For the vast majority of enterprises, IT systems have become a key infrastructure in enterprise operations, where Internet access to the Internet and VPN connections between corporate branches/partners are important in IT infrastructure. part.
Today's SD-WANThe MPLS VPN private line access price is high, which is a very expensive expenditure for most enterprises. At the same time, for enterprise headquarters or important sites running key businesses, it is often necessary to connect to multiple operators or adopt multiple access methods to provide networks. Redundant protection further increases the cost of WAN access. The essence of scientific and technological progress is to reduce costs, make the simple needs and desires of organizations and individuals into affordable needs, thereby releasing purchasing power and creating new industrial segments; except for a few areas where luxury is a selling point, any practical Values, but the use of money, time-consuming products and services are the next opportunity to be subverted.
In the past two decades, most enterprises have deployed various WAN acceleration and application delivery products, including Caching, multi-export traffic engineering, TCP acceleration, SSL Offloading, etc., and many have deployed their own IPSec VPN. The VPN connection from the branch to the headquarters, but these relatively isolated technology deployments are purchased from different vendors, lacking a unified management and maintenance mechanism, high deployment threshold, and the effect is difficult to guarantee. On the one hand, the MPLS lease line costs occupy most of the budget. It has brought a serious burden to enterprises, especially small and medium-sized enterprises. Do not say that the MPLS VPN line, even the ordinary Internet line, may exceed the budget limit. SD-WAN emerged as the times require, and it is a master of traditional WAN acceleration technologies. On this basis, it provides a unified centralized policy management and automated service delivery platform. Through refined management and dynamic scheduling of multiple exports, Maximize the use of WAN bandwidth and reduce the need for MPLS leased line bandwidth for critical services, thereby reducing enterprise expenses. Regardless of the SD-WAN, the key features are as follows:
1. Centralized application-based WAN policy management and automation configuration.
2. Management of multi-exit links, including MPLS leased lines, common PON/DSL Internet connections, LTE wireless networks, etc., to maximize the quality of services while fully utilizing multiple link bandwidths; The quality of link delay and packet loss is used to schedule applications with different quality and bandwidth requirements to the best exit, and to quickly switch faults.
3. Application identification and monitoring analysis, and combine the application identification results with multi-outlet link optimization. Different applications define different QoS levels, SLA guarantee policies, and dynamically select the best egress link.
4. The connection between the forwarding plane sites uses Overlay technology to eliminate the dependence on the Underlay network. The SD-WAN controller controls the endpoints of the Overlay to automate policy configuration without intervening in complex Underlay network configurations.
5. Plug and play of enterprise CPE equipment. Through the preset certificate and the boot process, the power is automatically connected to the network, and the terminal is authenticated and then connected to the SD-WAN controller, and the latter automatically completes the initial configuration. Of course, it is also possible to use a USB Key to issue a certificate, standardize the CPE boot and authentication process to implement a SIM mechanism similar to a mobile phone.
6. Unified management of security policy applications, including basic ACL policies, firewalls, and traffic cleaning applications. 7. Dynamic routing protocol support between multi-point VPN tunnels. Consider that some branches use the Internet connection and cannot be directly connected. You need to transfer through the branch or headquarters with public IP.
For enterprise network applications, in addition to basic Internet access, the network is mainly a VPN connection between the headquarters-branch and branch-branch. In addition, as public cloud/hybrid cloud becomes the main form of enterprise IT delivery, VPN access public cloud is also an important application of SD-WAN. The typical way is that SD-WAN operators set PoP points and AWS, Azure, and Alibaba Cloud. Directly connected to the private line, the enterprise and its branches are connected to the nearest carrier PoP point, and directly connected to the enterprise VPC of the public cloud through VPN.
For the carrier-grade SD-WAN, it also undertakes the responsibility of the operators to provide network value-added services and expand sales revenue. On the basis of providing connection services, it provides firewall security protection, traffic cleaning, online behavior management and other services. The service is offered at a contracted fee. Because these services often need to be deployed on the enterprise side, SD-WAN CPE equipment operators are more inclined to adopt the X86 architecture, and can flexibly deploy such proliferation services in a virtual machine or container manner. Since the general cloud platform can only manage hundreds of computing nodes, some adopt cloud/network integration solutions, and use OpenStack to treat CPE as an SD-WAN solution managed by common computing nodes. Scalability.
