Solved

VPN Performance Required for Network-based Applications

Posted on 2001-07-24
8
310 Views
Last Modified: 2010-04-12
Hi,

I'd like to seek your expert opinion on how to support users running application over wide-area IP-VPN and how to prepare an effective service level agreement with IP-VPN service supplier.

The scope of applications includes:

1. VOIP
2. Videoconferencing
3. Video-on-demand
4. Other multimedia business applications typically Oracle and Microsoft

Please advise in terms of packet loss, latency, jitter and service availability, what network performance will be acceptable to each of the above applications running  over wide-area IP network. What other performance parameters would be of concern to customers?

Also, what service levels are expected for optimal application performance?

Regards,
Nkchow
0
Comment
Question by:NKCHOW
8 Comments
 
LVL 79

Expert Comment

by:lrmoore
ID: 6395306
Personal opinion, IP VPN product as pitched by the telco providers (Wcom, Sprint, etc) is a no-go for any Voice application, videoconferencing, or any business critical application.
What you have is an encrypted VPN through the Internet. Nobody can guarantee anything through the VPN, you cannot guarantee Quality of Service, and the added encryption layer puts too much overhead on delay-sensitive applications such as voice and vidio.
Unless you control the VPN gear and set the policies yourself, you put business applications at the mercy of the huge telco provider. When you can't get to your applications, who ya gonna call?
0
 
LVL 16

Accepted Solution

by:
The--Captain earned 50 total points
ID: 6420276
lrmoore has some good points, but I think is over-generalizing.  Voice typically occupies less than 56Kbps (bits) per connection, which shouldn't overburden the equipment too much.  Video is another story (but can be compressed, etc using popular enconding schemes).

I think what you need to do is determine the max bandwidth and min latency needed to support all your applications, and write that into your service contract with an appropriately punishing SLA.  Jitter and loss should not be issues unless you are exceeding your specified parameters (in which case you specified your parameters incorrectly).

As for experience with existing VPN service providers, lrmoore seems to have more knowledge there.

-Jon
0
 

Author Comment

by:NKCHOW
ID: 6426052
Thanks to comments from Irmoore & the captain.

I share Irmoore's comments for encrpted VPN over Internet but with a less pessimistic view. There is a different VPN technology called multiprotocol label switching (MPLS) which have been adopted by some service suppliers to provide networked-based VPN service with varying classes of services (defined in terms of packet loss. latency & jitter) guaranteed. I'm not sure how they're received by users. Can anyone share his / her views here?

Regarding captain's remark on how to specify the network performance levels desirable for the different applications, it'll be very useful if I can quote performance figures from some published standards. There are also other less ideal options, such as setting up some tests to clarify on the network performance which requires adequate resources be available. Or alternatively, take the words of the service providers which can be quite risky..

0
 
LVL 79

Expert Comment

by:lrmoore
ID: 6426347
For what it's worth:
http://www.nwfusion.com/news/2001/0806mpls.html

MPLS is what I had in mind when I stated that your telco will own every piece of the link providing you nothing more than promises. Even with an SLA, the penalties for not living up to it are rather small. I simply would not put all my eggs in someone else's basket.

0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 16

Expert Comment

by:The--Captain
ID: 6430324
I've heard MPLS VPNs are nothing but bad news.

IMO, most commercial VPN offerings exist simply as a means for corporate lackeys to pass the buck - much easier to blame someone else than to just do the job right yourself.

BTW, I notice you say:

"Also, what service levels are expected for optimal application performance?"

Easy.  As good as possible.  If your budget doesn't allow for that (few do), then this is a question only you can answer.

My best advice:

Use whatever non-VPN service will fit you and your clients needs, which should incorporate eventual VPN overhead.  Do the VPN yourself (cisco will be happy to help if you buy things from them), and outsource the support.

-Jon






0
 
LVL 79

Expert Comment

by:lrmoore
ID: 7871890
No comment has been added lately, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question:

I recommend: split points between lrmoore and The--Captain

if there is any objection or other expert commentary to this recommendation then please post in here within 7 days.
If you feel that your question was not properly addressed, or that none of the comments received were appropriate answers, please post a request in Community support (with a link to this page) to refund your points. http://www.experts-exchange.com/Community_Support/

PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

thanks,
lrmoore
EE Cleanup Volunteer
---------------------
0
 
LVL 16

Expert Comment

by:The--Captain
ID: 7873199
>I recommend: split points between lrmoore and The--Captain

Sounds good to me.

BTW, I will always object to delete (not relevant here) if the original poster was not the last person to leave a comment - laziness (or worse, unwillingness to award "answer" status) should not be rewarded by pts refunds.

Cheers,
-Jon
0
 

Expert Comment

by:SpideyMod
ID: 7926297
per recommendation

SpideyMod
Community Support Moderator @Experts Exchange

lrmoore points for you at:
http://www.experts-exchange.com/Networking/Broadband/VPN/Q_20509217.html


BTW, delete does not always mean the questioner will get their points back.  Usually (not always) the way it works is if an expert is the last to comment and a deletion is called for, the points are most likely NOT refunded.  If the questioner was the last to respond and it was related to the original question, then a refund is most likely in order.  Things that throw this off are insignificant responses, off-topic responses, added questions (for instance original question was "what is the best router" and the questioner asks another question like "My CDRW doesn't write"), etc.  Moderators look over each question they are responsible for closing in the best interest of all parties (including future PAQ purchasers).  Don't let this stop you from objecting to a recommendation.  Delete recommendations usually mean "with refund".  If no refund is recommended, this is usually specified.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Using Windows 2008 RRAS, I was able to successfully VPN into the network, but I was having problems restricting my test user from accessing certain things on the network.  I used Google in order to try to find out how to stop people from accessing c…
Like many others, when I created a Windows 2008 RRAS VPN server, I connected via PPTP, and still do, but there are problems that can arise from solely using PPTP.  One particular problem was that the CFO of the company used a Virgin Broadband Wirele…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now