Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2534
Views
0
Helpful
1
Replies

SD-WAN over Lan extension internet connection "layer 2 circuit"

hanyhana1
Level 1
Level 1

‎01-08-2020 05:43 AM

Hi, 

 

I have a question regarding deploying SD-WAN over my company internet connection. the internet connection is called Lan extension which is layer 2 circuits from our ISP "terminated at our end via layer 2 switch from the ISP" - some times it is refereed to as Vlan extension

 

My question is: since the internet connection is a layer 2 circuit, it will be more reliable and faster than implementing SD-WAN which is a layer 3 technology - is that a valid assumption ?

 

Thanks.

Labels:
0 Helpful
1 Reply 1

David Aicher
Cisco Employee
Cisco Employee

‎01-09-2020 08:33 AM

 a l2 connection to your ISP may not be significantly faster than a L3 connection.  There are many technologies the ISPs uses to achieve L2 connectivity.  VPLS, L2vpn, L2tpv3, and OTV are all examples of vlan extension. There are a few others as well.   Most of these encapsulate the entire L2 ethernet frame inside another L3 or MPLS packet.   While a vlan extension may be private it is not necessarily secure.   The packets are not encrypted by default. 

 

Sdwan provides secure connectivity over public or private circuits using ipsec.   In addition Sdwan provides  load balancing across multiple circuits to save money and bandwidth and  recovery if one circuit fails.   You can perform QOS on the traffic to prioritize things like voice or video or pin specific traffic flows like voice to a dedicated link.   You can also create secure connections to your cloud resources like IaaS or Saas.  This is just touching the surface for Sdwan and what it can do. 

 

The two technologies are not really designed to provide the same service.   For example you could in theory run sdwan over the L2 circuit.  The edge router would not really know the difference other than having to arp for a remote destination instead of having a route and next hop ip.   Your traffic would then be secure.  Obviously with ipsec there is some overhead which will affect overall throughput.  However if you want to make sure your traffic is secure there is not really a way around that.

 

If you were to ask which is better L2 or L3 circuit that would be a closer comparison.  I would say it should not matter, however design and need come into play.   It may be necessary to have L2 connectivity for some reason instead of a routed connection.   One is not necessarily faster than the other when it comes to ISP circuits since the ISP is likely just using one of the technologies mentioned above.

 

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card