Internet connectivity for branch locations is often mission critical. For retail, hospitality, financial, and many other organizations, reliable internet connectivity ensures business continuity, uninterrupted financial transactions, and customer satisfaction. Branch connectivity is often established through leased private lines, such as multiprotocol label switching (MPLS) links.
The most attractive feature of MPLS is usually its reliability. Providers offer service agreements with uptime of 99.9% or higher. But this level of reliability comes at a high price, and rolling out MPLS to hundreds or thousands of branch locations quickly becomes prohibitively expensive. Fortunately, it’s now possible to aggregate multiple lower-cost access alternatives to achieve similar levels of reliability and performance. Meraki’s MX70 cloud-managed router makes this very simple.
Taking a hard look at connectivity costs
Using link failover and link aggregation, it’s now possible to take advantage of multiple internet access methods to increase the reliability of the branch network connection. The price of broadband access technologies such as DSL, cable, and even broadband fixed wireless has steadily declined over the past several years. By connecting more than one link at a time, the low price of these access technologies can be enjoyed without sacrificing reliability. For example, a branch location may have DSL and cable internet access available to it, but few other affordable options. In this case, each can be connected to the MX70’s WAN ports. To approximate the new level of reliability for two bonded links, use this equation:
Figure 1 shows a cost comparison for two T1-MPLS links bonded together vs. bonding one cable and one DSL line together.
Figure 1: MPLS vs cable + DSL yearly connectivity costs for 20 branch locationsFigure 2 shows an MX70 router status page with two active WAN connections, as would be the case when bonding a cable line and a DSL line together.
Figure 2: MX router status with 2 active WAN linksThe green indicators show that both WAN connections are live and active. If either link fails, traffic will be routed through the other WAN link, and network clients won’t see a disruption in their connectivity. When both links are active, their bandwidth can be aggregated and traffic will flow through both connections. The MX can also be configured to use only one primary WAN connection, using the other connection only in case the primary link fails. In both cases, the reliability of the branch connection is increased.
But this greater reliability isn’t the only benefit: since both WAN connections are active, the MX70 can aggregate their bandwidth, thus increasing the network performance. Internet traffic is spread among the uplinks in the proportion you specify in the dashboard, as shown in figure 3.
Figure 3: Uplink WAN aggregationTying it all together
Once branch locations have reliable and redundant internet connectivity, how can they connect to headquarters? The Meraki MX70 router has built-in site-to-site VPN capability that enables branch networks to automatically connect back to headquarters. For branches that have simple network requirements, the MX can connect the entire branch subnet to the site-to-site VPN. It’s as simple as selecting participation for the subnet, as shown in figure 4.
Figure 4: Participating in site-to-site VPNBranches with VLANs can also be integrated into the site-to-site VPN. For each VLAN, simply choose if it participates in the site-to-site VPN, as shown in figure 4.
Figure 4: VLAN site-to-site VPN participationFor connecting multiple sites together, the MX70 provides a simple way to reduce your WAN costs, allowing you to eliminate expensive, leased private lines such as MPLS. Instead of buying one expensive MPLS line, take two lower cost links, aggregate them, and benefit from the built-in redundancy and cost savings. And once those branches are connected, monitoring and managing the entire network is extremely simple, because it’s done through Meraki’s web-based dashboard. The burden of remote site IT support is dramatically reduced, and network administration can be performed from a central location.
If you’d like to find out more about the MX series routers, don’t miss our next webinar on June 22nd at 11am Pacific time.