How to Configure a Hybrid WAN in Parallel to An Existing Traditional Wan Infrastructure

Similar documents
SUPPORTED HYPERVISORS. FusionHub runs on nearly all mainstream virtual machine software including VMware, Citrix XenServer and Oracle VirtualBox.

Truffle Broadband Bonding Network Appliance

VPN Cloud. Mako s SD-WAN Technology

Simplifying the Branch Network

On the Radar: Peplink

Q-Balancer Range FAQ The Q-Balance LB Series General Sales FAQ

MASERGY S MANAGED SD-WAN

Peplink + Citrix + VoIP Adds Up to Fast, Cost-Effective WAN for UK s Pluss

INNOVATIVE SD-WAN TECHNOLOGY

Cisco Dynamic Multipoint VPN: Simple and Secure Branch-to-Branch Communications

Cloud Leased Line (CLL) for Enterprise to Branch Office Communications

Our Virtual Intelligent Network Overlay (VINO) solutions bring next-generation performance and efficiency to business networks throughout North

Transform your network and your customer experience. Introducing SD-WAN Concierge

Cisco Dynamic Multipoint VPN: Simple and Secure Branch-to-Branch Communications

From Zero Touch Provisioning to Secure Business Intent

Transform your network and your customer experience. Introducing SD-WAN Concierge

VeloCloud Cloud-Delivered WAN Fast. Simple. Secure. KUHN CONSULTING GmbH

FAQ Guide. i-mo 310 & 540 Series Bonding Routers. FAQ Guide. for the i-mo 310 & 540 Series Appliances

90 % of WAN decision makers cite their

Peplink Balance multi-wan router Load Balancing. Unbreakable VPN. Bandwidth Bonding.

CASE STUDY: Borrego Health

How to Re-evaluateYour MPLS Service Provider

Overcoming Business Challenges in WAN infrastructure

Best Practices for Extending the WAN into AWS (IaaS) with SD-WAN

SD-WAN Deployment Guide (CVD)

Never Drop a Call With TecInfo SIP Proxy White Paper

Internet Load Balancing Guide. Peplink Balance Series. Peplink Balance. Internet Load Balancing Solution Guide

Intelligent Load Balancing: Persistence Balance

Cisco Group Encrypted Transport VPN

FusionHub. SpeedFusion Virtual Appliance. Installation Guide Version Peplink

SOLUTION BRIEF Enterprise WAN Agility, Simplicity and Performance with Software-Defined WAN

Innovative Solutions. Trusted Performance. Intelligently Engineered. Comparison of SD WAN Solutions. Technology Brief

FusionHub. Evaluation Guide. SpeedFusion Virtual Appliance. Version Peplink

RingCentral White Paper UCaaS Connectivity Options in the New Age. White Paper. UCaaS Connectivity Options in the New Age: Best Practices

Not all SD-WANs are Created Equal: Performance Matters

SD-WAN. Evolving Beyond MPLS in the Enterprise Network. 55 Water Street, 32nd Floor New York, NY (877)

ETHERNET SERVICES FOR MULTI-SITE CONNECTIVITY

Scalability Considerations

NetPro. from Wireless Logic. Available on a per SIM license basis. No CAPEX. Retain your Airtime Contracts with your existing providers

SD-WAN. Bringing Scale, Agility and Robustness to Enterprise Networks

SMALL BUSINESS. Model 20/30/50 30 LTE One 210/ BPL-210 BPL-310

Never be offline again. Created with novapdf Printer ( Please register to remove this message.

Scalability Considerations

Peplink Balance: 20 / 30 / 30 LTE / 50 / One / 210 / 310 / 305 HW2 / 380 HW6 / 580 HW2-3 / 710 HW3 / 1350 HW2 / 2500

Deployments and Network Topologies

SD-WAN. What is it anyway?

The Cisco WebEx Node for the Cisco ASR 1000 Series Delivers the Best Aspects of On-Premises and On-Demand Web Conferencing

Router Router Microprocessor controlled traffic direction home router DSL modem Computer Enterprise routers Core routers

Cisco SD-WAN. Intent-based networking for the branch and WAN. Carlos Infante PSS EN Spain March 2018

Delivering the Wireless Software-Defined Branch

Peplink Balance: 20 / 30 / 30 LTE / 50 / One / 210 / 310 / 305 HW2 / 380 HW6 / 580 HW2-3 / 710 HW3 / 1350 HW2 / 2500

