Dec 22

MultiLink VPN and Load Balancing… the truth.

MultiLink VPN, Tech dives -
1 Star2 Stars3 Stars4 Stars5 Stars (2 votes, average: 5.00 out of 5)
Loading ... Loading ...
Add comments

Some details about StoneGate MultiLink VPN and Load Balancing.

Goal is to explain a bit how it works to avoid false expectations.

Link selection is done per packet.
This means that single tcp/udp connection can change link during it’s lifetime.
This provides transparent connection failover of links when using Multi-Link VPN, but this does not mean that consecutive packets would be intelligently routed over different links in order to provide increased bandwidth.

Results, especially on multiple connections, is a de facto aggregation of multiple links performances with transparent failover (the latter is not possible with MultiLink ISP).

For example: there is a customer who has two sites (Site A and Site B) and there is a 1 Mbps connection between them. When the customer put StoneGate Multi-Link VPN there and added another 1Mbps ISP connection, the performance did not double to 2Mbps when it was tested. Why is that?

Because,

  1. StoneGate Multi-Link VPN does provide load balancing based on host pairs. This customer had only one host on both sites and these hosts were changing messages between each other.
  2. From StoneGate’s point of view this is one connection and this one connection is using the fastest ISP link. All connections between these two hosts will be using same ISP link. StoneGate cannot split one connection between several ISP links. That is why customer got 1Mbps performance instead of 2Mpbs.
  3. This is a special case, because normally customers would have several hosts that are connected through Multilink VPN connection. Then StoneGate will and can load balance each host pair through different ISPs. Then customer would get on the average near 2Mpbs capacity as total capacity between sites.
  4. You should remember that each separate VPN tunnel in this case has maximum speed of 1Mbps (because each ISP link had 1Mbps speed). But if you look at total capacity between the Site A and Site B then it would be 2 Mbps.
  5. In laymen terms maximum speed stays at 1Mpbs when you add another ISP and use StoneGate Multi-Link VPN, but capacity doubles.

Maybe a good analogy is highway where you have 70 miles per hour speed limit. If you add another lane to highway then the speed limit is same (70 miles per hour), but you will get twice as many cars there.

Roar!

written by RoarinPenguin - 1,596 views \\ tags: , ,

Leave a Reply

You must be logged in to post a comment.