& cplSiteName &

Crossing Over to VPNs

Light Reading
News Analysis
Light Reading
1/30/2003

IP-based virtual private networks (VPNs) may be the light at the end of the telecom downturn, but there's a roadblock ahead -- one that's only just starting to be addressed.

Here's the problem: While experts see availability of high-bandwidth Internet connectivity for business customers as key to telecom recovery (see The Bright Side of 2003), many companies and their service providers are unwilling to part with their Frame Relay, ATM, and TDM-based links.

Indeed, it's common to see organizations facing a growing array of disparate services. They look wistfully at IP VPNs as a way to consolidate it all, increase bandwidth and configuration flexibility, and streamline management and operating costs. But they live with the pain, because they trust those old links. And it's easier, given the sluggish economy, to postpone any major overhauls or buildouts. The goal may be an all-packet world, but getting there seems expensive and complicated.

Happily, carriers are looking harder at ways to make the VPN crossover more workable. A growing number are introducing "in between" services, that give users of legacy services a way to migrate to universal Internet Protocol (IP) step by step. This week, for instance, Sprint Corp. (NYSE: FON)announced new services geared to ease the transition from Frame Relay and private line to IP VPNs, via Layer 2 tunneling (see Sprint Touts Layer 2 Services). Sprint customers with existing legacy connections can link their Frame or TDM networks to Sprint's IP backbone and get them managed like IP services. Sprint says four customers have signed on so far.

Here's a sampling of other carriers' transition solutions:

  • AT&T Corp. (NYSE: T) has been offering what it calls IP-Enabled Frame Relay/ATM for over three years. This service uses Multiprotocol Label Switching (MPLS) to let legacy customers run IP applications over their existing Frame Relay and Asynchronous Transfer Mode (ATM) networks. (There's no corresponding service for private-line customers.) Customers also use the services to connect their legacy clouds to AT&T's MPLS-based core data services, AT&T says.

  • BellSouth Corp. (NYSE: BLS) doesn't have a hybrid service yet, but Roddy Tranum, director of VPN, IP VPN, and security, says a network-based IP VPN service using MPLS to link in Frame Relay and ATM customers is planned for launch this quarter.

  • Verizon Communications Inc. (NYSE: VZ) also plans to use MPLS to interconnect Frame Relay, ATM, and Ethernet customers starting in August or September 2003 at undisclosed locations.

Proponents of these kinds of transition services say they'll serve the purpose for lots of customers that might otherwise not make the move. Speaking of Sprint's offering this week, Max Smetannikov, analyst with Current Analysis, says: “This makes an eventual migration to IP VPNs a bit more feasible. Practice shows that [getting customers to migrate to IP] is not a simple one-step process… [Sprint] is getting IT managers to change their mindset one [service] at a time… It makes sense to have many stepping stones.”

Proponents of the transition services say they won't cost more than existing legacy ones. Indeed, Sprint says pricing will fall 15 to 30 percent lower for the transition services than for plain-vanilla Frame Relay ones. AT&T says circuits in its IP-Enable Frame Relay/ATM service may be "a bit more expensive," but for high-bandwidth customers, the carrier is careful to keep prices equivalent.

Not everyone is enamored of the transition services. Equant (NYSE: ENT; Paris: EQU) and Qwest Communications International Inc. (NYSE: Q) offer both IP VPNs and traditional legacy services, but nothing in between. "We're not convinced that there's justification," says Gopi Gopinath, head of data and IP services at Equant. And Qwest spokespeople say they think transition services complicate matters.

Other issues may be at work. Some carriers still haven't worked out the economic benefits of moving customers from one service to the other, and others may fear cannibalizing certain legacy revenues, according to input from sources.

The issue is a complex one, which Light Reading will explore in depth in several ways. Watch for a report expanding on the topic of transition services in the next two weeks.

— Mary Jander, Senior Editor, and Eugénie Larson, Reporter, Light Reading
(9)  | 
Comment  | 
Print  | 
Related Stories
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
metroshark
metroshark
12/5/2012 | 12:44:47 AM
re: Crossing Over to VPNs
The rumor is that AT&T is using some Stratacom/Cisco boxes for the IP enabled frame relay service. Which vendors will BellSouth and Verizon use for their MPLS based VPN services?
cc_junk
cc_junk
12/5/2012 | 12:44:37 AM
re: Crossing Over to VPNs
I don't what is meant by "in-between" service.

Equants MPLS VPN service is really no different from AT&T's IP Enabled Frame Relay. In both the customer is getting IP routing serive from the carrier based on the 2547 BGP/MPLS VPN technology. They both use FR as an access option to the PE device in the VPN.

WANs are private line or layer 2 PVCs point-to-point at one end of the spectrum and network-based IP VPN or Internet tunneling IP VPNs at the other. I don't see any service mentioned that is "in-between" these?

Sprint's announced service over Sprintlink is just FR PVCs (and some kind of HDLC and Ehternet point-to-point forwarding). From the enterprise view this is nothing new. Internally Sprint is doing FR over their IP backbone (using L2TPv3) rather than ATM, but does that really change the service defintion the user sees? Supposedly it's just FR - you get PVC/dlci's, LMI, policing, etc. Nothing new here.

