* Assumes 99% uptime per circuit

 

This performance is possible only if the SD-WAN runs multiple active connections that are diversely routed, that is, sharing no physical infrastructure. Ensuring the latter becomes challenging when both last-mile connections use the same technology, as wiring, ducting, and other physical plant infrastructure are shared among ISPs. Mixing last-mile technologies such as xDSL and 4G, as well as ISPs, helps guarantee last-mile diversity.

​

Bandwidth Throttling

Bandwidth throttling enables the administrator to control each application’s bandwidth usage.  Custom rules define the maximum percentage of bandwidth available to a given application, such as limiting YouTube traffic to 10 percent of a site’s Internet link.
 

Bandwidth Reservation

Bandwidth reservation allows the administrator to reserve bandwidth for business-critical applications like VoIP and video conferencing. Bandwidth reservation guarantees specific applications the bandwidth they need. For example, 10 Mbps out of the 100 Mbps link can be reserved for an important voice meeting.

​

Forward Error Correction (FEC)

With Forward Error Correction, the SD-WAN corrects packet loss by inserting an additional correction packet into the data stream. The receiving SD-WAN node can then regenerate lost packets automatically, avoiding the latency of a retransmission. FEC should be a dynamic algorithm, increasing or decreasing the number of correction packets based on packet loss rates and link capacity. It should also be configurable to specific protocols, ports, and applications. And the correction packet should be sent on a secondary link, minimizing the possibility of losing the correction packet and the data it’s protecting.
 

Packet Duplication

Where connections are too unstable for FEC, SD-WANs should be able to duplicate packets across active connections. Receiving SD-WAN nodes accept the first duplicate packet, ignoring the subsequent one. While duplication significantly increases the likelihood that data will be received by the destination, duplication also consumes bandwidth across the secondary connection. As such, packet duplication should be used as a last resort.
 

Global Optimization

The middle mile is the segment between the last miles of the source and destination ISPs. The middle mile is inherently longer than the last, so latency is a much larger factor. The ISP’s routing policy impacts latency as it’s based on economics not application performance. Latency and loss are also exacerbated by Internet peering policies between carriers. As such, SD-WANs should implement FEC in the middle mile.

 

Several other optimizations are necessary to address issues specific to the middle mile:
 

• SLA-backed, alternative Backbone[1] 
  An SLA-backed backbone overcomes the latency and loss caused by Internet peering. This solution is particularly important in global networks where a limited number of paths prevents ISPs from finding alternative routes to a destination. The backbone should be global, with PoPs connected by multiple tier-1 carriers. SLAs should ensure predictable and consistent latency and loss.
  
  To minimize costs, ensure the backbone is based on Internet transit services. Some providers offer Internet entry and exit but carry traffic across MPLS backbones, making these services more expensive than SLA-backed WANs.

​

• Application-Aware Routing
  To maximize performance, uptime, and reach, the backbone should be constructed from multiple tier-1 carrier networks. PoPs should form an encrypted, software-defined overlay across all backbones and gather latency, loss, and jitter statistics for each network, selecting the optimum path from the provider networks.
  
  Application-aware routing algorithms define “optimum” depending on an application’s performance characteristics and business importance. Voice and other real-time applications are sent across routes with the least loss, and bulk transfer across paths with maximum throughput.

​

• Route Optimization
  PoPs should be connected by a full mesh. For each packet, the SD-WAN should calculate multiple routes directly to the targeted PoP or via other PoPs. Depending on networking characteristics, the fastest end-to-end path is often not the most direct. By calculating multiple routes at each PoP in the packet’s journey, the SD-WAN identifies the best path available at any time.

​

• Latency Optimization
  To avoid sending more data than the network can transmit, TCP Congestion Control limits the amount of data transferred within a set window of time. The protocol will gradually increase the window until reaching its maximum. As packets are dropped, TCP resets the process. To send and receive more data and optimize bandwidth, the backbone should implement several TCP improvements, including TCP window sizing.

​

Cloud Integration

With more enterprise traffic going to the cloud, IaaS and SaaS resources should be connected to the SD-WAN. Cloud integration challenges SD-WAN appliances, as they must sit on both sides of the connection. Organizations must therefore find a way to deploy a virtual or physical appliance either in or near the datacenter hosting the IaaS or SaaS resource. That’s often impossible, and it’s always more complicated than a site-to-site rollout. Look for SD-WAN solutions that offer the following:

​

• Shared Internet Exchange Points (IXP)
  By colocating PoPs in the same IXPs as all leading IaaS providers (Amazon AWS, Microsoft Azure, Google Cloud Platform), SD-WAN providers can interconnect their networks directly in the IaaS network via the exchange point rather than through one or more third-party networks. Traffic from customer sites and devices is optimized and routed via the shortest and fastest path to the customer’s cloud infrastructure.
   

• Shared Infrastructure
  By building PoPs within AWS and other IaaS providers, SD-WAN providers can guarantee that traffic between the customer’s IaaS networks route on the IaaS provider’s high-performance backbone.
   

• Optimized Access
  When accessing SaaS applications, the SD-WAN should optimize and reduce latency, such as by allocating a unique IP address and attaching it to the PoP physically closest to the SaaS application. SaaS traffic  will then route across the SD-WAN and be dropped at the PoP closest to the SaaS datacenter.

​

Mobile Integration

The expansion of the mobile workforce and the use of personal devices to access business data (BYOD) has further challenged legacy network security, since mobile users can access the Internet directly, bypassing network-enforced security policies. Forcing these users to establish VPN typically creates performance and user experience problems, especially for global travelers, leading to security policy violations.

 

These problems sometimes come from the added latency introduced by having to establish a VPN back to a firewall before connecting to the Internet. Even when users connect directly to the Internet through a mobile service, performance suffers from the aforementioned middle-mile and last-mile issues. Allowing mobile users to connect to an optimized backbone addresses these performance concerns.

​