Today's SD-WAN

[Railgun]

Ok network folks, who here has delved into the world of SD-WAN?

My background is on the enterprise side of networks. SD anything was never a topic of discussion other than "what if," or "maybe down the road." Fast forward some time and the company I'm now in is quite a bit smaller.

An IPSEC mesh over MPLS/Internet is the name of the game, and I'm surprised at how much we're paying for that.

I've started to look...only just...into the SDN space as it relates to the WAN. It's an interesting proposal, but it seems the field is full of no more than startups. While the list of customers is OK and seems to be growing, from a maturity perspective, is it really something someone should jump onto or do we (the royal we that is) really need to vet this out.

I'm already going through the motions for an RFI from some number of companies, but I'm curious to see what the opinions are, or if anyone has any first hand experience with one of these companies and has some interesting, if not valuable insight?

To that end, do/did you have security concerns? Performance issues? Reliability?

TIA

 

[Gryz]

On the Anandtech networking forum, we discuss 2 things: 1) "my Internet at home is so slow, help !" and 2) "my WiFi doesn't work, help !". Topics like Software Defined Networking are outside the scope of the people here.

Having said that, SDN is kind of a religious topic. There are the believers. And there are the realists. Lucky for you, SD-WAN seems a lot less ambitious than SDN in general. And thus more practical. I'm not working with SDN myself (yet). But I believe some of the SD-WAN stuff is real and working. Whether you want to use any SD-WAN products is up to you, but it seems a bit early still for large-scale acceptance.

I made a query here in 2012, regarding SDN. No serious replies back then.
http://forums.anandtech.com/showthread.php?t=2238603
I would also be interested if anyone here has done anything with SDN yet.

 

[Railgun]

On the Anandtech networking forum, we discuss 2 things: 1) "my Internet at home is so slow, help !" and 2) "my WiFi doesn't work, help !". Topics like Software Defined Networking are outside the scope of the people here.

Heh...don't I know it.

I figured I'd poke a little higher to see what some folks may be doing given we know there are a few network engineering types here.

SDN seems to be what a lot of folks talk about, but the reality is it's a lot of work to get into that mindset and actually implement it. Though, SDN from that perspective is I think vastly different than a third party supplier of such tech.

From the perspective of the WAN, there's certainly a level of practicality to it. Where one doesn't need the lowest latency between locations, but still wants relative performance, it may work provided that provider's network is up to snuff. The key is reliability. From that point, it would be foolish to stick with a singular provider anyway for that reason alone.

From a overall performance perspective, they all claim WAN optimization that's inherently part of the package. Though there's no detail as to what exactly they're doing to accomplish that, in addition to providing an overview to their own internal reliability. What happens to traffic through devices that lose connectivity to their controllers? No one I've seen has answered that publicly.

As for the customer base, some are tossing some relatively big names, which is all well and good, but as another conversation I had recently brought up, if their funding is secure, then it's a better picture for them as they potentially have some longevity in that respect. The flip side to that is exactly as we've both said, they're almost too new.

As mentioned, I'm starting to scratch the surface of this for our company. I'm happy to keep updating this with what I find and try to be as broad as I can.

 

[kevnich2]

Actually this is an interesting topic, especially for businesses and enterprises with multiple locations and multiple WAN/MAN options at each location. If you have MPLS, LTE and general broadband at some locations, an SD option, should, have alot of benefits.

Routing protocol's are more link state where, if I'm understanding it correctly, an SD option would allow the routing to be more dynamic based on other metrics to make appropriate use of all WAN links each location would have based on whatever variables it was programmed to take into account (Latency, cost, congestion, etc)

 

[Gryz]

Routing protocol's are more link state where, if I'm understanding it correctly, an SD option would allow the routing to be more dynamic based on other metrics to make appropriate use of all WAN links each location would have based on whatever variables it was programmed to take into account (Latency, cost, congestion, etc)

What you mention here is called "traffic engineering (TE)".

There are several ways to do TE. MPLS has a TE-technology (in combination with routing protocols. It's been more than 15 years old). SDN can do TE too.

SDN is the idea of separating control plane and forwarding plane. The control plane is where the intelligence in a router or switch is. Routing protocols (IS-IS, BGP, OSPF, etc) on routers, and bridging protocols (SPT, SPB) are normally ran on the control plane. But with SDN that is no longer the case. In stead, all forwarding devices talk to a central controller. The controller will install forwarding entries in the routing-table or switching-table of the forwarding devices. The forwarding devices can be real dumb. And thus they can be very cheap. At least, that is the idea. Also, because the intelligence is centralized in the controller, the controller can do stuff that you can't do with distributed routing. E.g. you could do traffic engineering with SDN.

