9.

2 Designing Service Provider-Managed VPNs

Choosing Your WAN Connection 

There are some major decision points when you are choosing your WAN connection. These
decision points may include service availability as well as financial and technical aspects.

The major decision points when you choose your WAN connection are the following:

 Service availability
 Financial decision points
1. Total VPN solution cost
2. Lock-in situation
 Technical decision points

1. Convergence
2. Scalability
3. QoS
4. SLA
5. Supported traffic
6. MTU size

When you design your WAN, you first need to check VPN service availability. Not all
services are always available at all customer sites. You might be forced to combine multiple
services. If you have different options, there are some major decision points to choose your
WAN connection.

The financial aspect is very important when you choose your WAN connection. You must
compare the cost of the service, the equipment cost, and the operational cost. Another
important aspect is the long-term lock-in, which is created with the Layer 3 VPN. It is harder
to change service providers because you need to readdress all of your CE devices, you need
to establish new routing policies, and so on. It is much easier to change the service provider
when you choose the Layer 2 VPN because the routing is under your control.

Also, many technical aspects exist when you choose your WAN connection, as follows:

 Convergence: With the Layer 3 VPN, the routing is under service provider control,
which also includes the convergence time. When you choose the Layer 2 VPN
solution, you are responsible for the routing.
 Scalability: When you choose the Layer 2 VPN, you can have scalability issues in
full-mesh topologies. Routing protocols may fail due to many neighbors and
adjacencies. With the Layer 3 VPN solution, each CE device only has an adjacency
with the PE device and is therefore much more scalable.
 QoS: WAN connections have limited bandwidth. Therefore, you often need QoS to
prioritize, for example, real-time traffic. Service providers often offer QoS for your
traffic, but this solution usually leads to higher costs.
 SLA: Some providers may offer some sort of SLA for their services. This SLA
should be reviewed to achieve the minimal service level that is agreed with the
contract.
 Supported traffic: You may often need to transfer traffic such as multicast. Some
service providers support multicast, while others do not. Multicast is especially
needed with Layer 2 VPNs to allow the exchange of routing messages.
 MTU size: It is important to reduce fragmentation to a minimum. Therefore, you
need to know the MTU size to set the appropriate MTU values on your network. Also,
you might need to forward jumbo frames.