VPN over Internet
Image by Stefan Coders from Pixabay
IP VPN over Internet vs MPLS, there’s a price for everything in this world, and Internet based IP VPNs are no exception. While IP VPNs over Internet are a cheaper alternative to any MPLS network, it doesn’t necessarily mean they’re for everyone, as customer requirements always vary. In this posting, I will explain both the Internet IP VPN advantages and disadvantages.
Let’s take a look at a few IP VPN over Internet advantages over most MPLS circuits:
- Cheaper rates. Internet service providers provide a simple NxT1, Ethernet or Cable connection to the Internet, using the highest possible speed with. The price for internet connectivity is considerably cheaper than almost any WAN MPLS service, making it extremely attractive for companies seeking to cut telecom costs.
- Fully configurable. WAN engineers have total control over the VPN tunnel created between sites. They are able to perform on-the-fly configuration changes to compensate for any network problems or help rectify any problem that might arise. With full access to the VPN, terminating equipment like routers and firewalls, engineers have the ability to see the condition of the internet circuit and take any action(s) deemed necessary…provided they have the staff resources and skills.
- VPN backup included. For mission-critical sites, backup via another internet circuit is possible if your primary connection fails. Time response for the backup line to come online is configurable by the network engineer, and there is no need to wait for the ISP to fix a line so your company can continue working.
- Two-in-one. When configuring the site-to-site VPN, engineers can also configure remote VPN access for users traveling around the country or world, a feature most companies would have to pay additional money for to receive from their service providers.
- Upgradable features. Perhaps one of the strongest advantages is the fact that your site-to-site VPN characteristics are strictly dependant on those that your VPN routers/firewall support. This means that as new features are introduced with the newer router operating systems (i.e., Cisco IOS), they will be available to your engineers to implement. For example, QoS pre-classification was a feature Cisco introduced in its IOS that fixed a number of QoS features for different services running over VPN tunnels. Dynamic Multiple VPN (DMVPN) was another great feature allowing scalable IPsec VPN tunnels between multiple sites. DMVPN allows every endpoint to dynamically build a VPN tunnel with any of its other peers, providing a low-cost mesh VPN solution.
If the brief list of the above of Internet IP VPN advantages seems overwhelming, you have read a few of its disadvantages.