Since the initial international deployments in the early 2000s, MPLS has become the mainstay of enterprise networking. Today, most communications service providers (CSPs) have a global MPLS backbone, offering wide area networking (WAN) services to enterprise.
On the other hand, internet-based services such as broadband fibre services and wireless internet based on 4G/LTE technology have improved in both access speed and quality. The rapid proliferation of fibre access and improvements in wireless technology have made high speed internet access possible at a lower cost than most traditional MPLS networks that are based on dedicated access circuits. The ideal scenario of more bandwidth at a lower cost seems to be a reality.
Enterprise recognised that there is more than one way to build a WAN besides the traditional direct access to CSP ‘private’ PoPs, leading to deployment of hybrid WAN. Hybrid WAN that provides services to geographically distributed locations within an enterprise can be defined as using multiple WAN connections such as private MPLS plus internet and wireless 4G/LTE . There are basically two ways to deploy a hybrid WAN.
- Option 1: Using both dedicated access circuits (T1/E1 and Ethernet circuits) and internet circuits such as xDSL, fibre broadband and 4G/LTE as access to the CSPs private MPLS backbone. The CSP deploys multiple internet gateways across the globe to terminate IPsec tunnels over the internet — supporting the hybrid WAN deployment. The more gateways, the better the quality of service — as the internet hop count drops — while the trade-off will be higher cost and hence price to the business end-user. The MPLS backbone forms the core of the WAN that all traffic must traverse from one site to another. In this deployment model enterprise can mix and match the most appropriate access technology for each site, depending on the required application performance and/or service level for example. In many networks, internet circuits or wireless access is used as backup to lower the access circuits cost per site, while dedicated access circuits are still used as the primary.
- Option 2: Using internet connectivity to build an end-to-end WAN that is independent of the private MPLS network. This has the advantage of lower cost compared to option 1 since there is no MPLS port charge incurred for IPsec tunnel terminations. The disadvantage is potential performance issues associated with the ‘best effort’ nature of internet connectivity, especially end-to-end across multiple ISP networks internationally. In this deployment model, the traffic over the internet-based WAN should be hub and spoke otherwise the number of IPsec tunnels required to build a full-meshed network will become exponentially large and unmanageable, especially within global networks.
Which option to pick to build a hybrid network depends on customer traffic flow, as well as a cost performance trade-off. Hybrid WAN will lower the overall WAN cost due to the use of lower cost per bit public internet circuits when compared to dedicated access to the private MPLS network.
With the emergence of SD-WAN technology at the forefront of wide area networking, option 2 is becoming easier to deploy and manage, with centralised policies and orchestration replacing the requirement to manually configure IPsec tunnels and routing associated with the traditional hybrid-WAN set-up. SD-WAN has essentially simplified and enhanced the values of hybrid-WAN deployments.