EdgeXOS Platform QuickStart Guide

SD-WAN AND BEYOND: DELIVERING VIRTUAL NETWORK SERVICES

Wireless SD-WAN: A Critical Element of Industrial Internet of Things

Multipoint Bridged Ethernet Using MPLS Virtual Private LAN Services

Why Performance Matters When Building Your New SD-WAN

Configuring DHCP over VPN Prepared by SonicWALL, Inc. 11/12/2002

EdgeConnectSP The Premier SD-WAN Solution

A Software-Defined WAN is a Business Imperative

SD-WAN Transform Your Agency

EXTENSIBLE WIDE AREA NETWORKING

itel MPLS (IP VPN) Maximum Network Potential

Implementation Guide - VPN Network with Static Routing

Huawei SD-WAN Solution

BREITKOM Network Sdn Bhd Corporate Profile

Securely Access Services Over AWS PrivateLink. January 2019

HYPER INTEGRATION! LANCOM Management Cloud

Cato Cloud. Software-defined and cloud-based secure enterprise network. Solution Brief

Intranets and Virtual Private Networks (VPNs)

SILVER PEAK EDGECONNECT SD-WAN SOLUTION OVERVIEW FOR SERVICE PROVIDERS

Deploying the Barracuda Link Balancer with Cisco ASA VPN Tunnels

Migrating from Dynamic Multipoint VPN Phase 2 to Phase 3: Why and How to Migrate to the Next Phase

SteelConnect. The Future of Networking is here. It s Application- Defined for the Cloud Era. SD-WAN Cloud Networks Branch LAN/WLAN

Not all SD-WANs are Created Equal

Y O UR BUS I N E SS IS ONL Y A S S TR ON G A S YO U R CONNEC T I O N T HE I M P ORTANCE OF R ELI ABLE CO NNECTIVITY W HAT S IN SIDE:

Voice of the Customer First American Title SD-WAN Transformation

3/10/2011. Copyright Link Technologies, Inc.

Data Communication. Introduction of Communication. Data Communication. Elements of Data Communication (Communication Model)

MANAGED CLOUD SERVICES

DISN Evolution. TDM Elimination. Mr. Jessie L. Showers, JR., SES Infrastructure Executive (IE) 15 June 2017 UNITED IN SERVICE TO OUR NATION

Redundancy for Corporate Broadband WHITE PAPER

Cisco Cisco Sales Expert. Practice Test. Version

Course 20741B: Networking with Windows Server 2016

The Essential Guide to Preparing Your Network for the Cloud. How to meet your network requirements at every step of your cloud transformation.

AVANTUS TRAINING PTE PTE LTD LTD

Setting the firewall for LAN and DMZ

WELCOME TO THE NEW HYPER-INTEGRATED NETWORK MANAGEMENT

GRE and DM VPNs. Understanding the GRE Modes Page CHAPTER

IWAN Security for Remote Site Direct Internet Access and Guest Wireless

Elevate the Branch-Office Experience with an Application-Centric Platform

How SD-WAN Makes UC Apps Dance. The Leader in Failsafe SD-WANs. May 17, Top 10 Coolest SDN Technologies

Firmware 6.3 Release Notes Release Date: 11/09/2015

Setting up VPN connection: DI-804HV to DI-804V

WHITE PAPER ARUBA SD-BRANCH OVERVIEW

What is SD-WAN? Presented by:

Deploying Cisco SD-WAN on AWS

Introduction to Information Technology Turban, Rainer and Potter John Wiley & Sons, Inc. Copyright 2005

Network Configuration Guide

Internet Technology. 15. Things we didn t get to talk about. Paul Krzyzanowski. Rutgers University. Spring Paul Krzyzanowski

Technology Brief. VeloCloud Dynamic. Multipath Optimization. Page 1 TECHNOLOGY BRIEF

Transcription:

Table of Contents Introducing Hybrid WAN The WAN Evolution What is a Traditional Private WAN? Example IP Addressing What is a Hybrid WAN? SD-WAN - Centrally Managed Hybrid WAN Hybrid WAN Example Hybrid WAN IP Addressing Example Head Office Detail Remote Branch Offices How to Configure a Hybrid WAN in Parallel to An Existing Traditional Wan Infrastructure Best Practices Choosing the Right Mix of Internet Connectivity to Improve Hybrid WAN Performance Does All of Your Branch Office Network Traffic Need to Traverse the WAN? Summary

