Hybrid wan - drivers & concept
This article is the first of a series that will address Hybrid WAN in particular in the context of home office worker (but valid for other use cases). We will discuss:
- Drivers & concept
- My setup
- Implementation of a basic solution based on open-source projects
- The need for a good QoS scheduler
- How to configure a application based solution
- From Hybrid-WAN to SD-WAN
The trend
With the emergence of Cloud and Software as a Service (SaaS) solution on one hand like Microsoft Office365 and its suite (Exchange Online, Sharepoint Online, Onedrive…), Dropbox, Box, etc… and on the other hand rich content like video (YouTube, Vimeo, Udemy…), there is a never ending need for more bandwidth.
In the enterprise market, where MPLS offered by Telcos Service providers (such as British Telecom, Orange Business Services, Verizon, AT&T…) used to be the connectivity by default, we have been seeing for already 6 years a new trend. In addition to costly MPLS lines, companies have implemented local internet breakout - in most cases DSL connection.
DSL is considered as offering much more bandwidth for much cheaper price than MPLS circuit. It is agreed that those Internet connections are not offered with enterprise grade SLAs nor guaranteed bandwidth and are potentially a security threat (not a private network!). But still, it virtually increases the “pipe” and offer resiliency of the network service for low cost.
That diversity of network connectivity is called Hybrid WAN. Mixing different media such as leased lines, MPLS, aDSL/sDSL/xDSL, 4G/LTE or Satellite is the essence of it.
Routing considerations
Complex routing rules are configured to define how traffic is steered. The model that I usually see is as follows:
- Business critical applications on the most stable connection (MPLS for example)
- Non critical and bandwidth hungry traffic (email, file sharing, backup…) offloaded over cheap Internet and encrypted via a VPN tunnel
- Internet traffic (including SaaS) using the local breakout.
In particular, in this context, what makes this setup complex is the return path. How to make sure that once the server answers request from remote client, the traffic will go back on the right side…. Will a stateful firewall be happy with asymmetric routing? Unlikely…
But let’s park this for now as this is relevant for teleworkers. We want to focus on the benefits of Hybrid WAN for Home office worker, not technical details for Enterprise network…
Why Hybrid WAN for teleworkers?
I have been working mainly from home for 2 years now. What frustrates me the most is the inconsistency of the service (limited bandwidth, dropping from time to time and resiliency) for my public DSL connection.
Indeed, since I moved from down town to the suburb area, I can’t benefit anymore from FTTH and its amazing symmetric +100M BW.
When all conditions are met (not snowing, moon is full, I prayed the night before…), I can now manage to get 8M download and a ridiculous 1M for the upload. And if something goes wrong with the line, I am stuck!
Another interesting factor is that kids and wife can be around. They consume as well “my” bandwidth with services like Netflix, Youtube, Facebook, Spotify and other recreative applications (hey I am working!).
So very quickly I decided to go for Hybrid WAN at home!