To me it is clear that this idea is broken. You need some intelligence in the forwarding devices. Or otherwise the network won't scale. I'm not the only one who believes this. So many vendors are coming up with all kinds of hybrid solutions. That's a better approach.

There are many many thing that are called "software-defined". From the original openflow-idea (as I described above) to hybrid solutions, to easier configuration, to stuff for the WAN, stuff for the datacenter, APIs to run your own software on your routers, etc. SDN can be anything you want ! But the main feature, that connects everything named SDN, is the fact that it is new. And start-ups can get easier funding if they call their products SDN.

 

[Gryz]

From a overall performance perspective, they all claim WAN optimization that's inherently part of the package. Though there's no detail as to what exactly they're doing to accomplish that, in addition to providing an overview to their own internal reliability. What happens to traffic through devices that lose connectivity to their controllers? No one I've seen has answered that publicly.

If you are seriously interested, you can always ask the vendor to send a sales-guy to visit you. They will usually tell you a lot more in private than what the company will state publicly.

In data-centers, I've been told some vendors expect you to connect every switch directly to the controller. I think that is madness. And it certainly won't work for the WAN.

There are hybrid solutions, where routers still run routing protocols. And the SDN is only there to "enhance" the network. If the controller becomes unreachable, the network falls back to old-fashioned hop-by-hop ip-routing. I believe Google's SDN solution does that.

SDN seems to be what a lot of folks talk about, but the reality is it's a lot of work to get into that mindset and actually implement it. Though, SDN from that perspective is I think vastly different than a third party supplier of such tech.

There is indeed a lot of talk about SDN.

My personal view is this. Cisco is the dominant player in the router-market. There are only a few companies that can follow (Juniper, Alcatel-Lucent). Nobody else has a chance to enter the router market. But when things get shaken up, everything changes. In the turmoil, maybe a few new companies will be able to gain market-share. And that is why everybody is so enthousiastic about SDN. I think the technical merit is a lot smaller than these people try to make it.

And then there is the fact that everybody nowadays calls their new products SDN. Some of those products might actually be useful. Too bad they get the label SDN. It might confuse us even more.

As for the customer base, some are tossing some relatively big names, which is all well and good, but as another conversation I had recently brought up, if their funding is secure, then it's a better picture for them as they potentially have some longevity in that respect. The flip side to that is exactly as we've both said, they're almost too new.

If you're interested in a SD-WAN product, you might wanna check out Viptela. I used to know many of the guys who started that company. They know what they're talking about. And a guy I respect a lot told me that their product is actually not bad for what it does. They also have a big VC behind them (Sequoia), if that interests you.

 

[drebo]

Actually this is an interesting topic, especially for businesses and enterprises with multiple locations and multiple WAN/MAN options at each location. If you have MPLS, LTE and general broadband at some locations, an SD option, should, have alot of benefits.

Routing protocol's are more link state where, if I'm understanding it correctly, an SD option would allow the routing to be more dynamic based on other metrics to make appropriate use of all WAN links each location would have based on whatever variables it was programmed to take into account (Latency, cost, congestion, etc)

Or just use DMVPN.

Other than that, VMWare's NSX can definitely do the whole WAN thing, and it's technically "software defined."

 

[kevnich2]

So far the only SDN stuff I've looked at is the cloud managed routers, switches and WAP's and what not for some of our branch offices. A device that talks to a cloud/internet based controller for all it's management functions.

 

[Railgun]

If you are seriously interested, you can always ask the vendor to send a sales-guy to visit you. They will usually tell you a lot more in private than what the company will state publicly.

This will eventually be the direction we take. As I'm just starting off, I'm just exploring the lay of the land.

My personal view is this. Cisco is the dominant player in the router-market. There are only a few companies that can follow (Juniper, Alcatel-Lucent). Nobody else has a chance to enter the router market. But when things get shaken up, everything changes. In the turmoil, maybe a few new companies will be able to gain market-share. And that is why everybody is so enthousiastic about SDN. I think the technical merit is a lot smaller than these people try to make it.

Sure. In the middle, it's all the usual HW, but between that and a customer DMARC is where the magic happens. I'm assuming whatever provider it is doesn't have their own dedicated network, their own dedicated circuits. It's all internet anyway. The logic they use to get to point B is what really matters. WAN optimization is WAN optimization. While I would like to know what/how they're doing it, ultimately it will come down to the resiliency of the service.

If you're interested in a SD-WAN product, you might wanna check out Viptela. I used to know many of the guys who started that company. They know what they're talking about. And a guy I respect a lot told me that their product is actually not bad for what it does. They also have a big VC behind them (Sequoia), if that interests you.

I'm aware of them as well, but haven't turned my attention to them yet. However, my interest is piqued. Thanks for that. Though, I'm looking for better than "not bad."