Many people say that it is one of the most promising communication technologies in the future and has great commercial value.
Established communication equipment vendors and operators in the industry are optimistic about it, and emerging start-ups also regard it as a once-in-a-lifetime opportunity.
So, what exactly is SD-WAN? What is it for? What's special about it? Today's article, let Xiao Zaojun give you a comprehensive analysis.
SD-WAN, full name of software-defined WAN, is a software-defined WAN. WAN is a wide area network, wide area network.
I believe that if students who have frequent contact with IT and communication are familiar with the prefix "SD". Yes, in today's era when software is king, concepts such as SDN, SDS, SDR…… ... are flooding our work and become popular words.
Software-defined network.
SDS: software-defined storage.
Software radio.
In previous articles, Xiao Zaojun mentioned SDN (Software Defined Network) many times. As I said, SDN/NFV is the development direction of the future network, and it is also a remarkable feature of the 5G era.
SD-WAN is an important branch of SDN and the application of SDN technology in WAN.
Simply put, SD-WAN is SDN+WAN.
What is Wan?
Let's talk about the most basic concept.
Many children's shoes engaged in networking should know that WAN is a wide area network, and the opposite side of WAN is the well-known LAN (Local Area Network).
The Wi-Fi network in our home, the network in Internet cafes and the small-scale network in the company office are all LANs.
Blue
WAN is a computer network with a large geographical scope, which spans provinces, cities, even countries and continents.
For example, a group company is headquartered in Beijing and has branches in Shanghai, Guangzhou and Chengdu. Then, the local network of the branch can be regarded as a local area network. The network of the whole group company is a wide area network.
Wan Wan
Note: In fact, besides LAN and WAN, there are also MAN, which is a city-scale network and is often mentioned by operators.
The reason why there is a wide area network, I think everyone should understand-in the era of digitalization and networking, the company's operation is inseparable from computers and various information systems and platforms.
From basic email to office automation (attendance system, financial system, etc. ), to PLM (product life cycle management), ERP (enterprise resource planning) and other systems strongly related to the main business, there is an urgent need for a strong support network.
Various information systems are the cornerstone of the development of modern enterprises.
For most companies, it is impossible to pull a proprietary network cable or optical fiber to connect the network of the head office and branch offices. The quantities and costs are astronomical figures.
So, there are only two options left.
The first is to connect all employees through the Internet.
The nail and corporate WeChat, which are very popular now, are actually such a way.
All Online (Internet)
Today, with the development of mobile Internet and fiber-optic broadband, this method seems to be a good choice. However, in this way, we need to face two fatal problems: service quality and data security.
The 4G data services we use, as well as most fiber-optic broadband access, are basically civil-grade communication services. The stability and reliability of this service is very poor, and it is often stuck or even dropped.
This kind of service quality is barely acceptable to small and micro enterprises. But for large and medium-sized enterprises and even groups, it will not work. For example, how can the systems of ICBC Beijing Head Office and Jiangsu Branch be slow and broken?
In addition, exposing all the company's business systems to the Internet will also bring great security risks and risks. For example, the railway corporation put all the vehicle operation management systems on the public network. Do you feel at ease?
Nail and enterprise WeChat are also supported by the very strong security protection capabilities and system capabilities of large Internet companies.
Therefore, using the Internet as your own company's WAN is only suitable for small and micro enterprise users. (On the other hand, small and micro enterprises don't need WAN. )
The second way, which is also the mainstream choice of users at present, is to connect with the private line provided by operators.
The most representative of this kind of private line is MPLS.
What is MPLS?
MPLS, multi-protocol label switching, multi-protocol label switching. This is an efficient and reliable network transmission technology. Simply put, it is to put a label on the data stream, a bit like a chicken hair letter, telling all the devices along the way: "Who am I and where am I going?"
MPLS private line is a WAN service private line based on MPLS technology.
MPLS private line
MPLS private line is a leasing service, and its ownership belongs to telecom operators. The operator rents the private line to you, and then promises what SLA (service level agreement), including bandwidth, delay, jitter, packet loss rate, etc. ) this line can be satisfied. It doesn't matter whether your software is fast or not.
Just like the broadband installed in your home, the operator will only show you the speed-is there 100Mbps? Yes, that's good. You play chicken club card? Sorry, it's none of my business. This is an SLA-based service.
Anyway, it is a private line, and the network quality of MPLS is good.
Here comes the problem again. You rent me, you rent everyone. The physical network of the operator is like this. So many companies' businesses are running on it. How can we ensure differentiation and isolation?
