Skip to main content

Why do we need AAR?

Imagine you manage your organization’s network team. One morning, you start getting complaints from a big branch office. They can barely work because business applications load slowly and calls break up. 

At first, it doesn’t sound like a disaster. It’s just a slow network, right? But when this reaches the CEO, it sounds very different. It sounds like unproductive employees, frustrated customers, and lost revenue. And that suddenly makes it a big deal.

The root cause turns out to be an Internet circuit that’s dropping about 20% of packets. The link (GigabitEthernet 1) is up, but there’s congestion somewhere upstream in the ISP’s core. 

However, user traffic continues to flow through the IPsec tunnels built over that same bad Internet circuit experiencing packet loss, as shown in the diagram below.

Figure 9.1. A bad Internet link causes a poor application experience.
Figure 9.1. A bad Internet link causes a poor application experience. 

When the news reaches the CEO, he asks the obvious question: We have spent millions on this modern WAN. Shouldn’t it be smart enough to notice a bad Internet link and route around it?

It’s a fair expectation. But the answer is: not always. Not unless you’ve designed and configured the WAN to make routing decisions based on SLA measurements. Without that, the network can stay up on paper while users get a poor application experience in practice.

Figure 9.2. The network should be smart enough.
Figure 9.2. The network should be smart enough. 

In a traditional WAN, an application's network path is typically determined by a routing protocol such as BGP, OSPF, IS-IS, or EIGRP. These legacy routing protocols have been around for many years and have become very good at detecting network blackout conditions, such as direct and indirect failures of WAN circuits. When calculating the network path for given application traffic, they typically consider the destination prefix, routing metric, and link-state information. 

However, these legacy routing protocols have not been designed to detect brownout conditions or soft failures in the network, such as performance degradations. As network engineers, we have seen many many times that packet loss, latency, and jitter can suddenly appear on any WAN circuit, especially on low-cost Internet links. 

That’s where Application-Aware Routing (App-route) comes in. AAR is the functionality that allows the SD-WAN fabric to monitor the quality of IPsec tunnels in real-time and do SLA-driven routing across the best available IPsec tunnels. 

Locked digital content

Digital Book Access

For now, the digital version of this book is available only to active subscribers and readers who own a paperback copy.

The ability to buy the digital copy directly is coming soon.

  • Subscribers can access the full digital version as part of their membership.
  • Paperback owners can access the digital version using the instructions provided in the book.