Internet vs Tunnel Bonding

XRoads Networks MultiWAN solutions incorporate the unique ability to perform both Internet bonding and site-to-site bonding. This functionality means that unlike other solutions on the market, only XRoads Networks products can offload non-authenticated applications, Web downloads for example, so that individual sessions can be combined across multiple Internet links.

What is Interet Bonding?

The simplest way to describe Internet bonding is to say that it allows a single customer session to utilize the combined bandwidth for all of the available Internet links or to improve connectivity to cloud-based applications via one or more WAN links. For example, a single file download can use the bandwidth of two or more Internet links, regardless of provider or media type (i.e. a combination of DSL, cable, wireless, etc.), at the same time, so a 3Mbps DSL plus an 5Mbps cable equals an 8Mbps download.

What this means is that the file being downloaded is obtained across each of the network links at the same time, thus utilizing the bandwidth of each link for the same file at the same time, which increases performance and provides automated redundancy.

What is Tunnel Bonding?

A basic way to describe tunnel bonding is to say that the speed and redundancy improvements are achieved by placing a tunnel bonding device at each of the locations between which one wishes to accelerate the application traffic. This is a two device solution, where one device must reside at each location.

Each tunnel bonding device establishes a tunnel across the various available ISP links at each location. Then the devices combine the tunnel traffic so that the packets from a particular application is split between the available WAN links thus using all of the available bandwidth for each link.

The tunnels are designed to add an additional network layer so that the packets, which make up the application traffic, can be easily split up and sent between the sites. One side of the tunnel splits up the packets, and the other side reassembles them in the appropriate order. This splitting up and reassembling is required for tunnel bonding to work but adds overhead via encapsulation.

A core requirement of tunnel bonding is that you MUST have a device at either end of the bonded tunnels, again so that the packets which were split up at one end are appropriately recombined at the other end.

Basic Differences

One of the easiest ways to describe the differences between Internet Bonding and Tunnel Bonding is to state that Tunnel Bonding requires two devices (like a VPN connection), i.e. one device at each location between which you are attempting to bond the bandwidth, while Internet Bonding does not have this requirement but has some limitations in terms of the types of traffic that is supported without a device at either end.

A common deployment for Internet Bonding is when one wants to improve Internet performance to cloud-based applications where no device at the opposite end is required in order to perform the bonding. Thus you can combine link speeds for remote websites, services, etc. without needing a device sitting in front of that resource.

A common deployment for Tunnel Bonding is when one wants to improve performance between two locations, i.e. between a central office and remote offices (hub and spoke configuration). A centralized "head-end" device is use to aggregate tunnels from multiple remote offices. Optionally, one can configure each office device to connect to every other office device (meshed configuration); this is fine for smaller deployments, but can become quite complicated for large configurations. There are no limitations on the type of traffic that is traversing the tunnel, i.e. it can be authenticated or non-authenticated, so long as there is a device at each end.

Internet/Tunnel Bonding

The UBM platform supports both Link and Tunnel Bonding. XRoads Networks is the inventor of Internet Bonding (a process which XRoads Networks has patented) and thus in many cases the UBM platform has advantages over other bonding solutions.

A standard deployment for a customer that has multiple locations, each with multiple Internet links, and wants to improve application performance out to the Internet and between the sites, is to utilize Internet Bonding for Internet-bound traffic, and to utilize Tunnel Bonding for traffic which is bound to a remote site (similar to split-tunneling). Additionally, link bonding can be used within the tunnel to further increase performance, and this is a key advantage over any other solutions on the market.

This achieves the best of both worlds, i.e. accelerating general Internet traffic, while maximizing the speed and performance for all application traffic between the remote offices. If there are certain authenticated applications which also need to be bonded the UBM appliance can also be deployed to the data center which is hosting that specific application.

Even when simply performing Internet Bonding out to the Internet, ALL Internet bound traffic will automatically failover in the event of a network outage, including authenticated traffic (IPSec traffic does require multiple security associations on the remote firewall).

Thus, the UBM platform is a perfect choice for customers utilizing the Internet to connect multiple sites, or is using the Internet in conjunction with an existing private link for optimizing application performance and redundancy.