Here, we will mention a familiar term-VPN.
Virtual private network, virtual private network. In fact, a dedicated channel is created on the basis of normal physical connection to ensure the isolation and confidentiality of communication.
VPN channel
According to different networks, VPN usually includes Ipsec-VPN and MPLS-VPN.
Virtual private network based on internet. This is what people often use. Employees of large companies will dial VPN when they are on a business trip, and then they will become the company's intranet and can visit the intranet website.
MPLS-VPN, VPN based on MPLS private network of operators. Between the whole branch and the headquarters, through this connection, it is logically equivalent to everyone being in an intranet.
Let me briefly talk about the two concepts of superposition and bottom layer that you may often see. Literally, the overlay is above the layer and the underlay is below it. Hoho, in fact, draw a picture and everyone will understand-
The location of the bag is different.
MPLS, a kind of technology, has sprouted since Cisco put forward Tag/Label Switching in 1996, and has dominated the enterprise network market for more than 20 years without any significant improvement.
Compared with the Internet, MPLS private line has the advantages of being relatively stable and reliable, and its security is also guaranteed. But with the development of the times, its shortcomings are becoming more and more obvious, and users complain:
1, and the use cost is high.
For a long time, whether it is private line or VPN service, the price offered by operators is very expensive.
For example, the price of multinational 10M MPLS-VPN in a province is 80,000 yuan/month. For a huge enterprise user group, there are many branches and offices, and the annual cost of renting lines may be as high as tens of millions or even hundreds of millions of RMB.
Such a cost level is unimaginable for our family users who spend hundreds of dollars a month. With the intensification of competition, this huge cost pressure is enough to make the CEO/CFO/CIO feel uneasy.
2. Long deployment cycle.
After applying for installing the dedicated line, the operator should go through the internal process and manually install and configure the terminal at home. The whole installation time cycle is very long, which usually takes one week to one month.
This time period is also unbearable for enterprises with faster and faster pace.
3. Troubleshooting is very difficult.
Private line network belongs to "black box network". For enterprise users, when there is a problem with the private line, it is difficult to quickly judge the reason. Enterprise IT engineers can only check the internal firewalls, switches, routers and other equipment. If the cause of the problem is not found, turn to the operator again.
For operators, the investigation is also very tangled. Often, I finally find that I have no problem, and the problem is still at the client.
This time has delayed a lot of time and affected the normal operation of the company's business.
4. Maintenance manpower is tight.
For corporate headquarters, there are generally specialized IT engineers for maintenance. However, for branches or offices, due to cost considerations, specialized IT engineers are generally not available. This brings difficulties to the maintenance of MPLS private line and increases the cost of commutation.
In a word, MPLS private line is expensive and difficult to use, "MPLS has suffered for a long time in the world"!
The debut of SD-WAN.
Well, it's finally the protagonist of our article today.
SD-WAN is a new WAN technology to solve the above problems.
SD-WAN originated from SDN. The knowledge of SDN is endless, so I won't introduce it today. You only need to know that the essence of SDN technology is centralized control of the network.
Separation of forwarding and control
SD (Software Definition) is not to let software replace hardware, but to extract more capabilities of hardware and hand them over to unified software control and management. To put it bluntly, it is to generalize and simplify the hardware and become "silly and lovely". And the software Controller has become the core of mastering everything.
What kind of architecture is SD-WAN based on SDN? Words are different from pictures. I drew an architecture diagram according to the SD-WAN scheme of an equipment manufacturer. Please see:
SD-WAN network architecture
As you can see, the backbone of the whole network architecture is actually the Internet and MPLS private line. However, on top of this architecture, there is an additional SD-WAN controller. This controller is the management control core of SD-WAN.
At the branch node, as well as the headquarters node, there are some things like uCPE and vCPE.
Before CPE introduced 5G, it was said that customer premises equipment was called "customer terminal equipment" in the industry. The CPE here is different from 5G CPE, which converts 5G signals into Wi-Fi signals. The CPE here is an interface box (which can be understood as a small router) connecting the network.
UCPE is a universal CPE, a universal client device. VCPE is a virtual CPE, a virtual client device.
Administrators can configure the SD-WAN controller through the application layer interface, and can also assign the functions of vFW (Virtual Firewall) and vWOC (Virtual WAN Optimization Controller) to CPE to realize the corresponding functions without purchasing hardware.
