Cisco Subnet An independent Cisco community View more

Knocking down MPLS myths, concluded

Next-generation Enterprise WAN architecture and Network-as-a-Service leveraging public Internet mean reliable enterprise WANs no longer exclusively the domain of MPLS.

We've now spent a number of columns covering the issues surrounding the myths of why enterprises "need" MPLS. We'll conclude this topic by addressing the issue of having a single place to point the finger when something goes wrong with the WAN.

There is at least one advantage of having a "single throat to choke." If there is a major outage and you lose connectivity to one or more of your enterprise locations, you can point to that provider and say to your boss "it was their screw-up." In other words, the major advantage is CYA, rather than maximum uptime and reliable, predictable connectivity.

If you have an MPLS network with no backup connections, then in fact you are entirely dependent on your MPLS provider. Most providers will commit to an SLA (Service Level Agreement) with a 2 or 4-hour MTTR in the event of a failure. But this is more CYA than guaranteed uptime, since said SLA isn't worth that much more than the paper it's printed on, as you will merely get a credit on your monthly bill if/when they don't perform, rather than getting your connectivity back within 2 to 4 hours, which is what you actually care about.

Consequently, those who care greatly about reliability will usually have a backup network – typically IPSec-based VPNs over the public Internet – to handle those cases when the MPLS network does stop working for some reason.

A second, different reason some IT managers like to be able to point to the MPLS provider is that they don't have available resources, such as an in-house expert at managing WANs. In that case, there is great appeal to having the telecom service provider essentially delivering that expertise. You pay for this privilege, of course. Where several years ago, before the advent of broadband, this premium was not particularly high, these days it is enormous, with MPLS typically priced at 30x-100x the price/bit of Internet service.

So if cost is no object, your bandwidth needs are low, and you either don't have sufficient expertise in-house to do ongoing management of the WAN or you care about reliability only to a point, then the "single throat to choke" of an MPLS provider may well still be for you.

That noted, there are now alternative ways that offer more in the way of greater bandwidth, lower cost, higher reliability and a superior answer for leveraging public cloud services and SaaS.

If you care enough about reliability to have an IPSec-based backup VPN deployed today, then a hybrid WAN leveraging the Next Generation Enterprise WAN (NEW) architecture is a possibility. By definition you've got multiple WAN connections to enable higher reliability. Rather than have those Internet connections simply be backups, to be used only when a primary MPLS connection fails, thanks to NEW architecture technology like WAN Virtualization, they can be actively used providing additional WAN bandwidth as long as they are working well.

Of course, with this approach you could eventually choose to eliminate MPLS altogether, without sacrificing reliability or performance predictability. But even if you want the comfort factor of having MPLS around "forever", the question becomes: why spend 100% of your WAN budget on bandwidth that is 100 times the price per bit just to handle the ~1% of the time when Internet connectivity doesn't perform well?

Instead, you can keep MPLS around, but using the NEW architecture, you can allocate, say, ~60% of that budget to those very expensive MPLS bits (e.g. using 1 x T1/E1 at all smaller locations, and fract-T3 at larger locations), and apend the other ~40% of your budget on the far cheaper Internet bits. Thanks to the NEW architecture, you will have more bandwidth, lower cost/bit, lower total cost and higher reliability than putting all your eggs in a single MPLS provider basket. As your bandwidth needs grow, spending on MPLS can be capped, with additional bandwidth from the various flavors of Internet connectivity available.

Alternatively, if you don't have in-house resources to manage the WAN, or if high-performance, predictable access to cloud-services or SaaS are critical to you now and you don't want to go the build-it-yourself full NEW architecture approach deploying technology and servers at colocation facilities, you can use Network-as-a-Service (with optional WAN Optimization capabilities) to have a lower cost, higher bandwidth, higher performance, fully managed network instead of MPLS. In this way, you can not only avoid the resource and expertise requirements for managing the WAN, but also for deploying and managing WAN Optimization technology and network visibility software. [There are hybrid WAN possibilities with this approach as well.]

So if CYA is what you care most about, MPLS is still the answer. You are a late majority or laggard type in the Technology Adoption Life Cycle curve, and that's fine, as I noted at the beginning of this column arc. MPLS is expensive, low bandwidth, and doesn't have a real answer for cloud services – of course, if you're in that late majority / laggard group, such services are probably not that important to you now, either – but it works, and it is usually reliable, especially within a country/region.

But MPLS is no longer the only way to go to build reliable enterprise WANs, and thanks to the NEW architecture as well as managed services that leverage the power of the Internet, depending exclusively on MPLS is no longer the best way to build high performance, cost effective WANs supporting both enterprise-based applications and SaaS / cloud services.

A twenty-five year data networking veteran, Andy founded Talari Networks, a pioneer in WAN Virtualization technology, and served as its first CEO, and is now vice president of product management at Aryaka Networks, the leader in WAN Optimization as-a-Service. Andy is the author of an upcoming book on Next-generation Enterprise WANs.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Must read: Hidden Cause of Slow Internet and how to fix it
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.