No Jitter is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Fixing the Internet Using Secure Vector Routing: Page 4 of 4

Continued from Page 3

Secure Vector Routing

128T has coined the term "secure vector routing" to describe how it routes packets. Secure vector routing combines session awareness, first-packet processing, and waypoints. A real example may further explain how this works.

128T has a SaaS customer that offers secure, compliant unified communications solutions via a cloud-based platform. This cloud provider has a healthcare client that must comply with HIPAA, ISO, PCI, and other regulatory guidelines, and therefore needs secure, segmented, QoS-enabled connections between its contact center and the cloud provider. For cost reasons, this healthcare company wants to use best-effort Internet as opposed to an MPLS connection.

Here is the architecture for this solution:

Figure 2. A real 128 Technology deployment showing 128T routers working with existing network infrastructure between a cloud UC provider and a healthcare client. Note the availability of four deterministic waypoints over different network providers.

128T routers sit behind a traditional edge router and the corporate firewall at both the SaaS provider and the healthcare client locations. The cloud provider has two redundant links to the Internet via different carriers. The healthcare provider also has two redundant links to the Internet through two separate carriers. The 128T routers are configured so that they know of these redundant links, which provide four possible paths or vectors: A-C, A-D, B-C, and B-D.

The 128T routers send a Bidirectional Forwarding Detection packet (like an IPsec keepalive packet) every half second across each connection path to gather network performance characteristics for real-time routing decisions based on session policy and network conditions. Thus, they know how well all four of these possible network routes are performing at any given moment.

When a new session is started, a phone call in this instance, the 128T routers look at the four waypoint paths and route the packets across the vector that provides the best performance from a latency, jitter, and overall QoS perspective. Note that this is a bidirectional flow because both parties on the call are using voice, and packets are flowing in both directions.

The 128T routers continuously monitor the quality of the connection; should the selected path become congested, they'll reroute the call within one to two seconds over a different vector path, thus preventing call failure. SD-WAN mechanisms typically take 15 seconds or longer to switch routes. Alternatively, SD-WAN devices use forward error correction, where the SD-WAN router sends duplicate packets over two links and reassembles them on the far end, which consumes even more bandwidth and may not correct the quality problem.

The 128T solution, which was built without touching existing network switches, routers, or firewalls on either end, provides multipath, QoS-enabled routing with real-time failover. A business manager at the healthcare organization deployed the solution bypassing the need for IT department resources (the cloud provider and 128T deployed and configured the 128T routers).

Licensing and Processing Power

128T offers its solution on a subscription basis with terms of either one or three years. Pricing is based on a specified capacity in megabits or gigabits that traverse the routers. At the end of each year, a "true-up" occurs in which 128T examines the routing capacity used above and beyond the contracted capacity. It then calculates the new capacity by looking at the 95th percentile of actual capacity used (this allows short bursts in traffic above the contracted capacity to be eliminated from consideration).

128T does not charge back for capacity used in the prior year above the contracted capacity. Nor does it charge for software maintenance or support or redundancy; organizations can run the 128T software on as many devices as they wish. 128T claims its solutions are 90% to 95% less expensive than other routing options when examined over a four-year TCO window.

The 128T router software will run on off-the-shelf processors, in virtual environments, or on cloud infrastructure from Azure, Amazon Web Services, and Google. 128T asserts that a simple Intel NUC device with a Quad Core Atom 1 processor can route up to one gigabit per second and a Xeon 2 14-core processor with a 6-GHz processor can route 40 Gbps. Thus, the solution can scale from the smallest to the largest applications.

Key Takeaways

Using ideas first developed for session-based IP multimedia flows, 128T has applied the concepts of session and state awareness to the much larger problem of "fixing the Internet" by fixing routing. The company's technology can make Internet routing more deterministic with predictable QoS. 128T's routers provide zero-trust security and state functionality without the need for middle boxes like firewalls, deep packet inspection devices, NAT, and load balancers. The overhead costs in terms of CPU processing and bandwidth, particularly for multimedia flows, are far less for 128T's solution than they are for SD-WAN technologies or other tunneling mechanisms. The company's software runs on a variety of CPUs and is licensed on a subscription model with pricing based on the number of gigabits of network traffic that traverses the router.

Although the 128T secure vector routing concept seems simple, it is radically different from what most other networking companies are doing. 128T won an innovation award at Interop in May 2017 for its technical approach. Right now, 128T has routers in production in several customer locations and an additional 50 pilot deployments are underway. The company is in its C Series round of funding with $57 million in total funding to date. 128T hopes to be worth $40 billion in the coming years.

For cloud-based voice and video providers in our industry as well as for enterprises seeking robust, secure, inexpensive networking technology, 128T may well be worth a look. Delivering a great quality of experience for users means insuring network performance for every session.

(Editor's Note: The author has no affiliation with 128 Technology, nor has he been compensated by 128 Technology to write this article. He stated, "If this technology really does fix the Internet, then I need to know enough about it to discuss the concepts in an article!")