.
- A shortage of SDN-conversant engineers. It happens every time there's a network technology transition. Give it a few years. In the meantime, this means that most initial deployments will be on a managed services basis, dominated by the major carriers and systems integrators.
- Service Levels. Internet access (like mobile services) comes without meaningful SLAs. That drives network engineers nuts (their spiritual ancestors are all Bell System geeks). But the absence of service levels in the transport layer doesn't necessarily kill quality of service; it just means that you engineer it through network controllers using their ability to prioritize, optimize paths, route around network congestion/failure, etc. If you just can't abide the idea of consumer-like broadband offerings, dedicated Internet access can provide a comforting half-way house -- it offers meaningful SLAs, but at a price.
- Bandwidth and Contention. With cable broadband service a set of interconnected subscribers typically share a connection to the closest node. This means that the traffic from one site contends with (and its speed can be compromised by) traffic from other sites connected to the same node. The issue is most relevant to consumer broadband services, where the difference between uplink and downlink speeds needs to be factored into bandwidth requirements. In the future, high speed fiber-to-the-premise services like Google Fiber (1Gbps) could have a huge impact here, but as yet these are not widely available.
- Broadband Availability. Internet connectivity using broadband cable remains close to its residential roots and consumer focus, meaning that business-class cable connectivity is not ubiquitously available even at corporate locations within a cable provider's franchise territory.
- Contracts. Yes, they'll look different. To give just two examples, you need to A) develop and negotiate controller SLAs that take into account the benefits of SDN engineering as well as the usual transport SLAs; and B) plan/time the transition to an SDN WAN so you don't incur shortfall or early termination charges on your existing infrastructure. There is also going to be a transition involving what enterprises are offered or may have to accept for very low cost broadband circuits compared to highly negotiated, less carrier-biased MPLS contracts. If you're nervous we're here to help.
There are already enterprises that use the public Internet as their WAN transport layer (with tunneling/encryption for security), and some combination of hybrid WAN and SDN seems poised to make that a real choice for most enterprises by the end of the decade, if not before. The bandwidth hunger of Cloud-based apps, fixed/mobile integration, and organic growth are accelerating demand for lower cost and improved performance. SDN, virtualization and WAN hybridization are the most promising ways to get us there.
Levine is a partner in Levine, Blaszak, Block & Boothby, LLP, where he has spent the past 23 years focusing on assisting enterprise users in complex telecommunications procurements and disputes with carriers. He can be reached at firstname.lastname@example.org.