The previous blog on this topic explains important differences between per-packet and per-flow processing for VMware SD-WAN™ from a technical perspective. Per-packet methods provide bandwidth aggregation and application performance. Per-flow can use all available transport circuits, but ultimately does not improve application performance.
Today we focus on the business outcomes enabled by better application performance. Watch the video to learn more. (If you don’t see the video here, click for the YouTube link.)
The examples below from the video will help explain the business value of better application performance. The ultimate conclusion is that for SD-WAN application performance, per-packet techniques work much better than per-flow techniques.
TCP/IP traffic
The first example is an upload or download of heavy data between a source and destination. The graphic below shows a per-packet scenario.
TCP/IP traffic per-packet
The diagram shows two SD-WAN devices, in a branch and a data center, and two circuits between them with the same speed. The SD-WAN devices will first form an SD-WAN overlay between them in order to utilize all of the transport circuits. An example would be a user and a web server where the user is going to send a lot of data from the branch side to the data center side. Let’s assume this user would like to send 10 gigabytes of data. With per-packet technology, the SD-WAN device on the branch side will take 5 GB, send it over circuit 1, then take another 5 GB and send it over circuit 2. If another user had 14 GB, the SD-WAN device would do the same thing: 7 GB on circuit 1, and 7 GB on circuit 2.
The SD-WAN devices achieved bandwidth aggregation. This means that user 1, sending 10 GB, will experience the application performance of sending this data over a circuit of 2 Gbps bundled together. This provides 100 percent accurate load sharing: sending the same amount of data over all transports, providing a predictable and consistent behavior for load sharing and load utilization of all of the transport circuits. (While we assume here that both circuits are operating at the same speed, you could assume different speeds and still see the same accurate load sharing.) This is independent of the number of flows. Even if there is only one flow, you can always use all the transport circuits.
TCP/IP traffic per-flow
In per-flow, when the first user sends 10 GB of data, the SD-WAN device and the per-flow technology will use only one of the circuits to send the entire 10 GB. Then when the second user comes in with 14 GB, the SD-WAN device will take the entire 14 GB and send it over circuit 2. This is unequal load sharing that will never provide bandwidth aggregation. The application layer of user 1, who is sending 10 GB, will always experience the performance of only one circuit. This method will never provide 100 percent accurate load sharing.
Per-packet is a better method than per-flow when using a TCP/IP application to transfer data between a source and a destination.
UDP traffic
UDP traffic per-packet
This example shows UDP traffic for real-time applications. The diagram shows phone and video conferencing devices. The phone has VoIP traffic that needs to go from the branch to the data center over the SD-WAN device. In this case, the traffic will go to the SD-WAN device. Because this real-time traffic does not benefit from load sharing over all the transport circuits, the SD-WAN device will pick the best circuit and use it for the entire flow as far as the circuit meets the application policy requirements.
However, as soon as this circuit sees more jitter or delay, causing a dim-out and becoming out of policy, the VoIP next packet and subsequent packets will immediately take the second circuit.
UDP traffic per-flow
When we send the same traffic in the per-flow scenario, first the VoIP traffic travels on circuit 1, assuming it is the best circuit, and it meets the VoIP application policy. Once the circuit starts experiencing higher delay and jitter or packet loss, the SD-WAN does nothing to the current flow because the decision to take circuit 1 for the existing flow has been already made in the beginning of the flow. The user who is using this flow will suffer bad call experience until the flow is over.
The subsequent flows will take the second circuit that is not in a dim-out condition; this is one of the benefits of per-flow SD-WAN. However, per-packet always provides predictable behavior and a fast reaction to the dim-out condition because the decision is happening at each packet individually. This is why per-packet SD-WAN is much better than per-flow application performance.
