Despite the popularity and widespread use of overlay VPNs for WAN service, they do have several disadvantages. Take a look at Figure 1, in which we have the logical topology for one customer with six sites, connected using a full-mesh of PVCs:
Connecting six sites in a full-mesh requires fifteen PVCs. Now consider the fact that some customers have thousands of sites. If a hotel chain with three thousand properties wanted a full-mesh, over four million PVCs would be required for this customer alone. If we reduce the logical topology to a hub-and-spoke, three thousand sites would still require 2,999 PVCs. These PVCs must be configured one-by-one into the switches in the WAN cloud. This represents a tremendous time investment for the provider personnel who configure those switches, at a commensurate cost. For this reason, customers with more than a few sites typically opt for either a hub-and-spoke or a very sparse partial-mesh. Nevertheless, for a large WAN provider with thousands of customers, it’s a lot of configuration.
Now let’s look at things from the customer perspective. In order to make things affordable if we have more than a few sites, we use either a hub-and-spoke or a partial mesh. The problem is that some applications, such as VoIP, are sensitive to delay. Having to cross the WAN cloud twice (remote site to HQ, and then to another remote site) may introduce unacceptably long end-to-end latencies. Thus, the configuration complexity and cost of overlay VPNs can make them less than ideal from a scalability perspective. What we want is the functional equivalent of a full-mesh for each customer that desires it, without the configuration overhead (and expense) that a full-mesh requires.
While pondering this over a decade ago, people in several organizations thought “What if instead of using Layer-2 switches inside the WAN cloud, we use routers? Routers are good at finding the optimum paths. Instead of manually configuring PVC’s, we’ll just replace the PE and P devices with routers, and let those routers do the rest!”
Next time we’ll explore whether or not this might actually work.
