Ethan Banks raised some thought provoking questions around SD-WAN on his blog. Here’s our response to those questions.
1) What’s the impact to hosts on virtual machine based endpoints, i.e. how much CPU does an SD-WAN VM eat for solutions that use VMs? Not a simple question to answer anymore, as there’s usually cryptography involved.
Silver Peak virtual appliances, like most modern virtual appliances, take advantage of the embedded AES-NI instruction set that modern x86 CPUs have to offer. As a result, there is no appreciable impact on resource consumption or WAN performance when performing IPsec encryption for the secure overlay.
2) How much latency does the SD-WAN controller introduce, and under what circumstances?
The Silver Peak SD-WAN controller sits outside of the data path and, as such, does not impact the performance of the SD-WAN fabric.
3) When WAN-based SD-WAN tunnel endpoints are inevitably separated from the controller due to a network fault, what happens?
With Silver Peak, the data plane will continue to function normally when there’s a failure to the control plane. Policies cannot be added or modified while the controller is isolated form the SD-WAN fabric, however there would be no interruption in service and existing policies will continue to be enforced.
4) How does the SD-WAN infrastructure track tunnel availability, and how quickly does the controller react when a tunnel is down?
Silver Peak sends control packets across its SD-WAN tunnels performing advanced measurements for packet loss, out-of-order packets, latency and availability. The advanced, per-packet measurements provide the ability to avoid application outages, including handling brownout conditions where the line may be active, but underperforming because of network conditions…..
Read the full post here