Traffic Steering with Active Bandwidth Measurement

Traffic Steering with Active Bandwidth Measurement

Author: Maksym Dmitriiev

1. Introduction

In this article we will review how to optimize traffic distribution across available WAN connections within dynamically changing public Internet environment. Multiple Versa Operating System (VOS) speed test options are explained. Further sections will explore how to configure periodic speed test measurement and perform traffic steering for SDWAN overlay and Direct Internet Access (DIA) destinations considering real time available bandwidth on the WAN interfaces.   This article contains 3 main sections:

• Speed test use cases will explain how to use Versa speed test functions which is helpful during real time bandwidth problem investigations
• SDWAN traffic steering with active bandwidth measurement will explain how to configure automatic bandwidth measurement and leverage it results for SDWAN traffic steering
• DIA traffic steering with active bandwidth measurement will explain how to configure automatic bandwidth measurement and leverage it results for Internet destination traffic steering

Traffic steering with automatic bandwidth measurement available in VOS 21.2.1 and later releases.

2.    Speed test use cases

  VOS can perform speed test measurement towards SD-WAN and DIA destinations. This capability has been proved as extremely helpful feature during performance problem investigation especially over non-business grade Internet connections.   VOS can be configured as:

• Speed test server
• Speed test client
• Both a speed test client and server simultaneously

Speed test measurement time depends on the latency between client and server. With low latency links it typically completed in a few seconds. In case link latency is high or data path experience heavy packet loss it may take longer time interval. Default Versa Director socket timeout is 30 seconds. In case of a high link latency e.g., more than 500ms from client to server, it may require more time, hence this interval can be changed accordingly. However, it is recommended to have a good proximity between client and server to avoid high latency if possible. It is a good practice to keep client and server within the same region.   To configure speed test server, navigate to Others -> System -> Speed Test and select Settings tab. Click edit button next to the Speed Test Server and enable it under selected Routing Instances.  

Speed Test Server configuration

  Optionally, speed test client configuration can be adjusted to set safety conditions for the speed test execution. Under the same Speed Test Settings menu click edit button next to the Speed Test Client Options. The following options are available  

• Background Traffic Threshold to decline speed test initiation if the current link utilization is high. With default value of 15% user cannot initiate a speed test if current utilization is higher than 85% of configured interface bandwidth.
• Test Limit to limit the number of successful speed tests measurements user can perform per day with default value of 5.
• Monitored Bandwidth Usage should be enabled to use measured bandwidth for SD-WAN traffic steering

Speed Test Client configuration

  Administrator can measure bandwidth to Versa remote speed test server under Monitor -> Tools -> SpeedTest menu. Provide remote IP address and Network for which bandwidth should be measured. Click Test Speed button. Even the remote destination is a part of the same SD-WAN network, speed test sample packets will not be encapsulated with SDWAN overhead hence it provides the result of the actual underlay performance.

VOS server destination

  Versa Speed Test uses sample traffic patterns required to accurately calculate available bandwidth which does not consume full circuit bandwidth. Based on the above example results with more than 500 Mbps of available bandwidth, Versa Speed Test module consumed 4 Mbps. It significantly improves feature usage during business hours without compromising production data traffic.   Versa also supports Internet public speed test server destinations. During Internet bandwidth problem analysis, it is particularly helpful to compare measurement results between private SDWAN destination server and one or more public server destinations.   To measure speed with public Internet destination server, click on Internet tab, select Routing Instance, and click Test Speed. Versa will fetch servers list and automatically select the closest available public destination server based on device location information. Alternatively, click on advanced setting menu under which you can fetch the server list and select desired destination server manually to get differentiated speed test results. With public destination speed test needs to send more sample data to calculate bandwidth which is resulted in higher interface utilization during measurement time.

Public server destination

 

3.    SDWAN traffic steering with active bandwidth measurement

  VOS can select SDWAN path considering automatically measured WAN interface bandwidth. In case of central Internet breakout via the SDWAN HUB location, traffic steering can also select a proper WAN link for Internet destinations considering measured bandwidth. Active bandwidth measurement typically configured from SDWAN spoke to a centralized location such as local Data Center or VOS instance hosted in a public cloud. Delivered bandwidth at the centralized location should be higher than bandwidth at a spoke site in order to achieve best results for SDWAN traffic steering.   When destination is VOS speed test server that is part of SDWAN network configuration involves few steps:

1. Enable server function on the target speed server device
2. Assign speed test server to SDWAN site configuration group membership
3. Create Path Policy configuration on the client
4. Assign created Path Policy to Site configuration on the client

    The first step is to enable server function as described in the previous section under Others ->      System -> Speed Test menu. Next step is to assign speed test server into a specific SDWAN group. Navigate to Services -> SDWAN -> Site configuration menu and click Edit Site button. Assign Group Membership with a desired group name value. If there are more than one speed test server destinations, it is recommended to use different group membership values. It will bring more flexibility for client policy configuration while same group membership value is supported as well.

