In my previous post in this series, we talked about the success that Koch Business Solutions has had in their move to the cloud. Connecting the branch offices of the various units isn’t an easy task. One way that Koch has found success is by deploying Cisco Viptela SD-WAN infrastructure to help with the migration of the various units of Koch into the cloud. I want to touch on one specific area of this migration – using SD-WAN to extend around the limits of cloud networking.
Here’s the video of Daniel Cruz and Mike Worthington talking about the solution and some of the networking challenges:
One Size Fits All
When you create your first AWS setup, you’re going to need to create a Virtual Private Cloud, or VPC. Amazon VPCs are designed to give you a segmented logical network that has all the resources you need to get servers up and running. VPCs can contain all manner of servers and applications and can be exposed to the public internet through gateways. It effectively functions just like a small enterprise network, complete with routing and firewalls.
The challenges start appearing when you reach the practical limits of a VPC. Much like the forklifts of networking days gone by, you eventually have to move to a bigger networking “device” when you reach the limits of the connectivity that you have today. However, the real challenge with AWS comes from the fact that you’re not just buying a bigger box. One you hit a hard limit in a VPC your only real option past that is to get another VPC and balance some of your machines across it. And when you find yourself in that situation, even getting those VPCs to talk to each other is difficult.
Building The Best Edge
Cisco Viptela helps you get past those challenges. Rather than locking you into the “one size is all we have” thought processes around VPCs, with Cisco Viptela you can instead start using vEdge routers in configurations that allow them to be used as VPC connections or even as Direct Connect points for the public internet. This is a huge driver for Koch, as it allows them to make applications directly available without the need to backhaul traffic to a data center or hook it up to an AWS Direct Connect with a costly MPLS Circuit.
Cisco Viptela devices also allow you to scale past the IP address limitations inherent to AWS Direct Connect routing tables. Direct Connect only allows 100 prefixes to be advertised. That’s a hard limit. Their advice is advertising a default route if you’re over that amount. With Cisco Viptela, you can advertise underlay routes between Direct Connect and the VPC that are necessary for communication. And then you can have your Cisco Viptela systems advertising LAN routes to applications via the SD-WAN overlay. This is a huge improvement in the layout and design of these systems.
Koch used the features of Cisco Viptela to not only reduce the number of VIFs across their Direct Connects, but they did it while taking back more control over the routes and the route security. Knowing where the routes were being propagated allows your networking team to have more visibility into the system as a whole. And, because all of this comes from a system designed to aggregate diverse WAN circuit types together, the whole package comes with built-in circuit diversity.
Bringing It All Together
The cloud doesn’t automatically make things super simple for everyone. It doesn’t have a magic wand that allows you to wave away networking planning or complexity. And sometimes your architecture isn’t going to fit perfectly into the cloud model the way that you might like. That’s why you need the networking expertise of a company like Cisco Viptela to help you work around the restrictions inherent in a cloud environment. A little planning and proper use of tools has allowed Koch Business Services to extend their network to faster speeds and better visibility. It just takes a little routing know-how.
- Redefining Service Protection with VMware Service-Defined Firewall - August 11, 2020
- Wi-Fi Isn’t Always the Best Wireless Solution – The On-Premise IT Roundtable - August 11, 2020
- Bad Behavior Analysis with Juniper Networks - August 6, 2020
- Multi-Cloud Fabric with Arrcus - July 30, 2020
- IoT Doesn’t Need Wi-Fi 6E – The On-Premise IT Roundtable - July 28, 2020
- Introducing Security Field Day 4 - July 21, 2020
- Cisco SecureX Roundtable - July 14, 2020
- Cisco Intent-based Networking Roundtable - July 13, 2020
- Tomversations: Episode 5 – End-to-End Encryption - July 9, 2020
- Cisco Live Interview with Khalid Raza - July 2, 2020