Over the past few years, there has been a significant increase in the amount of enterprise network traffic to and from Asia Pacific due to globalization. In my recent visit to the region, I engaged in some interesting discussions around the WAN. For example, one of the biggest costs for large financial institutions are point-to-point dedicated leased lines between their regional and global offices called International Private Leased Circuit (IPLC). These circuits are typically provided by a carrier to offer auto re-routable network for maximum uptime and data protection.
One of my recommendations to executives I spoke with was to consider the internet as an alternate transport. The typical response I received was, “I’m not conformable moving my real-time applications to the Internet because of its best effort model and lack of quality of service.”
That is an outdated and somewhat incorrect assumption, which I’ll explain by breaking the argument into a two parts: the last-mile challenge and carrier peering issues.
The Internet as Alternate Transport
In most countries, including emerging markets, best-of-breed infrastructures are typically provided on a local/regional scale. Even most large Tier 1 carriers do not have global connectivity. Interestingly, local broadband, depending on the region, can be quite reliable in many emerging countries. In regions where broadband is not reliable, customers prefer to use MPLS. In almost all cases, long-haul availability and performance is questionable due to dependencies on other carriers and peering issues.
Most financial institutions buy a large number of IPLCs for long-haul international connectivity. In most cases, they use local broadband internet or MPLS for local branch-to-branch connectivity, depending on availability. For inter-regional traffic, these regional hub routers are used to maintain regional routing information and aggregate all the local branches. With a good last-mile connection from a local/regional provider, it is possible to achieve good quality of service (QoS). Most performance issues occur at peering locations, since carriers often drop traffic from peering between service providers at times of congestion. In most cases, carriers remark all QoS designations to best effort at these locations.
To work around packet loss issues at peering locations, many financial organizations purchase IPLCs because they also provide security. (However, security can be addressed in multiple ways; that will be covered in a future blog post.) Plus, they get all the benefits of a private line. Figure 1 shows the IPLC branch-to-branch connectivity through regional hubs.
Figure 1. IPLC branch-to-branch connectivity through regional hubs
In this model, customers do not place any of their routers at the carrier location or pass any of their routing information to carrier routers. Carrier connections are used simply to provide guaranteed SLAs over point-to-point circuits that connect two locations through the service provider POPs.
A new connectivity model is emerging whereby enterprises are establishing what Gartner calls performance hubs. These are set up at carrier-neutral facilities to connect with a cloud provider and peer with regional and global carriers. Enterprises can also buy colocation-to-colocation (colo-to-colo) circuits to preserve QoS if the last-mile provider is incapable of setting up QoS.
This new approach is being fueled by the advent of cloud computing and SaaS applications such as Office 365 and Salesforce.com. These external applications require a core WAN backbone that is dynamic, has high speed and has low latency. Â As a result, enterprises are looking to implement closer exits to regional hubs for a better cloud user experience.
So, how does implementing performance hubs reduce the cost of IPLCs? Figure 2 illustrates the concept and architecture of performance hubs.
Figure 2. The concept and architecture of performance hubs
Ideally, performance hubs should be placed at a carrier-neutral facility that has a data center service and direct connect peering. Internet-bound data can delivered to SaaS apps via a local breakout through direct peering with app providers. If the data needs to be backhauled to the corporate data center, the colo provider’s infrastructure can be used to backhaul it at a much lower cost.
In the original example of financial organizations that operate in emerging markets, placing few of their own network devices in a carrier-neutral facility would allow them to eliminate expensive and redundant IPLCs. In regions that lack large carrier-neutral facilities, site-to-site connections can used to establish a single hop to the nearest colocation facility with an IPLC and supplemented with colo-to-colo high-speed connections.
This model provides cost effective connectivity between branches and the data center. Even corporate on-premise applications can be cached at the carrier-neutral facilities using Ethernet layer 2 connections to the data center in order to service regional branches from the performance hubs.
By creating a WAN that is not built around a data center, but instead around where data resides, enterprises can optimize their WAN for application performance. For example, increasing last-mile bandwidth using regional performance hubs that reduce transit latency to cloud applications dramatically improves response times for most TCP applications. I’ll provide more details on this topic in a future blog post.Â