MPLS VPN vs. IP VPN which one is right for you? Here are a few criteria to help you decide.

Channel Partners

February 21, 2014

5 Min Read
The Current State of Wide Area Networking

By Matthew Toth

During my more than 14 years in telecom, there have been a few shifts in wide area networking private lines to frame relay, frame relay to multiprotocol label switching (MPLS), and now were seeing another shift, from MPLS to IP VPN. 

Why do these shifts occur? Pricing, availability and changes in technology. For instance, frame relay was a big jump from private lines for the industry because it meant that logical networking (think PVCs, CIR) through a large shared network instead of dedicating chunks of bandwidth to specific customers (private lines) would free up space for more potential customers. Due to this fact, telcos could provide a reduced cost for frame relay vs. private lines.

Todays MPLS to IP VPN shift isnt as pervasive as previous ones because there is still a huge place in the market for MPLS. It still remains the right choice for many organizations today based on some key characteristics. 

Which one is right for you? Lets take a look at the criteria and help you decide.

1. Price. IP VPN gets a huge check mark here. Lets take the example of a customer who has a 10-site AT&T MPLS network in 10 states with bandwidth needs of 10MB at each site and 50MB at the host. Eight of those locations may be in urban areas and have access to cheap metro Ethernet for accessing the MPLS network(commonly referred to as local loop” or access”). The other two remotes may be more rural and have to bond seven T1s together to achieve a 10MB aggregate bandwidth. Weve seen 7xT1 MPLS pricing in fairly rural areas upwards of $3,000-$5,000 per month. Companies have to swallow those two expensive costs because they have to connect back to AT&Ts MPLS network. There is no flexibility there. If that customer decided to move to an IP VPN networking architecture instead using two or three Internet providers throughout the network instead of one, they could incorporate smaller regional carriers into that network who have stronger networks in those rural places and may provide that 10MB for literally one-fifth the MPLS price.

2. QoS. MPLS gets the check mark here.  Most MPLS carriers allow somewhere between four and six queues to prioritize data traffic on. At the point where a customers MPLS network gets congested due to lack of bandwidth, the applications that are more time sensitive(voice, video, perhaps ERP) take priority over less time sensitive applications(email, Web browsing, etc). QoS can be implemented on an IP VPN, but the only data traffic that can be controlled is outgoing. You cant control incoming data streams if you have an Internet circuit. Also, the outgoing data that you can prioritize at a LAN level goes through the public Internet which doesnt honor QoS taggings(unlike MPLS).

3. Meshed Networking. MPLS gets the check mark here. With an IP VPN, secure tunnels must be built to and from all the locations that need to send data traffic. This routing/router configurations can get quite complex if your company has many locations that need to send data traffic to many other locations. MPLS is by nature fully meshed and the intricacies of setting up routing tables isnt handled by the customer, but rather by the MPLS carrier.

4. Flexibility. IP VPN gets another huge check mark here. Unlike MPLS, multiple carriers can be utilized to create your IP VPN.  Location 1 may have a Comcast metro Ethernet Internet connection, while location 2 may have an AT&T Internet circuit and location 3 may have a 123.Net fixed wireless connection. VPN tunnels can be set up amongst these connections through which data can be sent. Also, Internet circuits are more functional since internet bandwidth can be used for Web browsing, email, e-commerce and other applications in addition to being used for site-to-site data traffic. With MPLS, all three locations must have the same carrier, and MPLS bandwidth is used only for site-to-site data traffic.

5. Security/Speed. Check mark for MPLS. MPLS connections are completely secure and firewalls dont need to be deployed and managed. IP VPNs use public Internet service that is susceptible to hacking and other malicious threats. From a speed standpoint, 10MB of MPLS will be a bit faster than 10MB of Internet as it relates to data traffic between two sites for two reasons. First, the encryption needed to send data packets through an IP VPN takes space on data packets that could otherwise be devoted to more of your companys data. MPLS traffic doesnt need to be encrypted and therefore dedicates the entire packet payload to your data. Second, data sent on an MPLS network will typically take less network hops to its destination because traffic is more controlled by the carrier and stays on their network the entire time(vs. IP VPN traffic traversing several networks and typically hitting more hops on its destination).

6. Ease of Management. Check mark for MPLS. QoS is easier to manage and is available end to end. Firewalls arent required for security, and dealing with one carrier for network issues vs. a multitude of Internet carriers that comprise one big IP VPN can be challenging.

In summary, I feel that IP VPN is more cost effective and more flexible, but MPLS gives a more consistent experience and is easier to manage. Another option is a combined approach that allows both internet and MPLS on the same circuit. Some of the benefits from both approaches can be had. Some carriers that C3 deal with tend to be more forward thinking in pushing this idea from a capability and pricing standpoint. Whatever the needs of your organization are, we are happy to report that customers dont typically lack choices, but rather a method of evaluating the myriad potential choices. Its this fact that trips up organizations just as much, if not more than the actual deployment of the services themselves.

Note: For the sake of brevity, VPLS and metro Ethernet aren’t discussed to length here. These services may also be solutions to evaluate depending on your criteria.

Matthew Toth, president of Collaborative Communications Consulting (C3) has been in telecom for more than 14 years, starting with WorldCom in 2000.  In 2008, Toth founded C3, a  brokerage of more than 80 telecom and cloud providers that provides data, voice and cloud.  

Read more about:

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like