[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now


VPN Performance Required for Network-based Applications

Posted on 2001-07-24
Medium Priority
Last Modified: 2010-04-12

I'd like to seek your expert opinion on how to support users running application over wide-area IP-VPN and how to prepare an effective service level agreement with IP-VPN service supplier.

The scope of applications includes:

2. Videoconferencing
3. Video-on-demand
4. Other multimedia business applications typically Oracle and Microsoft

Please advise in terms of packet loss, latency, jitter and service availability, what network performance will be acceptable to each of the above applications running  over wide-area IP network. What other performance parameters would be of concern to customers?

Also, what service levels are expected for optimal application performance?

Question by:NKCHOW
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 79

Expert Comment

ID: 6395306
Personal opinion, IP VPN product as pitched by the telco providers (Wcom, Sprint, etc) is a no-go for any Voice application, videoconferencing, or any business critical application.
What you have is an encrypted VPN through the Internet. Nobody can guarantee anything through the VPN, you cannot guarantee Quality of Service, and the added encryption layer puts too much overhead on delay-sensitive applications such as voice and vidio.
Unless you control the VPN gear and set the policies yourself, you put business applications at the mercy of the huge telco provider. When you can't get to your applications, who ya gonna call?
LVL 16

Accepted Solution

The--Captain earned 200 total points
ID: 6420276
lrmoore has some good points, but I think is over-generalizing.  Voice typically occupies less than 56Kbps (bits) per connection, which shouldn't overburden the equipment too much.  Video is another story (but can be compressed, etc using popular enconding schemes).

I think what you need to do is determine the max bandwidth and min latency needed to support all your applications, and write that into your service contract with an appropriately punishing SLA.  Jitter and loss should not be issues unless you are exceeding your specified parameters (in which case you specified your parameters incorrectly).

As for experience with existing VPN service providers, lrmoore seems to have more knowledge there.


Author Comment

ID: 6426052
Thanks to comments from Irmoore & the captain.

I share Irmoore's comments for encrpted VPN over Internet but with a less pessimistic view. There is a different VPN technology called multiprotocol label switching (MPLS) which have been adopted by some service suppliers to provide networked-based VPN service with varying classes of services (defined in terms of packet loss. latency & jitter) guaranteed. I'm not sure how they're received by users. Can anyone share his / her views here?

Regarding captain's remark on how to specify the network performance levels desirable for the different applications, it'll be very useful if I can quote performance figures from some published standards. There are also other less ideal options, such as setting up some tests to clarify on the network performance which requires adequate resources be available. Or alternatively, take the words of the service providers which can be quite risky..

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

LVL 79

Expert Comment

ID: 6426347
For what it's worth:

MPLS is what I had in mind when I stated that your telco will own every piece of the link providing you nothing more than promises. Even with an SLA, the penalties for not living up to it are rather small. I simply would not put all my eggs in someone else's basket.

LVL 16

Expert Comment

ID: 6430324
I've heard MPLS VPNs are nothing but bad news.

IMO, most commercial VPN offerings exist simply as a means for corporate lackeys to pass the buck - much easier to blame someone else than to just do the job right yourself.

BTW, I notice you say:

"Also, what service levels are expected for optimal application performance?"

Easy.  As good as possible.  If your budget doesn't allow for that (few do), then this is a question only you can answer.

My best advice:

Use whatever non-VPN service will fit you and your clients needs, which should incorporate eventual VPN overhead.  Do the VPN yourself (cisco will be happy to help if you buy things from them), and outsource the support.


LVL 79

Expert Comment

ID: 7871890
No comment has been added lately, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question:

I recommend: split points between lrmoore and The--Captain

if there is any objection or other expert commentary to this recommendation then please post in here within 7 days.
If you feel that your question was not properly addressed, or that none of the comments received were appropriate answers, please post a request in Community support (with a link to this page) to refund your points. http://www.experts-exchange.com/Community_Support/


EE Cleanup Volunteer
LVL 16

Expert Comment

ID: 7873199
>I recommend: split points between lrmoore and The--Captain

Sounds good to me.

BTW, I will always object to delete (not relevant here) if the original poster was not the last person to leave a comment - laziness (or worse, unwillingness to award "answer" status) should not be rewarded by pts refunds.


Expert Comment

ID: 7926297
per recommendation

Community Support Moderator @Experts Exchange

lrmoore points for you at:

BTW, delete does not always mean the questioner will get their points back.  Usually (not always) the way it works is if an expert is the last to comment and a deletion is called for, the points are most likely NOT refunded.  If the questioner was the last to respond and it was related to the original question, then a refund is most likely in order.  Things that throw this off are insignificant responses, off-topic responses, added questions (for instance original question was "what is the best router" and the questioner asks another question like "My CDRW doesn't write"), etc.  Moderators look over each question they are responsible for closing in the best interest of all parties (including future PAQ purchasers).  Don't let this stop you from objecting to a recommendation.  Delete recommendations usually mean "with refund".  If no refund is recommended, this is usually specified.

Featured Post

[Webinar] Lessons on Recovering from Petya

Skyport is working hard to help customers recover from recent attacks, like the Petya worm. This work has brought to light some important lessons. New malware attacks like this can take down your entire environment. Learn from others mistakes on how to prevent Petya like worms.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you connect to your workplace's VPN, you may not notice that you are using your workplace's servers to serve up webpages.  This might be undesirable since the workplace can log all the places you've been.  It also might be very slow to load pag…
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Suggested Courses

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question