Marcio Saito, Chief Technical Officer for Opengear looks at how SD-WAN is helping network managers deliver better architectures along with some of the challenges that need to be addressed.
The next evolution is in software-defined wide area networks (SD-WAN), as service providers and customers look at more adaptable technologies to replace ageing MPLS circuits. The advantages of rapid and flexible network provision have complemented the rise of virtualisation technologies that have brought agility to software systems.
However, although the notion of a software base suggests a scalable and adaptable framework, there is still an underlying reliance on routers and switches that, like any physical element, are susceptible to outage. Although less vulnerable in a mesh/fabric deployment, when it comes to SD-WAN routers at each end of a link can become a major concern and single point of failure.
For the uninitiated, software-defined networking is an architecture for building network infrastructure that explicitly separates the control/management plane from the data forwarding layer. The network is managed by the SDN controller, a piece of software that interacts with the switching fabric through APIs and standard protocols. In traditional infrastructures, the switching hardware fabric, the higher-level protocols and the management software are often vertically integrated and reside in an embedded networking appliance. Separating the control plane from the underlying switch fabric allows for more flexibility and removes the dependence on hardware from a single vendor ecosystem that was typical with previous networking systems.
A benefit of SD-WAN is the ability to aggregate multiple circuits for load balancing and redundancy, but the SD-WAN router can still falter. A single event can cause simultaneous failures in multiple circuits, with a severed cable into the facility a major concern if truly separate paths have not been implemented.
In response, many organisations are turning to complementary technologies to help with both deployment of SD-WAN and to provide additional resiliency along with the means to remotely connect to SD-WAN equipment in the event of an issue – with the goal of creating an enterprise-grade WAN solution.
For deployments and migration from the previous WAN, using a console server can avoid an expensive truck roll. As an example, CSC – IT Center for Science Ltd, a major non-profit organisation that serves Finnish higher education institutions and government agencies, is using smart out-of-band (Smart OOBTM) appliances that it ships to sites across the country to support its ongoing WAN network upgrade.
Each appliance is connected via serial ports to core routers and other network equipment that are then remotely managed by the network team from its central data centres in Espoo and Kajaani. In this scenario, the IT team can provision the network from a central NOC without the need to send an experienced network engineer to each location. Embedded cellular in each unit enables this process over 4G-LTE if the primary network is not available during the transition. CSC is also using the same Smart OOB appliances to help record and in the event of any problems, rollback critical firmware upgrades and configuration changes for core networking elements at remote sites.
It is in this daily operation and in a troubleshooting scenario where Smart OOB offers the most complementary fit. One of the main benefits of SD-WAN is the separation and centralisation of its control and management planes. However, unlike data centre networks where the control, management and data planes may run over separate or redundant networks, the traffic used to manage and control the SD-WAN itself is running over the in-band data path through the production network.
In the event of a failure, when the SD-WAN overlay is down, there may be no way of reaching the SD-WAN router to figure out what’s gone wrong or to remotely fix it, especially as it can be tricky to ascertain if it’s an ISP, overlay, appliance or user error?
SD-WAN’s ease of bonding extra WAN circuits into the overlay can help mitigate this risk as long as the circuits are truly diverse and not just different brands that are sharing backhaul paths or other single points of failure. In this context, Smart OOB can utilise 4G/LTE connectivity as a secondary or tertiary WAN circuit to provide resilience from severed cables and perhaps enough bandwidth to sustain overlay comms during primary WAN circuit failure. Plus, using a dedicated cellular appliance gives a separate method of delivering true out-of-band management capability.
SD-WAN is growing, with analyst firm IDC forecasting the market will reach US$8 billion in 2021 and the benefits it offers in terms of cost reduction and flexibility are compelling. However, both enterprises and network service providers need to consider strengthening resiliency measures – to ensure truly enterprise-grade WAN, forward-thinking network teams are increasingly adding a Smart out-of-band network to their SD-WAN deployments. Through innovative use of fixed and cellular technologies, operators of SD-WAN environments can improve reliability and recover more quickly from outages while benefitting from enhanced management and security controls.