SDWAN Speed Test Server group membership

  To configure active bandwidth measurement at SDWAN spoke, path policy should be created and attached to the site config. Navigate to Services -> SDWAN -> Path Policy menu and click on plus to create new path policy. It is recommended to run one speed test measurement per link per destination simultaneously to reduce bandwidth and resource utilization overhead during the test. Two path policies created in this example for the same destination group first for INET and second for INET-2 with different monitor intervals that will avoid triggering bandwidth measurement simultaneously. In case of multiple destination groups create different terms under path policy with different monitor intervals.   Under Match condition of the Path Policy configuration select Remote Site Type as a Branch, configure Group Membership value and select appropriate local WAN circuit name. Click on Action menu, select Bandwidth Monitoring check box and configure desired monitoring interval in minutes.

Path Policy configuration

  Next step is to apply created path policies to appropriate WAN interfaces. Under Services -> SDWAN   -> Site configuration menu click on Edit Site button. Then click on the WAN interface number and attach respective bandwidth monitoring policy for every interface using drop down menu.

Apply Site configuration

  To verify automatic bandwidth measurement results, open monitor -> summary under the device context.

Bandwidth validation

  Now SDWAN traffic steering can be configured relying on active bandwidth measurement. Under the forwarding profile two options are available:

• Path high-available bandwidth – will select path which has more available bandwidth considering measured link bandwidth as the reference.
• Path weighted round-robin – will do load-balancing relying on weight to distribute load between different path based on available bandwidth considering measured link bandwidth as the reference.

Forwarding Profile Configuration

  Use created forwarding profile under SDWAN traffic steering policy to consider automatically measured bandwidth. Below is example to steer all traffic via HUB location using path high available bandwidth. Based on the session output results all sessions use INET connection that has a higher bandwidth compared to INET-2 based on the speed test result. More details of how to configure traffic steering available in the Versa Documentation.

SDWAN steering validation

4.    DIA traffic steering with active bandwidth measurement

  VOS can do a traffic steering for DIA connections leveraging periodically measured available WAN interface bandwidth. Configuration involves few steps:

1. Enable server function on the target speed server device in case Versa used as a destination
2. Enable automatic bandwidth measurement per WAN circuit

  To enable automatic speed test measurement, navigate to Others -> System -> Speed Test and select Auto Bandwidth Measurement Tab. Click + sign to create a new rule. Provide a rule name, Remote Destination speed test server IP, monitor interval and select WAN network for which bandwidth should be measured.  

Auto Bandwidth Measurement

  When creating automatic bandwidth measurement for multiple WAN connections use a different time interval to monitor bandwidth. It is not recommended to initiate speed test for multiple links and destinations simultaneously to avoid system and network overhead.   Once it is completed, bandwidth monitor can be used in the forwarding profile that will consider available WAN bandwidth to steer DIA traffic. Navigate to Services -> SDWAN -> Forwarding Profile and click + to create a new forwarding profile. Under Next Hop tab select Nexthop Selection Method as High Available Bandwidth to prefer link with the highest available bandwidth from a speed test result or Weighted Round-Robin to distribute traffic based on automatically calculated weight considering periodically measured bandwidth results and current link utilization.   Click + to add WAN networks that should be considered for traffic steering. Provide name, link priority, and select appropriate WAN Network. To honor a speed test result for the traffic steering it is important to have the same priority for selected WAN networks. Optionally Monitor can be configured to ensure the WAN interface is operational based on the configured SLA probes.  

Forwarding Profile configuration

  Final step is to configure SDWAN policy rule that will match desired DIA traffic and link configured Forwarding profile to it. Navigate to Services -> SDWAN -> Policies and click + to create a new policy. Versa provides ability to match traffic based on source / destination L3 information, GEO IP, L4 / L7 information, URL, specific users and groups as well as based on QoS model. Next, under Enforce tab select configured Forwarding Profile from the previous step. Policy Rules order is important honoring top-down match approach, hence make sure to appropriately position order of the configured rules if more than one rule configured in the system.

Policy configuration

  To verify DIA traffic steering based on automatic bandwidth measurement navigate to Monitor -> Services -> Sessions and click on session filter button. Then click on session filter menu and select forward egress VRF column to see which egress WAN connection is used for the desired traffic.

Verification

  Based on the automatic speed test result INET has more than 500 Mbps while INET-2 has only 19 Mbps in this case. Forwarding Profile has been configured to prefer WAN interface with highest available bandwidth which resulted all the user data traffic to Internet destination preferred INET connection.

Auto Bandwidth measurement result

 

5.    Summary

  In this article we reviewed how Versa solution can ensure efficient SDWAN and DIA traffic steering leveraging real time available WAN bandwidth. This feature proves improved end user experience with satellite lines, non-business grade Internet or any other type of erratic WAN connection.