Problem solve Get help with specific problems with your technologies, process and projects.

Using the iVPN for branch office video conferencing

Enterprises are using iVPNs for branch office video conferencing. Ensuring performance across the iVPN requires capacity planning, WAN optimization and link aggregation.

Editor’s note: To extend support for video conferencing to branch locations, many organizations are using the Internet as either a backup to or replacement for a WAN connection or deploying an Internet VPN (iVPN) to establish a connection to the organization’s WAN. Find out how to best ensure video performance across the iVPN through capacity planning, WAN optimization and link aggregation.

Enterprises of all sorts are recreating themselves in a new, virtualized form. Through changes in business practices and supporting technologies, enterprises are steadily eroding the need for staff to be together in a specific place to collaborate effectively or do company business.

In support of this transformation (as well as economic and ecological goals to reduce travel), collaboration applications take center stage, especially voice and video conferencing.

Already 82.1% of companies deploy room-to-room video conferencing, but a growing number are adding desktop conferencing and telepresence systems: 30.9% use desktop conferencing now and another 48.5% plan to in the next few years, while 21.2% use telepresence now and another 30.3% plan to.

Desktop video conferencing increases the number of video streams to juggle and the number of endpoints involved in the conversations. Telepresence requires more bandwidth and even better network behavior than VoIP or low-resolution conferencing with respect to packet loss and jitter.

Replacing WAN links with iVPN links

At the same time, , and again as a part of enterprise virtualization, Nemertes sees increasing use of the Internet as either a backup to or replacement for a WAN connection. On average, about 26.1% of branches are connected to both WAN and Internet, supporting direct branch-to-Internet access, while 45% of branches support Internet VPN (iVPN): Use of an Internet connection to establish a site-to-site VPN connection back to the organization’s WAN. Among more technologically aggressive organizations, nearly 60% of branches can use an iVPN compared with less than a third among more conservative ones.

To make video perform as nicely as possible across the iVPN, IT has to plan for adequate capacity and mitigate the unavoidable problems of availability and performance.

Like using collaboration tools, using an iVPN fosters enterprise virtualization by reducing the expense of having smaller branches in more remote locations, where consumer broadband may be more readily available than dedicated WAN connectivity. Also, multiple consumer Internet connections, via DSL or cable modem, are very inexpensive compared to provisioning redundant WAN links.

Architecting iVPN for video

If you are running everything over an iVPN, you need to adjust your expectations for service, of course. Primarily, you must give up the idea that performance will be as predictable or stable as on a WAN link. Although a standard consumer Internet link may have better than 99% uptime, it is subject to unpredictable router reboots, slow downs and service interruptions (for the user). As the edge congestion of the Internet continues to worsen, these problems should be expected to increase.

Given that end users quickly embrace tools that help them stay better connected -- and pay extra attention to application performance on those tools -- network performance problems are highly visible to them, and nothing’s more visible than the quality of rolling video!  

To make video perform as nicely as possible across the iVPN, IT has to plan for adequate capacity and mitigate the unavoidable problems of availability and performance.

  • On capacity, consumer Internet links tend to come in with higher bit rates at lower costs than commercial WAN connections. IT should plan on provisioning bandwidth for video conferencing well in excess of what it would on a dedicated WAN link, but should still pay significantly less.
  • On availability, IT should of course provision at least two lines from different carriers, and if possible, over diverse connection paths and technologies (e.g., a DSL modem and a cable modem, or a cable modem and a 4G wireless connection).
  • On performance, IT needs to enable QoS across the iVPN just as it would over a private WAN link.

Link aggregation: Out of many, one

However, using a typical router to aggregate and control QoS on multiple iVPN links has some drawbacks with respect to load balancing and link utilization. A typical router can ensure continuity of connectivity with multiple links, and do some load balancing across them, but can’t really use the full bandwidth of both links to meet the needs of each conversation, or do anything beyond QoS to promote video performance.

IT may want to put a WAN optimizer in a branch to mitigate performance variability. However, this can be of very limited value on iVPNs, since the underlying unreliability and variability in performance of all the hops in the Internet path introduces uncertainty, rather than competition, among classes of WAN traffic or packet loss in a well-defined MPLS infrastructure.

Another way to make the iVPN strategy more successful for video is to use a link aggregator instead of a traditional router, and use it with or without an optimizer. A new category of devices, aggregators are purpose-built to do more robust bandwidth aggregation and link load balancing for multiple iVPN links, and to provide performance boosts for some kinds of traffic.

Link aggregation makers include Elfiq Networks, Talari Networks and Ecessa.  Some aggregators can assist with session admission -- checking for bandwidth availability before allowing video conferencing sessions to initiate. Some can address QoS for real-time traffic by doing granular bandwidth management. Some provide redundancy for voice or video traffic, propagating it along multiple paths to guarantee delivery over unreliable links. Some make all available links look like a single large pipe rather than a collection of smaller ones, making all bandwidth available (as controlled by policy) to every conversation.

Conclusions: iVPN planning for a virtualized enterprise

The virtualized enterprise will rely on both video conferencing and the iVPN to accomplish its goal of enabling business anywhere, at any time. IT needs to plan for use of video over iVPN links. It also needs to provision link capacities with conferencing in mind and set up iVPN endpoints to provide performance and availability mitigation. Wherever necessary, IT should take extra steps such as using link aggregation to ensure adequate performance.

About the author

John E. Burke is a principal research analyst with Nemertes Research, where he conducts primary research, develops cost models, delivers strategic seminars, advises clients and writes thought-leadership pieces across a wide variety of topics. John focuses mainly on application delivery optimization (ADO), and desktop virtualization and the new enterprise desktop. He also covers server and storage virtualization, management and monitoring, SOA and SaaS.


Dig Deeper on Business Video Conferencing and Telepresence Technology

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.