The previous tech tip provided insight into issues surrounding migration from a traditional VPN to an MPLS network based VPN. The insertion of a dual WAN backbone representing the current VPN and addition of the MPLS VPN can cause significant issues when migrating.
There are multiple scenarios for migrating depending on the carrier, the access circuit and the level of support at the edge for the new circuits. If a customer is migrating to MPLS VPN's offered by the current WAN VPN provider and the MPLS offering supports the same interface types as the current WAN VPN, the migration risks are minimized. However, in some cases the MPLS VPN services are purchased from a totally separate provider.
In the scenario where the customer is migrating frame or ATM services from the same provider, the provider can provision a separate PVC through current connections that terminates on the same interface used for the legacy WAN VPN. If the access circuit is not ATM or Frame, then a separate interface is required on the router. This complicates the issue as not all routers are capable of supporting the extra interface required. This could be due to unavailable ports or the need to purchase additional interfaces on the router.
In the scenario where the customer is purchasing MPLS VPN services from an alternative provider a secondary interface is always required. The same issues regarding available port interfaces are evident.
In addition to the interface support required for migration purposes, the customer may want to upgrade the WAN bandwidth on the MPLS VPN since all previous circuits are going through one interface (or two) now instead of multiple interfaces. The routers may not support the interface bandwidth requirements and could negatively impact the speeds and feeds required for the new solution.
These problems can be resolved by proper planning before moving towards a MPLS VPN solution. In fact, the cost of deploying the VPN solution can increase significantly once the customer understands the upfront costs associated with potential router upgrades and interface additions. Proper planning requires an evaluation and assessment of the current WAN VPN infrastructure including router types, operating systems, configurations, interface support, utilized interfaces and open interfaces. This is very important if you are going to utilize QoS at the edge of the VPN as many routers are outdated in regards to this technology. However for migration purposes, once the information regarding these key components is understood, the customer can evaluate the ability of the WAN edge to support the MPLS VPN migration and develop a plan for ensuring the environment is ready for transition. It is highly recommended that this exercise take place during the evaluation of MPLS VPN technology as a replacement of the traditional VPN. The additional costs that can be associated with the MPLS VPN technology can cause some deviation from the original strategy or a dismissal of the technology as a cost effective solution. In the next tip I will discuss some of the issues surrounding the routing architecture as it relates to MPLS VPN solutions.
Robbie Harrell (CCIE#3873) is the National Practice Lead for Advanced Infrastructure Solutions for SBC Communications. He has over 10 years of experience providing strategic, business, and technical consulting services to clients. Robbie resides in Atlanta, and is a graduate of Clemson University. His background includes positions as a Principal Architect at International Network Services, Lucent, Frontway and Callisma.
Dig deeper on VPN design