Introducing Hybrid WAN The WAN Evolution In this whitepaper we will show how Peplink s Hybrid WAN technology can be used to extend and enhance an existing traditional private WAN topology. What is a Traditional Private WAN? In a traditional WAN environment, each branch office is connected using a single dedicated private network connection that is point to point between the branch and head office sites. Occasionally this single private line will be backed up by another link (normally a cheaper commodity connection and often from the same ISP as the main link) that acts as a failover connection, but not always - and certainly not without additional cost. In the diagram above we can see the head office local area network has two WAN connections. In red we have a direct to public Internet service, and in blue the connection to the managed WAN providers network, that subsequently provides routing of traffic to the three remote branch offices (A,B,C). Page 1

It s important to note that the branch offices do not have a direct Internet connection at all. Instead they each have a single dedicated link back to the head office location, so all Internet access at the remote sites passes through the head office public Internet link (shown in red). When we look at the hardware involved to achieve this configuration we might see something like this: At the head office location we have two routers, one for public Internet access and the other for access to the private WAN. At the branch office location, we have a single router that acts as the default gateway for the LAN clients there and sends all traffic back over the private network to the head office. Page 2

Example IP Addressing To explain this type of configuration further here is a diagram showing how the IP addressing might be configured for this type of Layer 3 traditional private WAN. The Head office network has a network subnet of 10.10.1.0/24, and uses the public Internet access router (10.10.1.1) as the default gateway. The public Internet access router has a static route with a supernet of 10.11.0.0/16 and the private WAN access router (10.10.1.254) as the target. In this way, any traffic destined for the remote branch offices reaches the default gateway router and is then forwarded to the private access router, enabling the sites to communicate with head office in a hub and spoke fashion. Page 3

What is a Hybrid WAN? A hybrid WAN combines private point to point links with public Internet links using encryption to ensure that any traffic sent over the public Internet is secure. The end result is a Wide Area Network made up of multiple connections between each location that can be actively used at the same time to improve connection reliability and aggregate bandwidth. It requires the use of multi-wan routers at each location that are capable of sending traffic securely over multiple WAN links at the same time from a remote branch office that are then also able to combine the traffic again when it reaches the destination. Peplink s SpeedFusion VPN bonding technology is the mechanism for creating hybrid WANs using multiple private and public links. Page 4

Page 5

SD-WAN - Centrally Managed Hybrid WAN Software defined wide area networks extend the capabilities of Hybrid WAN s by adding a central controller that configures, monitors and manages Hybrid WAN networks. Using the SD-WAN controller we can deploy Hybrid WANs centrally and automatically - dynamically adding and removing remote locations/devices on demand. We can also monitor bandwidth usage at a device and client level and perform additional management tasks such as firmware deployments, configuration management and provide easy remote access. Especially useful for Hybrid WAN deployments is the central monitoring and notifications made possible using SD-WAN. Individual remote site WAN link failures will be transparent to the users at that location by design, and as such need to be flagged up to the network management team for review. Peplink s SD-WAN controller is the cloud based InControl 2 service and is fully compatible with all Hybrid WAN deployment topologies described in this whitepaper. Hybrid WAN Example If we wanted to use hybrid WAN technology in our previous example the high level design would look like this: In this example, the head office network now has three routers. A Peplink Balance device has been added to act as the default gateway for the network. This has the public Internet access router and the private WAN access router connected to its WAN ports. Page 6

The remote branch location also has an additional Peplink Balance device. This has the original private WAN router connected to its WAN ports along with new additional public Internet access routers. The two Balance routers create a single logical VPN connection made up of multiple secure VPN connections between each other across both the public and private networks. Both networks can send and receive traffic at the same time. The benefits to this hybrid WAN approach are considerable: Additional bandwidth can be added quickly using public Internet links that tend to be cheaper with much higher bandwidth than dedicated private WAN links. Using Peplink s SD-WAN technology, multiple network technology types (Fiber, DSL, Cellular and even Wi-Fi) can be used at each location and combined to provide resilience. The WAN links at each location do not need to be from the same ISP or managed service provider - allowing for provider diversity. The end result is a more resilient, more agile, higher bandwidth and secure WAN. Hybrid WAN IP Addressing Example The diagram below shows the network diagram for an example hybrid WAN configuration using the topology from the previous traditional WAN example as a starting point Page 7

Head Office Detail In the head office location a new Balance router is added that acts as the default gateway for the network. On its WAN1 is the existing public Internet access router, on WAN2 it has the existing private WAN access router. The private WAN access router (shown in blue) is configured with a new LAN IP in a different range than the head office LAN. The original head office LAN IP range (10.10.1.0/24) is maintained on the LAN of the Balance router to reduce the amount of reconfiguration needed on servers and infrastructure at this location. The Balance has an outbound policy added to tell it to route all traffic for the remote private WAN routers (in the remote branch offices) over WAN2. This outbound policy enables traffic to route between the WANs of the remote Balance routers and the one at head office, which in turn enables VPN tunnels to be created over the existing private WAN. Page 8

