4 min read

Modernizing the WAN from Client to Cloud

Modernizing the WAN from Client to Cloud

The evolution of WAN architectures has historically paralleled that of application architectures. When we primarily connected terminals to mainframes, the WAN architecture was largely point-to-point links connecting back to data center facilities. As traffic converged to remove OpEx-intensive parallel network structures, the WAN evolved to architectures that enabled site-to-site connectivity in a full mesh or configurable mesh and then enabled multi-tenancy for carrier cost optimization.

Today’s application architectures are massively deconstructed and distributed. We often see enterprise architectures where a single workflow requires dozens of interconnected applications and systems often running in SaaS providers, the public clouds, and on-premises data centers while supporting client connectivity from critical sites, campus locations, and users from their homes and all over the world.  This, more than anything, is dictating an evolution of the WAN architecture to one that embraces and optimizes for:

  • The use of the Internet as a viable and often primary transport system.
  • The interconnecting with the public cloud and the use of the public cloud provider's backbones are viable transit options.
  • A network architecture that is application-aware and simplifies traffic engineering, automatically optimizing application traffic to the best path available.
  • A resilient, reliable network capable of maintaining service levels across a private network, multi-carrier networks, and the public Internet.
  • The usage of Transit Hubs: peering points and aggregation points built in carrier-neutral and cloud-adjacent facilities that enable the aggregation of small sites while also providing self-healing and path optimization across core, aggregation and cloud networking interconnects.

The other inherent challenge is that routed WAN networks, based on traditional federated routing protocols and usually manually configured via the CLI, are still the most predominant type of system in enterprise and carrier wide area networks. The evolution of SD-WAN as a specific product category has often resulted in proprietary systems with limited interoperability that are often designed to create single-vendor lock-in.  

In reality, SD-WAN is a set of operationally valuable features that have made WAN networks easier to deploy, provision, and operate - but at Arista, we believe that these features and capabilities do not require proprietary vendor lock-in and can be delivered as part of a routed WAN system that gives customers a choice, a viable transition plan, and a better systems architecture while delivering a consistent operational experience across the data center, cloud, campus, and now the Routed WAN.

Introducing the Arista WAN Routing System and CloudVision Pathfinder

When we released our Cognitive Campus products our strong client interest reaffirmed our design decision to use Arista EOS, our Network Data Lake (NetDL), and our CloudVision management platform as the foundation for our expansion into a new network transport domain.  We applied the same principles as we organically designed and engineered our WAN Routing System:

  • Arista EOS - the same image, the same quality, the same testing discipline, the same operational modes - now across the routed WAN
  • Arista CloudVision - orchestration, provisioning, management, and time-series telemetry. Now augmented with WAN-specific capabilities for traffic engineering, IP path computation, and application awareness
  • Arista WAN Routing Platforms - enterprise-class routing systems designed for critical sites, aggregation, core networks, and campus network interconnections
  • Arista CloudEOS - extending EOS deployments to the cloud edge and for carrier-neutral transit hubs deployed in densely peered and highly reliable sites like Equinix and available through Platform Equinix

Three Key Features: Arista WAN Routing System

Dual Modality Design - we recognize that there are technical, architectural and market requirements for traditional federated routing protocols building both public and private networks.  At the same time, there are equivalent requirements for systems that can have their configurations procedurally rendered, tested, and automatically deployed. We designed our new systems to operate in both a classic and stand-alone routing model or in a more ‘SD-WAN’ model.

Adaptive Virtual Topologies - defined and executed within EOS and provisioned and traffic engineered automatically in conjunction with CloudVision Pathfinder are AVTs: Adaptive Virtual Topologies.  An AVT is a logical abstraction within the Arista Routed WAN Architecture that combines: 

  • Real-time dynamic path selection and path-wise self-healing for structured topology definitions 
  • Automated topology construction and peering that also establishes a cryptographically secured topology
  • Classifying applications, interfaces, subinterfaces, and 5-tuple matched traffic into a specific open-standard identifier and associated tenant-ID
  • Automated traffic engineering of the AVT across the dynamic paths based on the current network state, application requirements, prioritization, and business logic

IP Core and Aggregation Path Computation - a constant question we heard from network operators over the past decade was, 

“How can SD-WAN self-heal when there is a service disruption from a branch to the aggregation site, and yet multi-million-dollar routers in our core will forward traffic over a link experiencing 30% packet loss and never report an error?”  

We took this feedback and client need to heart and developed an IP-based path computation capability into CloudVision Pathfinder that enables self-healing, dynamic pathing, and traffic engineering not only for critical sites back to aggregation systems but also between the core, aggregation, cloud, and transit hub environments. 

Enterprise-WAN-DG2

Interesting Use Cases

We are seeing a myriad of use cases within our clients - from AutoVPN requirements scaling out site-to-site IPsec cryptographically assured tunnels to Internet Peering routers with very large tables and numbers of peer connections to EVPN Route Servers/Reflectors deployed on systems with extremely scalable control planes supporting over ten million routes.

One use-case we are very excited about, that is generally available and in production deployments today at several forward-looking clients is our Transit Hub implementation which was developed with Equinix.  In this deployment we are replacing traditional aggregation routers with scalable routing systems deployed within Equinix’s global carrier-neutral and cloud-adjacent Equinix International Business Exchange™ (IBX®) data centers.  By geographically distributing Transit Hubs and coupled with the CV Pathfinder Path Computation Engine clients are able to take advantage of using all of the Internet peering links available through Equinix Fabric™ but also their high-scale cloud onramps to be able to utilize the public cloud providers backbones as viable transit offerings on demand.

Enterprise-WAN-DG1

Innovation

Innovation is a constant at Arista, we’re continuing to develop products, technologies, and architectures that transform the networking experience for engineers and operators. We’ve been listening to our customers for almost fifteen years asking for an alternative that can provide an end-to-end solution with a consistent network O/S, reliable software, modern network engineering architectures, and a modern operating model. Our innovation journey will never be complete, but we are delighted to share these new capabilities with you.

References:

CloudVision: The First Decade

CloudVision: The First Decade

As I think about the evolution of the CloudVisionⓇ platform over the last 10 years, and our latest announcement today, I’m reminded of three...

Read More
The New Era of AI Centers

The New Era of AI Centers

In 1984, Sun was famous for declaring, “The Network is the Computer.” Forty years later we are seeing this cycle come true again with the advent of...

Read More
The Era of Microperimeters

The Era of Microperimeters

Paradigm Shift to Zero Trust Networking

Read More