Major consulting companies predict that the SD-WAN market will grow rapidly in the next few years. IDC predicts that it will reach $6B by 2020. However, the information expenditure of enterprises is basically rigid. This growth market is largely due to the export of traditional products. Router equipment, replacement of WAN acceleration products, and savings in MPLS line charges. Telecom operators are also participating in such markets. There is no doubt that they are not simply to reduce their own MPLS private line revenue, but to expand their revenue sources and enhance customer loyalty. In addition to purely dedicated services, they provide multiple egress links such as the Internet and wireless access. Management, security services and other packages.
SD-WAN developmentWith the popularity of SD-WAN applications, it seems more likely that one or more Overlay enterprise line operators based on SD-WAN technology will emerge, just like the operators of a large number of VOIPs that emerged after the Internet developed in the late 1990s, including Companies like Skype, software like Viber. Today, the built-in voice function of WeChat and other software is powerful enough. The customer experience of multi-party calls far exceeds the services provided by operators. The continuous improvement of software technology can completely offset the shortcomings of the underlying network infrastructure.
However, compared with the bandwidth of tens of Kbps for single-channel voice services, the provision of enterprise-wide Overlay relay requires a certain number of PoP points and a large amount of bandwidth for renting operators. There is a considerable threshold for funds, but for those with certain networks and data centers. The layout of the second-tier operators and cloud service operators provide certain opportunities. They do not have to be constrained by the fact that customers must bind their own Internet access or leased line services, thus providing a true multi-operator multi-export solution.
As a carrier-level Overlay solution, to provide a national and even multinational solution, there must be a certain number of PoP points, so that the geographical distance of the customer from the nearest PoP is within a certain range, so as to ensure that the transmission delay does not seriously affect the customer. Experience. Then dynamic routing and link quality detection protocols are also run between multiple PoP points for optimal routing of Overlay. This is very similar to the relationship between the super node and the common client in P2P technology. The PoP point constitutes a cluster of super nodes. Each ordinary customer can connect to multiple super nodes according to the network topology location and link quality, any two. If there is no public network address between the two clients, then the SD-WAN should select at least one and at most two transit nodes for its connection to transit to ensure the optimal link. In the network world, due to the large inter-operating bandwidth and delay between different operators, the routing communication quality is not necessarily the best between the two points. Therefore, even if two CPEs have public IP, scheduling may be required. Transit through intermediate nodes to get the best end-to-end communication quality.
Overlay RouTIng needs to collect the BGP AS Path of the entire network, or even part of the IGP topology. You can use the ALTO architecture of IETF to implement network topology-based routing. However, this is not enough. As mentioned above, the Underlay topology may not have the best communication quality recently, and it must be supplemented by the real-time detection of link quality between PoP points (super nodes) as the basis for path selection. If you further borrow the P2P architecture, you can select some CPEs with public network addresses as super nodes, and take over NAT traversal/relay traffic between some CPEs. (It is not surprising that P2P is the earliest sharing economy mode, but only shared The digital assets of copyright are more likely to touch the legal red line than the self-purchasing fixed assets to participate in the operation. As a supplement to the operator's self-built PoP, the total scale of investment can be controlled. However, enterprise customers are even more reluctant to share their own bandwidth, so there must be certain incentives, such as taking on super-nodes, then SD-WAN services not only do not cost money, but also make money.
After the client node joins, the number of relay nodes will be a large number, and the global optimal Overlay path calculation is needed. The method of single-point multi-export self-link switching selection of the CPE node of SD-WAN today is no longer applicable. In the past, P2P systems such as BitTorent, Skype, and eMule used DHT distributed algorithms to maintain cluster and resource slice information between super nodes, and the client downloaded a list of resource nodes to the super node and communicated. However, DHT algorithms such as CHORD, Kad, and Pastry are data-centric distributed algorithms that generate data routing tables with mathematical distances, determine the storage relationship between data and nodes, and are suitable for maintaining slice and routing of content. It is suitable for optimizing the routing of communication relationships between terminals. As a carrier-level Overlay routing algorithm, it is necessary to balance the cost and path delay of the relay. In principle, it is necessary to ensure that there are at most two relay nodes between the two clients, thus requiring global and quasi-real-time nodes and path states. The update, and in order to ensure the scalability of the system, the calculation and switching of the path needs to be completed and coordinated between the centralized point and the CPE device.