Remote Branch Offices In the remote branch offices a new Peplink Balance router is added to act as the gateway device for the local network and the branch office subnet is changed to be in the 10. 12.x.0/24 range. Note: Any statically assigned network devices - such as printers, VoiP PBX s or CCTV cameras will need to be reconfigured to connect on the new subnet. Page 9

On the WAN1 of the Balance router a public Internet connection is added, with the private network access router on WAN2. Depending on the model of Balance router used at the remote branch offices up to 13 WAN connections can be used in total which can be a mix of fixed line, cellular and point to point wireless networks connections. Typically we would see a branch location combine existing fiber/cable connectivity from the private WAN with additional public Internet connectivity over fiber or xdsl and LTE cellular from different providers. Additional Internet connectivity can be added on demand to the branch office location and included in the hybrid WAN. With this configuration in place we have the following high level topology configured: How to Configure a Hybrid WAN in Parallel to An Existing Traditional WAN Infrastructure Frequently Hybrid WAN solutions are initially considered in an enterprise network as a solution for real immediate business and deployment challenges. This might be for an existing site that has suffered from extended network downtime due to external factors, or for a rapid temporary Page 10

deployment where the long lead times for installation, rigid contract lengths, and overall expense of traditional private WAN connectivity is not the best fit. In these cases it can be desireable to add Hybrid WAN technology alongside existing infrastructure with minimal changes desired to the existing network configuration as a low risk, high speed way to test and trial the technology with easy roll back if required. This can be achieved by adding a Peplink Balance router to the head office location alongside the traditional WAN routers. By forwarding the necessary ports for SpeedFusion VPN through the existing public Internet access router, new remote branch office locations can be added that use commodity Internet connections (xdsl, 4G/LTE) at the remote sites and create secure VPN connections back to Balance router located in head office. With the simple addition of a couple of static routes on the private WAN and public Internet access routers, the new branch office locations added in this way can communicate securely with both the head office LAN devices as well as the remote branch locations on the traditional WAN. Page 11

Best Practices Choosing the Right Mix of Internet Connectivity to Improve Hybrid WAN Performance The highest performance Hybrid WANs are achievable when connections of similar bandwidth capacity (within 50% of each other) and similar latency characteristics (within 200ms of each other) are combined. For example. Combining a DSL at 8Mbps with a Fiber connection at 80Mbps will actually produce a hybrid WAN connection in the region of 70Mbps due to the bandwidth overhead required to establish a hybrid WAN connection. (80-20% + 8-20% = 70.4Mbps). This will however be a hybrid WAN connection that has resilience and is able to use both WAN links at the same time. MetroE Fiber DS3 FiOS Cable U-Verse T1-3 DSL MetroE X X X X Fiber X X X X DS3 X X X X FiOS X X X X X Cable X X X X U-verse X X X X T1-3 X X X X DSL X X X X Page 12

Does All of Your Branch Office Network Traffic Need to Traverse the WAN? A question that is often overlooked when migrating from traditional to hybrid WAN infrastructures is whether all network traffic at a branch office needs be routed via the head office location. Since hybrid WANs use public Internet connectivity at the remote branch office locations, there is also the option to send Internet traffic from the remote devices out direct to the Internet using the local connectivity rather than over the secure VPN and out via the public Internet connection at head office. This reduces the amount of bandwidth required at the head office location, not only for Internet access but also the bandwidth required between it and the branch offices, which can drastically reduce bandwidth costs across large wide area networks.. Page 13

Summary Hybrid WAN technologies can improve branch office connectivity resilience and bandwidth whilst also reducing costs, as well as provide new, more agile ways to deploy and manage branch office connectivity requirements using a mix of Internet connectivity types from diverse service providers. Using Peplink SpeedFusion enabled routers, you can choose to bolt hybrid WAN connectivity onto the side of existing traditional WAN deployments, combine private and public WANs incrementally as required, and ultimately completely replace the traditional enterprise WAN if desired. Peplink's SD-WAN controller in combination with Hybrid WAN provides agile remote site connectivity options with easy central management and monitoring - greatly simplifying both the initial deployment of Hybrid WAN in the enterprise and its subsequent operational management. Page 14

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback