Using 3G as a backup WAN

When a bundle of telecoms cables were inadvertently cut in Sydney’s central business district last year, many organisations suddenly found themselves without internet access or email. This incident was a painful lesson in how reliant many businesses have become on wired connections to the world.

Of course the modern world also offers wireless connections, thanks to pervasive 3G networks that promise impressive speed. These services can even be acquired on demand – walk into a shop and you can walk out with a modem and downloads galore.

But switching to 3G when your wired WAN fails is not entirely simple.

“3G wireless services can deliver go-anywhere connectivity but they suffer from congestion (as a shared medium) and from variable latency,” says Damien Murphy, a Senior Sales Engineer at Riverbed Technology Australia/New Zealand. “For example, a ‘21 Mbps’ 3G network typically gives users a maximum of 1.5 – 2Mbps throughput.”

Murphy therefore advocates using WAN optimisation as a way to ensure that your applications consume as little bandwidth as possible so they can operate effectively with the little 3G bandwidth on offer.

“We have many customers using 3G wireless services for backup/DR purposes and even for running production sites,” he says. “As an example, a large Australian financial institution ran a remote branch in Western Australia accessing its east coast data centre for a number of months over 3G while waiting for copper to be laid to the site. This branch had 15 users and the Riverbed Steelhead appliances delivered 34 mbps throughput over 1.4 mbps of 3G bandwidth - allowing them to run all of their production applications (including IP telephony).”

Brendon Pearson, Principal Consultant at Bridge Point Communications, says would-be 3G WAN users will need to pay attention to their router confiugrations.

“Depending upon the carrier and what you want to do routing-wise with your network, you have different routing options. Potentially you need to tunnel the traffic across the 3G link which has implications of its own on latency and maximum transmission units (MTUs),” he says.

“3G wireless networks are essentially designed to attach a single device like a phone to an IP network (in most cases either the Internet or a private IP network). As such they are made for the 3G terminal device to get a single IP address. This means by default you don’t get to treat the 3G terminal as a router because the 3G network only routes IP packets destined to that one address to the terminal. To make the 3G network actually route to subnets behind the 3G terminal, you need use some smarts.”

Pearson says Telstra will allow users to deploy “'Framed-Route' attributed in the radius exchange setup,” and arrangement that makes it possible to establish subnets behind a 3G modem.

This setup does not always work, leading Pearson to suggest that if “... you want to control the routing through more dynamic means, then you need to setup an IP tunnel such as GRE from the 3G terminal to a central router or two in the core of your network. “

“A commonly used Cisco feature that assists with this is called Dynamic Multipoint VPN (DMVPN) which uses a combinations of a number of technologies below it (mGRE, NHRP, IPSec) to almost make the 3G network transparent.”

“Even with this approach you need to tune your core routing to ensure a relatively smooth failover and failback of the 3G link. Also given that the 3G networks don’t support qualityof service, at this stage, you need to adjust your quality of service policies to cater for this.”

A last step, Pearson says, is considering how to send voice traffic over your 3G link.

“You might want to adjust your call admission control parameters to either use ornot use the 3G link at all given its latency, jitter and variable bandwidth,” he says.