Internet as the underlay for enterprise networking

In 2020, Covid-19 drove remote working and cloud adoption, overhauling traffic patterns in the WAN. In parallel, SD-WAN enabled network buyers to source their WANs differently. With MPLS connectivity contracts coming due, many CIOs are looking at transitioning from MPLS WANs to hybrid or Internet-based underlays for WAN services. Having the right Internet underlay is critical to ensuring a smooth transition to an SD-WAN-based network.

With underlays based on end-to-end services like MPLS, customers rely on service providers to resolve problems. But with underlays based on Internet connectivity, possibly from many different providers, how do enterprise IT secure business continuity?

Navigating these issues isn’t straightforward. For example, what’s the difference between broadband and Dedicated Internet Access (DIA)? Is every ISP alike? What service assurances do you get? This blog aims to clarify the options that enterprise infrastructure managers have for increasing the use of Internet-based connectivity in their WAN.

First, what are your options?

There are three different ways to obtain Internet connectivity. You can buy so-called “business broadband” from a local ISP. You can buy DIA from a local provider. Or you can buy DIA from a global Tier 1 backbone provider like Telia Carrier. There are key differences between these.

With a regular broadband connection, you share available bandwidth with all other Internet users, and you aren’t guaranteed a certain amount of bandwidth. At peak hours, congestion throttles your connection to a fraction of the speeds you’ve been promised. Moreover, broadband access may be asymmetrical, impacting the experience in using bandwidth hungry cloud or video services.

When you buy DIA, you get dedicated, symmetrical bandwidth, or your own highway to the Internet. You may also get better service levels for faster response times.

Internet ping-pong

With the wrong provider, you may only get as far as the next traffic jam. The diagram below shows the difference between using a global Internet backbone provider and using a local or regional provider.

We can think of the Internet in terms of first-mile, middle-mile, and last-mile connections. In the first mile, you connect your end users to a local ISP point of presence (PoP). Local Internet service providers or regional network operators must pass their traffic off in the middle mile, where it routes your traffic through one or more other ISPs or backbone providers. The last mile is where an ISP or backbone provider connects to your cloud services.

Every network hop along the route means higher latency, inconsistent overall performance and lower reliability. As your traffic is mixed in with other traffic, chokepoints can cause delays or dropped packets. Moreover, traffic exchange between IP networks optimizes on peering cost or politics, not performance. Therefore, much peering between networks occurs everywhere but locally. Your traffic can end up ping-ponging between locations, sometimes sending traffic across oceans and back again.

In contrast, Tier 1 backbone providers operate global networks. With DIA from a global Tier 1 provider, you’re buying as close to an end-to-end connection between your users and cloud resources as you can get over the Internet.

Beyond bandwidth and latency

DIA from a Tier 1 backbone provider like Telia Carrier solves key problems when operating overlay networks with SD-WAN. As traffic stays on one network, you get uncontended bandwidth for the both the first and last mile in your connectivity chain, with high performance from any endpoint to every top cloud service.

It also adds an extra layer of security and resilience. Recent attacks on cloud services like Google and AWS, content delivery networks like Akamai and Cloudflare and financial services like Visa and Mastercard have shown that network traffic can be hijacked and detoured to unwanted locations. To thwart such threats, connectivity providers must implement RPKI (Resource Public Key Infrastructure), a mechanism that controls BGP sessions on the Internet. As an RPKI pioneer, Telia Carrier implemented it so you can make your Internet access your first line of defense instead of your greatest vulnerability.

Trading off cost and complexity

Cost is always a top consideration. But what’s the best way to optimize it? Many enterprises believe DIA from local providers or third-party aggregators are the only options for achieving cost savings. However, that doesn’t always hold true. Uncontended bandwidth in the local loop always carries a cost. Regional network service providers also have to pay to transfer their traffic on to other networks. When a third-party aggregator resells these services, they add a markup, which also increases the cost.

In contrast, a global backbone provider like Telia Carrier can select the most cost-efficient local loop provider and carry traffic onwards from its nearest PoP. The figure below shows a cost comparison between Telia Carrier, MPLS, and local providers for a recent enterprise network tender in Western Europe. Your results will depend on geography and locations specific to your enterprise.


Finally, there’s a cost of managing the complexity of procuring and managing the network. When working with local ISPs, you have to deal with multiple providers – many more if you want diversity – which different SLAs and local language support only. And when there’s a performance degradation, you wonder where the problem lies: is it on the first, middle or last mile of the network? Or your CPE configuration? By working with a global provider like Telia Carrier, you have only one phone call to make when a problem arises.

Some enterprises may buy locally from a variety of providers along with a “quality” Internet provider in a hybrid model. Others will mix Internet with MPLS. The answer for you depends on your sourcing strategy, IT landscape and business requirements. Regardless, your connectivity provider should be there to support your transition. Because your network shouldn’t only be software-defined, it should be business-defined.

Johan Ottosson, Head of Strategy