Subscribe to Blog Notification Emails

Latest Blog Post

Modernizing the WAN from Client to Cloud

Douglas Gourlay
by Douglas Gourlay on Mar 21, 2023 6:00:00 AM

The evolution of WAN architectures has historically paralleled that of application architectures. When we primarily connected terminals to mainframes, the WAN architecture was largely point-to-point links connecting back to data center facilities. As traffic converged to remove OpEx-intensive parallel network structures, the WAN evolved to architectures that enabled site-to-site connectivity in a full mesh or configurable mesh and then enabled multi-tenancy for carrier cost optimization.

Today’s application architectures are massively deconstructed and distributed. We often see enterprise architectures where a single workflow requires dozens of interconnected applications and systems often running in SaaS providers, the public clouds, and on-premises data centers while supporting client connectivity from critical sites, campus locations, and users from their homes and all over the world.  This, more than anything, is dictating an evolution of the WAN architecture to one that embraces and optimizes for:

  • The use of the Internet as a viable and often primary transport system.
  • The interconnecting with the public cloud and the use of the public cloud provider's backbones are viable transit options.
  • A network architecture that is application-aware and simplifies traffic engineering, automatically optimizing application traffic to the best path available.
  • A resilient, reliable network capable of maintaining service levels across a private network, multi-carrier networks, and the public Internet.
  • The usage of Transit Hubs: peering points and aggregation points built in carrier-neutral and cloud-adjacent facilities that enable the aggregation of small sites while also providing self-healing and path optimization across core, aggregation and cloud networking interconnects.

The other inherent challenge is that routed WAN networks, based on traditional federated routing protocols and usually manually configured via the CLI, are still the most predominant type of system in enterprise and carrier wide area networks. The evolution of SD-WAN as a specific product category has often resulted in proprietary systems with limited interoperability that are often designed to create single-vendor lock-in.  

In reality, SD-WAN is a set of operationally valuable features that have made WAN networks easier to deploy, provision, and operate - but at Arista, we believe that these features and capabilities do not require proprietary vendor lock-in and can be delivered as part of a routed WAN system that gives customers a choice, a viable transition plan, and a better systems architecture while delivering a consistent operational experience across the data center, cloud, campus, and now the Routed WAN.

Introducing the Arista WAN Routing System and CloudVision Pathfinder

When we released our Cognitive Campus products our strong client interest reaffirmed our design decision to use Arista EOS, our Network Data Lake (NetDL), and our CloudVision management platform as the foundation for our expansion into a new network transport domain.  We applied the same principles as we organically designed and engineered our WAN Routing System:

  • Arista EOS - the same image, the same quality, the same testing discipline, the same operational modes - now across the routed WAN
  • Arista CloudVision - orchestration, provisioning, management, and time-series telemetry. Now augmented with WAN-specific capabilities for traffic engineering, IP path computation, and application awareness
  • Arista WAN Routing Platforms - enterprise-class routing systems designed for critical sites, aggregation, core networks, and campus network interconnections
  • Arista CloudEOS - extending EOS deployments to the cloud edge and for carrier-neutral transit hubs deployed in densely peered and highly reliable sites like Equinix and available through Platform Equinix

Three Key Features: Arista WAN Routing System

Dual Modality Design - we recognize that there are technical, architectural and market requirements for traditional federated routing protocols building both public and private networks.  At the same time, there are equivalent requirements for systems that can have their configurations procedurally rendered, tested, and automatically deployed. We designed our new systems to operate in both a classic and stand-alone routing model or in a more ‘SD-WAN’ model.

Adaptive Virtual Topologies - defined and executed within EOS and provisioned and traffic engineered automatically in conjunction with CloudVision Pathfinder are AVTs: Adaptive Virtual Topologies.  An AVT is a logical abstraction within the Arista Routed WAN Architecture that combines: 

  • Real-time dynamic path selection and path-wise self-healing for structured topology definitions 
  • Automated topology construction and peering that also establishes a cryptographically secured topology
  • Classifying applications, interfaces, subinterfaces, and 5-tuple matched traffic into a specific open-standard identifier and associated tenant-ID
  • Automated traffic engineering of the AVT across the dynamic paths based on the current network state, application requirements, prioritization, and business logic

IP Core and Aggregation Path Computation - a constant question we heard from network operators over the past decade was, 

“How can SD-WAN self-heal when there is a service disruption from a branch to the aggregation site, and yet multi-million-dollar routers in our core will forward traffic over a link experiencing 30% packet loss and never report an error?”  

We took this feedback and client need to heart and developed an IP-based path computation capability into CloudVision Pathfinder that enables self-healing, dynamic pathing, and traffic engineering not only for critical sites back to aggregation systems but also between the core, aggregation, cloud, and transit hub environments. 


Interesting Use Cases

We are seeing a myriad of use cases within our clients - from AutoVPN requirements scaling out site-to-site IPsec cryptographically assured tunnels to Internet Peering routers with very large tables and numbers of peer connections to EVPN Route Servers/Reflectors deployed on systems with extremely scalable control planes supporting over ten million routes.

One use-case we are very excited about, that is generally available and in production deployments today at several forward-looking clients is our Transit Hub implementation which was developed with Equinix.  In this deployment we are replacing traditional aggregation routers with scalable routing systems deployed within Equinix’s global carrier-neutral and cloud-adjacent Equinix International Business Exchange™ (IBX®) data centers.  By geographically distributing Transit Hubs and coupled with the CV Pathfinder Path Computation Engine clients are able to take advantage of using all of the Internet peering links available through Equinix Fabric™ but also their high-scale cloud onramps to be able to utilize the public cloud providers backbones as viable transit offerings on demand.



Innovation is a constant at Arista, we’re continuing to develop products, technologies, and architectures that transform the networking experience for engineers and operators. We’ve been listening to our customers for almost fifteen years asking for an alternative that can provide an end-to-end solution with a consistent network O/S, reliable software, modern network engineering architectures, and a modern operating model. Our innovation journey will never be complete, but we are delighted to share these new capabilities with you.


Opinions expressed here are the personal opinions of the original authors, not of Arista Networks. The content is provided for informational purposes only and is not meant to be an endorsement or representation by Arista Networks or any other party.

Douglas Gourlay
Written by Douglas Gourlay
As VP/GM Douglas Gourlay is responsible for the revenue and growth of the Arista software portfolio. A twenty-year industry leader he has held roles as the CEO of Capture2, Corporate VP at Skyport Systems, VP of Marketing and Systems Engineering at Arista and VP of Marketing/Product Management at Cisco where he led the initial development of the Nexus product line. Doug holds over forty patents in networking technologies. Doug served as a US Army Infantry Officer, ROTC at Auburn University, and studied Cyber Security and Cyber Warfare at Norwich University.

Related posts

Navigating the Network: The Quest for Innocence in a World of Complexity

Welcome to the digital age, where the marvels of self-driving cars and sophisticated AI like ChatGPT grace our everyday lives....

Douglas Gourlay
By Douglas Gourlay - March 5, 2024
Accelerate AWS Access with Arista

AWS Cloud WAN Tunnel-less Connect and Arista CloudEOS integrate to accelerate cloud onramp

As cloud and multicloud adoption...

Douglas Gourlay
By Douglas Gourlay - October 24, 2023