Discussion on the Evolution of IP NetworkFor the network, the core design is mainly two points: Addressing and Routing (RouTIng), that is, how to number the communication terminals, how to end-to-end addressing and routing. The traditional voice network uses the telephone number as the addressing of the terminal. The device uses the signaling point number or the domain name for addressing. The mobile network uses the HLR/HSS to store the attachment relationship between the terminal and the network device, and the signaling and the media are respectively addressed. The IP network uses the IP address as the address of the host. The routing device advertises the route prefix to implement the routing information transmission. The network device and the terminal device are not distinguished. The application also directly sees the IP address and is programmed on the TCP/IP Socket interface. Communication, so the upgrade from IPv4 to IPv6 has become a major event that has been launched. After more than 20 years, the IETF has shouted that IPv4 addresses have been exhausted, but the migration of services has progressed slowly; the routing entries of the Internet backbone network have been exhausted. Expansion is another problem
In the past few years, academia and standards organizations have proposed many solutions for the evolution of future data networks. Most of the basic ideas are the separation of the names, but the name is different, different technologies have different designs, and at different levels to achieve the separation of the names also have different views. For example, CNC (Content Centric Network) proposed by PARC in 2009 believes that the future network must be content-centric, so it should be addressed by content name and content router as the infrastructure of data network. This technology was adopted by the United States in 2010. NSF sponsored and renamed NDN (Named Data network), and later the academic community named ICN (InformaTIon Centric Network); the problem of low cache hit rate caused by the long tail effect of Internet content access is suitable for content routing. No discussion is going on (CDN is an application layer solution). The IETF began to standardize the LISP (Locator and IdenTIfier Separation Protocol) protocol in 2009. It was originally designed to solve the problem of routing table expansion of the backbone network. The terminal addressing (name) is limited to the edge router. The backbone network device has an address, essentially It is also a technology that separates the access edge from the core. In addition, the IETF has an earlier Overlay-based HIP (Host Identity Protocol) technology. The past technology of MIP/PMIP has been used in CDMA EVDO for one generation, and is completely replaced by 3GPP GTP protocol, and will not be described here.
The address separation system, the routing standard practice is the Map-Encap method. After the name device name is parsed, the user message is encapsulated in the tunnel whose source/destination format is the underlying network address, and the other side tunnel exit is parsed to restore the name. Source/destination user message. The core of this system is the name-address resolution system, just like DNS. Of course, if it is stream-by-stream/report-based, it is beyond the scope of DNS. For the new name resolution system, the IP network is definitely moving out of the BGP/IGP protocol. Of course, the more general idea is to establish a centralized high-performance name resolution distributed system. For the name that can be prefix-aggregated by location, it is the strength of the routing protocol; but the separation of the addresses realizes the separation of identity and location, and the name is destined to be mobile and non-aggregatable. Aggregate is the address, and the address is only the address of the backbone device. It is no longer exposed in the end-to-end system. It is variable at any time. IPv4 is also good, IPv6 is also OK, and IPv9 is not impossible. It will not affect the end of the network. End architecture. Below the service edge is an address addressing method. The above is another way.
But what does all this have to do with SD-WAN? SD-WAN makes the networking idea of ​​soft edge, Overlay access and core separation take root in the enterprise VPN private line service, and the mobile network is originally the GTP overlay located on the IP address, regardless of whether it is NFV or not. Joining the Overlay of BRAS, the entire network tends to be consistent in architecture, whether it is mobile access or fixed network access. For more and more complex IP networks, more and more private networks located behind NATs and firewalls, separation of edge networks and backbone networks, separation of user addressing and network equipment addressing, and simplification of backbone networks through Overlay technology is a A viable road. Unlike LISP, which used Tier 2/Tier 3 operators to invest in transforming networks in order to solve the Tier 1 carrier backbone routing table capacity problem, the Overlay feature of SD-WAN allows enterprises to build independent networks for Over The Top operation, profit, investment and revenue main body are consistent, so that the network can start from the local and gradually evolve; even the existing IP network operators can use the same technology to evolve.
You can look for top sell Universal Case here.Our factory is located in Guangzhou, China's "leather capital", which will be more affordable in terms of the price of goods.
We employ the most creative designers and tech brilliant engineers to make the best cases. We believe our high-quality products with competitive prices will satisfy your needs.
The productive process :
Make the Products Mould –Cutting the fabric –Do the half products – Finish products – Cleaning –QC- Package – Shippment .
For Universal Case,High quality Universal Case,hot selling Universal Case,custom Universal Case
Ysure Leather case 24/7 Support : 86 13430343455 , https://www.ysurecase.com