Actually, from the enterprise WAN routing point-of-view, Interent tunneling VPNs are topologically the same as point-to-point virtual circuit WANs. So from that view it fits on the first side of the spectrum mentioned above.
DooGie
DooGie
12/5/2012 | 12:44:33 AM
re: Crossing Over to VPNs
Level(3)'s entire core runs via MPLS. They have a product called (3)Packet that supports Frame Relay, ATM, and Ethernet. It utilizes the Laurel ST200 to aggregate these services. This MPN (MPLS Private Network) allows for the customer to maintain their DLCI, VPI/VCI, and VLAN information respectively. This has been a product for at least 3 yrs, utilizing the Martini draft. Luca Martinin is actually employed by Level(3). Many of the companies that are saying that they are offering this service are just reselling Level(3) services.
lastofthebohicans
lastofthebohicans
12/5/2012 | 12:44:32 AM
re: Crossing Over to VPNs
Hi Mary,

Almost every IP/VPN edge router startup that came out of the gate since 1997, whether they went public, got bought, or went under, is now dead. The few startups remaining that drank the MPLS koolaid (like Equipe and Tenor) are on life support.

What good is MPLS in the core if there is nothing
on the edge (save Cisco and a few others) to
process it? Pure IP/VPN companies, like CoSine,
are barely alive. Network-based VPNs were ahead
of their time.

Scott Raynovich has also stated that Verizon
is putting MPLS in their core. With the bandwidth
glut, why bother? MPLS has significant logistics,
such as proper configuraton on each hop and
node throughout the network.

-lotb

dogmeat
dogmeat
12/5/2012 | 12:44:27 AM
re: Crossing Over to VPNs
<rant>

As a global enterprise operation, NO carrier can make the numbers work. Why? My network is Frame Relay hub-spoke topology and the IP-VPN (be it IPSec or BGP/2547) are priced to undercut fully meshed topology not hub-spoke.

For Internet based services, DoS attacks to my IPSec Transport IP addresses, peering congestion, ISP type oversubscription on DSLAM uplinks concern us.

And finally, management visibility is impossible when you surrender your "core", I asked for a Netflow V5 record feed to go to my management center and the Telecom said that it was impossible since the MPLS PE sends Netflow for the whole chassis not customer port groups and I had to "take what the customer portal gave me."

Oy vey. So, in summary:
1) More expensive
2) Availability is uncertain (some topologies)
3) I'm blind to traffic flows

What does my Telecoms think? I'm stupid?

</rant>
cc_junk
cc_junk
12/5/2012 | 12:44:20 AM
re: Crossing Over to VPNs
Doogie post #3:

"Level(3)'s entire core runs via MPLS. They have a product called (3)Packet that supports Frame Relay, ATM, and Ethernet. It utilizes the Laurel ST200 to aggregate these services. This MPN (MPLS Private Network) allows for the customer to maintain their DLCI, VPI/VCI, and VLAN information respectively. This has been a product for at least 3 yrs, utilizing the Martini draft. Luca Martinin is actually employed by Level(3). Many of the companies that are saying that they are offering this service are just reselling Level(3) services."


Level 3 hasn't been doing this for years. Their service just came out last year. It is just FR/ATM/Ethernet service. Nothing new. The RBOCs and IXCs that have been selling FR/ATM even some Ethernet for years, even more than a decade in the case of FR. They certainly are not reselling Level 3 service.

Level 3 is just late to the enterprise WAN market because they never built an ATM network. Now with the Martini stuff they are trying to get a piece of a *legacy* market.

I believe that the carrier services mentioned in the article are 2547 services, which Level 3 is not doing (at least I haven't seen any public offer).

The only large carrier that has announced doing FR/ATM/Ethernet service over their IP backbone is Sprint and they eschewed MPLS for L2TPv3. But that is not really a new market for them because they already have those services on their ATM networks. Looks like they are positioning it as a transitional step for an enterprise to do IPSEC Internet VPNs.
cc_junk
cc_junk
12/5/2012 | 12:44:20 AM
re: Crossing Over to VPNs
No, I don't think think the incumbent carriers think you are stupid. I don't think any of them have said they will stop selling FR/ATM networks, because they fit enterprises like yourself. It would be foolish to push only 2547 or IPSEC Internet VPNs, especially if you have a significant installed base for whom FR/ATM is just the right fit. But there are enterprises for whom the other services are better fit.
trepanne
trepanne
12/5/2012 | 12:43:52 AM
re: Crossing Over to VPNs

+++I believe that the carrier services mentioned in the article are 2547 services, which Level 3 is not doing (at least I haven't seen any public offer).+++

they are, in fact, talking about RFC247.
level 3 does not, in fact, offer this service.

i am not aware of anyone who is reselling level 3's layer 2 MPLS-VPN service.... although there are certainly interesting possibilities for them to migrate genuity's FR/ATM service onto MPLS backbone.

trp
cc_junk
cc_junk
12/5/2012 | 12:40:54 AM
re: Crossing Over to VPNs

"i am not aware of anyone who is reselling level 3's layer 2 MPLS-VPN service.... although there are certainly interesting possibilities for them to migrate genuity's FR/ATM service onto MPLS backbone."

Does Genuity even have a FR/ATM service? I thought they only had IP tunneling VPNs. Looking at the last IDC frame relay rankings they are not in the top 10 US frame relay providers. And all the providers outside the top 10 together only have a 0.5% market share.
Featured Video
Upcoming Live Events
March 16-18, 2020, Embassy Suites, Denver, Colorado
May 18-20, 2020, Irving Convention Center, Dallas, TX
All Upcoming Live Events
Upcoming Webinars
Webinar Archive