s a
asked on
mpls vs vpn
Hey all, I dont have a solid understand of mpls and vpn so I am hoping someone can explain it to me....basically we have 3 sites, one in NY, one in chicago, and one international...that I believe (but not sure) are connected by site-to-site juniper vpn, NY has a 100meg line, chicago has a fiber, and international has 10meg
We have a LOT of data ransfer going on between the sites and have to constantly monitor the vpn connections....is this the best way to do this? Speed wise? efficiency? ability to all be on the same network?
Would mpls help and if so how? How does it also differ from our current setup?
Thanks
We have a LOT of data ransfer going on between the sites and have to constantly monitor the vpn connections....is this the best way to do this? Speed wise? efficiency? ability to all be on the same network?
Would mpls help and if so how? How does it also differ from our current setup?
Thanks
newmath
The take-away is in the last paragraph: http://www.processor.com/editorial/article.asp?article=articles%2Fp2643%2F32p43%2F32p43.asp
Here's a shorter article, but it also has some good advice: http://bandwidth.com/wiki/article/VPN's,_MPLS_or_Frame_Relay
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
But, whether MPLS helps or not depends on the speeds delivered. That's a key matter.
ASKER
So if I get MPLS....will I see improved speeds based on the info I gave above? Also, how will the sites connect to each other? through the ISPs routing or through vpn over mpls which defeats the purpose?
MPLS is the substrate, so-to-speak, of your network. It's not a speed thing necessarily: MPLS is available at different speeds. MPLS is a switching and routed network, similar to what you might have at one of your locations if you have L3 switches. If you need QOS and like, MPLS is a viable option. But as noted above you can still run a VPN over an MPLS connection for added security.
ASKER
so it wont make a diffeence speed wise? is it easier to manage?
Not necessarily. MPLS runs on all sorts of different mediums. Normally when you have an MPLS setup your telco will manage it for you. If you have to manage it, then no it so not easy -- at least in comparison to setting up site-to-site tunnels like you're doing now. What you gain from MPLS is control, not necessarily speed.
The best place to start is with a local telco. Call them up and ask them what they have to offer.
The best place to start is with a local telco. Call them up and ask them what they have to offer.
vpn over mpls doesn't necessarily defeat the purpose because, without speed numbers, one can't compare an internet connection to an mpls connection - at all. And, I'd want to have a good reason for doing the vpn part because there is a little overhead in the data rate. Only you can know once you have all the numbers and only you know your security issues.
I didn't understand your comment about having to constantly monitor the VPN connections. That shouldn't be necessary at all. Once set up, they should connect and stay connected.
The international VPN you have is going to limit the speed between those offices and NY and Chicago - no matter what the latter speeds are. 10Mbps isn't much and people are likely complaining if they're doing much in the way of large file transfer.
I didn't understand your comment about having to constantly monitor the VPN connections. That shouldn't be necessary at all. Once set up, they should connect and stay connected.
The international VPN you have is going to limit the speed between those offices and NY and Chicago - no matter what the latter speeds are. 10Mbps isn't much and people are likely complaining if they're doing much in the way of large file transfer.
ASKER
Yea, I have a seperate question for the file transfer issue, heh
https://www.experts-exchange.com/questions/27540350/Network-latency-issue.html
https://www.experts-exchange.com/questions/27540350/Network-latency-issue.html
Today when somebody says VPN the mean a encrypted tunnel over the Internet. however that is NOT what at VPN really is.
Technically a MPLS network is a VPN. VPN means virtual private network. This term was coined back when companies had leased lines for communications between sites and started replacing them with Frame Relay based connection on a managed network.
To the company it looked like there was a private leased circuit between the two sites.
MPLS is just replacing Frame Relay.
Should you use encryption over a MPLS network? It depends. Although the link looks like it is a private link, the service provider can still see the data flowing across it. If the data is really that sensitive, then it should be encrypted. Either by doing a encrypted VPN tunnel, encrypting the data stream using SSL/SSH, or encrypting the file.
Technically a MPLS network is a VPN. VPN means virtual private network. This term was coined back when companies had leased lines for communications between sites and started replacing them with Frame Relay based connection on a managed network.
To the company it looked like there was a private leased circuit between the two sites.
MPLS is just replacing Frame Relay.
Should you use encryption over a MPLS network? It depends. Although the link looks like it is a private link, the service provider can still see the data flowing across it. If the data is really that sensitive, then it should be encrypted. Either by doing a encrypted VPN tunnel, encrypting the data stream using SSL/SSH, or encrypting the file.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I believe they are internet based VPN