Choosing ISPs for SD-WAN: don’t be pound foolish

I was in the local Best Buy the other day and overheard a conversation between a saleswoman and a father looking to buy a computer for his daughter. Apparently, the daughter is a designer, which of course requires lots of heavy graphics work. Anyway, the saleswoman was trying to explain how he should invest a little bit more in an expensive graphics card because of her work. The father wouldn’t hear of it. He wanted the least expensive machine possible.

It was a mistake.

Part of the art of life is knowing when and where to invest your resources for maximum return. Sometimes less is, well, less and investing a bit more really can make a difference. I know you didn’t come to this blog for self-help advice, but life’s truism has real-world implications for wide area networks and, in particular, when selecting the Internet infrastructure underlying your SD-WAN.

+Check out: SD-WAN: What is it and why you’ll use it one day+

Some IT managers seem to think IP connectivity is a commodity. One ISP is supposedly the same as the next and so they don’t have to worry about finding the “right” ISP.  In fact, there can be a vast difference between Internet service providers. Getting that “right” Internet service can sometimes make an enormous difference in the quality of experience for your users.

Over the years, I’ve built dozens of global networks, some touching Europe, many into the Asia Pac and South America. Regardless of the region, the local ISP plays a crucial role when it comes to SD-WAN. With MPLS and leased line networks, we would focus on the time it took receive a circuit at the local premises. We’d focus on the service level agreements (SLAs) and whether local loops covered by those agreements – or not. We’d look for end-to-end management and want to make sure the two providers —  the ordering provider and the fulfilling one —  had the necessary network-to-network interfaces (NNIs) and management processes in place to make end-to-end delivery seamless.

But the performance of the overall system wasn’t the issue. Say what you will about managed MPLS services —  they might be expensive, clunky and frustrating as heck to get support from the carrier —  but you knew that the line rate and quality contracted for was what you were going to receive.  

With SD-WAN, the ISP plays an even more crucial role precisely because there are no formal SLAs. You’re trusting that the Internet provider’s network is engineered for performance. When using broadband, such as cable or DSL, often the choice of ISPs is limited. But when locations connect through direct Internet access (DIA), there’s often a choice of many ISPs. And while there’s a lot that you can’t know about their networks, you can investigate one major factor —  how the ISP connects to the rest of the Internet.

Connections and Tier-1 backbones

Some local ISPs connect directly to global backbones, others rely on local peering points. There’s a huge difference. For one, peering points are highly oversubscribed, running at 60-70 percent capacity. With so much traffic running through them, packet drops and retransmission become far too frequent at peak periods. But even if the peering point isn’t oversubscribed, local ISPs will require multiple router hops to reach the peering point. As any network engineer knows, the more hops the poorer the performance.

It’s why when we at SD-WAN Experts evaluate local ISPs, we look very carefully at a provider’s access to the rest of the Internet. Ideally, we try to hang all locations off of one tier-1 backbone. With everyone on the same network, you will have minimized the likelihood of packets being bounced between provider networks to reach their final destination. Not guaranteed mind you, this is the Internet after all, but certainly improve the likelihood of optimum performance.

What makes for a tier-1 Internet backbone? There’s no award or license you can request that says “Tier-1 Certified.” When we speak about tier-1 backbones we’re talking about global backbones that peer directly with other tier-1 global backbones. The best backbones can connect directly to most parts of the world without the need to peer, or with a minimal need.

To find a “better” backbone look at the number of connected Autonomous Systems (AS). An AS is the reflective of a single network, at least for Internet routing purposes. The better the network, the more direct connections you’ll find the network has. See this measurement of Internet backbones from Dyn, an internet performance management company. It shows the top three backbones have ~27,000 direct connections to other networks:

What may not be readily clear from the graph is the importance of knowing the specific ASN. Providers will frequently run multiple ASNs; often there are huge differences between them. China Telecom, for example, operates 4134 (China.net) and 4809 (CN2). I can tell you that CN2 is a great backbone, well connected, with a low oversubscription ratio with a packet delivery SLA of 99.5%. China.net? Less so.

Invariably some locations will be unable to connect to a tier-1 backbone. No network has the geographic reach into every city and town across the globe. Using SD-WAN technology to combine global networks, and select the optimum network at any given time, lets you expand the footprint of any given backbone. Large organizations can afford to do this themselves, connecting regional data-centers to multiple backbone. Smaller organizations or organizations who lack a datacenter in region might consider a provider who provides that service.