SD-WAN can require a new mindset for network architecture, from the underlay circuits to the integration between the overlay and the existing WAN. Here are some technical considerations for the new WAN:
- Less focus on primary / backup circuits, more on a pool of connectivity: One of the major benefits of SD-WAN is the ability to extract better performance out of multiple circuits than each individual circuit can deliver. Traditional WANs focused on a high-quality primary circuit at each site, with backups in some cases. In an SD-WAN design, multiple low-cost circuits can be used instead. Think of each circuit as “disposable”, meaning the network is not dependent on any single circuit. This increases resilience, and can significantly reduce cost in the network
- Look at high availability options for resilient sites: Most SD-WAN solutions offer a range of high availability (HA) options, in physical and virtual environments. Hot standby HA solutions are most common, with a second device ready to take over from the first if it fails. More advanced solutions include a distributed HA architecture, with circuits connected to separate appliances and back-to-back connectivity between the appliances to use each circuit. Clustering can be another option to provide HA in addition to better horizontal scaling
- Leave forwarding decisions to the SD-WAN whenever possible: It’s tempting to use the policy-based features of an SD-WAN solution to carefully engineer traffic flows and steer specific applications over certain link types. However, in our experience it’s often better to leave these policies in an automatic mode, where the best path(s) will be selected in real time. In a traditional enterprise WAN, real-time traffic like voice or video would always be carried over MPLS; this isn’t necessarily the case in an SD-WAN with advanced telemetry
- Carefully consider routing protocol integration: As SD-WAN solutions have matured, their routing capabilities have improved significantly. Most major SD-WAN solutions support a range of routing protocols, including OSPF and BGP. This can facilitate the use of the SD-WAN edge as an MPLS CE, and integrate with existing networks at data centers. However, it’s important to consider how the underlay and overlay work together in a dynamic routing environment to avoid loops
Application-level configuration and control
The ability to build an application-centric WAN is a major reason for SD-WAN adoption. It is very straightforward to write policies that would be highly complex in a traditional WAN, like “mark Office 365 traffic as High Priority“. Network managers can clearly see which links are carrying which applications, and a variety of per-user application usage metrics.
Network topology and insertion models
There are many considerations for where the SD-WAN overlay integrates with the existing WAN, especially at complex, high-availability sites. It is important to understand if the service will sit in-path or off-path, how each underlay circuit will connect to the SD-WAN, and how integration with existing components like core switches and firewalls will occur.