As showed in a previous blog post, site to site connectivity can be greatly simplified using the MX router’s built-in, self-configuring VPN. The MX can also significantly lower branch connectivity costs and make sure your branch prioritizes bandwidth for critical applications, thus virtualizing the WAN into a high performance service while reducing cost at the same time.
Getting the most out of branch connectivity
Internet connectivity at each branch in a large, multi-site network can vary widely in performance, cost, and reliability. Sites are often connected via MPLS or other dedicated lines, which provide high reliability at a high price. Typically, these lines are dropped in to support applications such as VoIP. Consider that a T1 or MPLS connection can range in the hundreds of dollars — and that’s per month, per site! As an organization grows and adds sites to its network, connecting all of them via MPLS can be prohibitively expensive.
As an alternative to high cost leased lines, the MX70 can aggregate multiple uplink connections, such as DSL or cable connections. These links don’t individually have the service levels of a leased line, but they can be aggregated together to provide very high uptime at a much lower cost. This also means you don’t have to give up the low latency of a dedicated line. Instead of upgrading the dedicated line to support growing bandwidth needs, you can augment it with a consumer-grade connection and still keep the dedicated line for business-critical applications, like VoIP. The second link can then be used for non-critical applications, such as web traffic.
Uplink bandwidth can be allocated on a per-connection basis using traffic preferences in the MX70. This lets administrators push web traffic (or other recreational traffic types) over a lower quality link and reserve a higher reliability link for applications such as VoIP and video conferencing. The example below shows web traffic configured to flow over Internet 2 (for example, a cable or DSL line), and all other traffic to flow over Internet 1 (an MPLS or T1 line in this example).
Aggregating multiple links also increases the overall reliability of the WAN connection for your network. The MX70 detects the availability of connected WAN interfaces and automatically performs failover in case one of the links temporarily goes down. This happens when a cable is physically unplugged from a WAN port, and it also happens if the MX detects it can no longer connect to the internet, through layer 3 detection.
Controlling congestion through traffic prioritization
Assigning traffic among uplink connections helps ensure that expensive WAN links are used for the most critical applications. It’s also important that application traffic is properly prioritized for each WAN link. Real time prioritization maximizes the utility of the WAN connection by ensuring your most important applications take precedence over others, especially in cases where the uplink connection is in heavy use.
The MX70’s per-flow traffic prioritization minimizes congestion and ensures critical applications take priority over others during times of heavy use. Figure 2 shows an example for an organization that relies heavily on VoIP / video conferencing. Email is also important, but it isn’t more time-critical than a VoIP call, and online backups are the least time-critical and can be set to low priority.
Connecting branches securely using multiple links maximizes WAN utility at each location, allowing organizations to create a virtualized WAN that enables them to deploy services such as VoIP and video conferencing, seamlessly share information between branches, and support bandwidth-intensive applications. Combined with the MX’s built-in multi-site network management, the virtualized WAN brings significant cost savings and lets network administrators support business-critical applications and services across the entire organization, regardless of location.