Is your network resilient? Can it recover quickly from difficult conditions? Most of the time when we talk about network resiliency, we’re really talking about redundancy. We talk about redundant pairs of switches or of link aggregation. We talk about circuit diversity or backup links that can take over in the event of a failure. But is that really resilient?
First American Background Info
First American Title is a company that found itself faced with some resiliency challenges. They have over 1400 branch offices located around the world. They provide a variety of financial services to their clients, from title insurance to investment advisory. For First American, having internet access is a critical piece of their business. First American is also seeing challenges in their branches with the growth of multimedia applications and more Software-as-a-Service offerings being provided in cloud environments as opposed to on-site.
First American was also challenged with the WAN connectivity design. Their original setup involved using a single MPLS link back to the corporate headquarters. They also use a broadband Internet circuit for traffic that needs to exit locally to the Internet. This is a fairly standard branch office configuration for many organizations. It provides secure connectivity for business applications while also ensuring that all traffic doesn’t traverse the private link.
If either of these links go down, there can be major issues with the branch office’s ability to get work done. Failure of the MPLS link can lead to inability to connect to the HQ location. Secure backup links can come up, but these take time for turn up and VPN negotiation. Not to mention that all traffic will traversing the broadband circuit and degrading performance. The converse is also true when the broadband circuit is offline. Even a few minutes of downtime can cause huge issues for the branch.
Upgrading Redundant To Resilient
With all these challenges, First American knew they needed a new solution that helped provide resiliency for their network as well as additional services like QoS and traffic segmentation. They started a proof-of-concept with Viptela and started seeing immediate results.
As you can see from the diagram, the Viptela boxes were installed and created secure tunnels between the sites. Once these were up and running the MPLS circuit and the broadband circuit were essentially functioning in concert. Rather than one circuit carrying specific traffic, each circuit could be configured to carry traffic as well as acting as a backup for the other in the event of a failure. This was also able to be configured without complicated failover rules and redundant equipment configurations. Once the Viptela device detects a link failure, the traffic can be configured to move to the other link with little to no downtime.
How easy was it? Well, take a look at this chart. This chart lists all of the outages that the Viptela vEdge router has seen in the 30 days prior to the report. Out of all the sites in the pilot, only one site faced a real downtime scenario. Both links at the site failed simultaneously for 2.5 minutes. Once a link came back up, the site was back online with all critical traffic being able to route again.
The Viptela system didn’t stop there. As you can see at the bottom of the chart, that single outage wasn’t the only time that a circuit was down. Each site in the pilot experienced some form of link downtime in the 30 previous days. Over 116 minutes of downtime in fact. However, because both links were not down at the same time, Viptela was able to keep the site running and users were not impacted.
Another important benefit of Viptela was in the analytics behind the circuits themselves. Thanks to the visibility of the Viptela vEdge devices First American can see not only when a circuit is down but also when performance is degraded. And they can see this for all circuits and sort them by provider type. They can tell when the entire AT&T MPLS network is seeing issues and act accordingly. This visibility also helps the determine when circuits are meeting SLAs. If providers are not meeting their targets or have consistently missed their agreements then negotiations can start to bring these circuits back to standard or to release First American from contracts for non-performance.
This kind of visibility helps network administrators when determining whether or not sites need special configurations or need additional circuits to provide the right kind of redundancy. It also helps when planning traffic patterns to ensure that critical traffic always favors the most reliable circuit. And since all this happens automatically from the Viptela dashboard there’s no additional engineering time required to make it all work flawlessly. That’s just included.
Putting It All Together
First American is happy with their Viptela deployment and has plans to roll it out far and wide in their environment. They met the goals of their pilot project by increasing bandwidth utilization and introducing resiliency in the network. They also gained the added benefit of visibility into their circuit health and additional capability to deploy diverse circuit types to ensure reliability.
For more information on Viptela and their SD-WAN solutions and how they can help your organization, make sure to visit http://Viptela.com.
- Revealing Security Threats with ExtraHop Reveal(x) - February 13, 2018
- The Logic Of Tables with Broadcom SDKLT - February 8, 2018
- Getting Ready for GDPR - January 18, 2018
- Going Faster with 400Gbps Ethernet and Andy Bechtolsheim - January 12, 2018
- Architecting Container Direction with Nirmata - January 5, 2018
- Continuing the SD-WAN Discussion At FutureWAN - January 4, 2018
- Keeping An Eye On Containers with Ixia CloudLens - January 4, 2018
- Balancing The Cost Of Your Application Delivery Controllers with KEMP Metered Licensing - December 27, 2017
- Arista vs. Cisco – The Tale Up To Now - December 14, 2017
- Unmasking Bad Actors with Gigamon - December 7, 2017