Let's analyze the network architecture and node equipment in detail, and what changes will be brought by adopting SD-WAN:
1, interface takes all, load balancing
From the branch, SD-WAN is no longer forced to use MPLS only, but allows multiple connection types such as MPLS, xSDL, PON fiber broadband, 4G LTE and even 5G. CPE can support the binding of multiple interfaces, thus becoming an interface resource pool.
With the help of the software capabilities and CPE of some equipment manufacturers, thousands of different application levels can be identified and different service qualities can be arranged.
For example, video conferencing requires higher network quality, so the priority and QoS are set higher. Text chat or something, just set it to level one, and let it use a network like LTE.
In this way, the dependence of enterprise users on MPLS private lines is greatly reduced, and ordinary optical fiber broadband and 4G can also come in handy. The bandwidth utilization rate of users is improved and the traffic cost is reduced.
2. Choose the best path independently.
The key of WAN technology actually lies in path selection. For different branches, SD-WAN can choose the best path independently according to the current network situation and configuration strategy.
SD-WAN also has load balancing ability to enhance the reliability of the network.
In fact, there are many POPs (Access Points) in the operator network to help solve the problem of link congestion and load across operators.
3, simple deployment, second-level completion.
When evaluating the deployment speed of SD-WAN, people will repeatedly mention a word called ZTP, which is zero-contact supply and zero-contact deployment. Simply put, it's almost plug and play.
In addition to automatically obtaining the configuration after CPE is powered on, it can also be configured by scanning code or email.
Take the mail deployment method as an example. When deploying SD-WAN, IT engineers at headquarters only need to prepare the configuration data in advance, and then send the configuration to any employee of the branch office by email, and the employee can complete the configuration and deployment of the equipment through the link.
IT is so convenient and fast that it no longer needs professional IT personnel to be present for configuration and installation.
4. Self-control and intelligent operation and maintenance
SD-WAN has SDN gene, so it has inherent advantages in network management. But all the management platforms of SD-WAN are graphical and visual. Administrators can clearly see the operation of SD-WAN through the network management interface and deal with the problems in time. This greatly reduces the difficulty of maintenance and the processing time of faults.
In a word, the advantage of SD-WAN is that it saves money and is easy to use. According to estimates, SD-WAN saves at least 30% of the cost per year compared with MPLS under the same bandwidth. So some people jokingly call SD-WAN "saving USD-10,000".
The development of ▎SD-WAN
Money is the last word. The return of real money has promoted the development of SD-WAN at an alarming rate.
SDN appeared in 2006 and was officially named as 20 1 1. The first spark between SDN and Wan was at 20 14.
In this year, an ONUG(Open Network User Group) consulting company (formerly an investment company) put forward several application scenarios of SDN technology at a seminar with enterprise users on future enterprise network requirements, so that SDN and enterprise WAN really met.
In the same period, an article entitled "Software Defined WAN: Introduction" was published on the website, which introduced the name SD-WAN to the public for the first time. (Primer means enlightenment and introduction. )
Since then, SD-WAN has quickly attracted widespread attention in the industry, and various giants have begun to flock to it.
In 20 15 years, the market income of SD-WAN was only $225 million, and the application rate was less than 1%. In 20 18, the overseas application rate of SD-WAN has reached an astonishing 40%. Industry analyst IDC predicts that the SD-WAN market will grow to $8 billion by 20021year.
Enterprises engaged in SD-WAN services are divided into many categories. Here is a brief introduction.
The first category is companies that focus on providing WAN solutions. They buy operators' private lines, and then set up their own WAN to provide SD-WAN services for enterprise users.
The second category is traditional equipment manufacturers, such as Huawei, ZTE and Xinhua III. Needless to say, solutions, hardware and software, they sell everything.
The third category is companies that focus on SD-WAN sales optimization, security, encryption and other technologies and products. They have their own software and hardware products and sell them to SD-WAN users.
Traditional telecom operators also attach great importance to SD-WAN. After all, it is a technology that threatens their jobs. At present, domestic operators have carried out SD-WAN business pilot projects in many places. Their business model is mainly based on the existing infrastructure services, using their own advantages in hardware resources to provide network value-added services. Such as firewall, WAN acceleration and network security.
In a word, SD-WAN is a fast-deployed, low-cost and flexible WAN solution. It has undoubtedly become the mainstream of the industry. The only thing we have to pay attention to now is who will win this fierce battle around SD-WAN and who will become the biggest winner in the future WAN market!
(Source: Fresh Jujube Classroom)