CNET también está disponible en español.

Ir a español

Don't show this again

Networking

Sprint makes about-face on VPN technology

After years of criticizing a technology known as multiprotocol label switching, the long-distance carrier succumbs to market pressure and will offer MPLS virtual private networks.

Long-distance company Sprint Communications has been one of the most outspoken critics of a technology known as multiprotocol label switching, but now it seems Sprint is eating a bit of humble pie as it becomes one of the last major carriers to offer a virtual private network service using MPLS.

The carrier announced Wednesday it will offer MPLS virtual private networks (VPN) based on a standard ratified by the Internet Engineering Task Force and called the RFC 2547bis technical standard.

Although Sprint had always maintained it had the infrastructure to support MPLS VPN services, its engineers had argued for years that the technology was much more complicated than its homegrown approach. So instead of offering MPLS services, it offered a service based on virtual routing, which used network-based IPsec encryption and tunneling to establish secure connections between corporate sites.

But it appears competitive pressure has finally gotten the best of Sprint. Long-distance carriers AT&T and MCI have offered MPLS VPN services for years, and Baby Bells such as BellSouth and SBC Communications are also introducing their own such services.

"MPLS VPNs were something that we needed to have in our IP portfolio to make sure that we can deliver a broad range of services," said Barry Tishgart, director of product management for Sprint. "Customers probably can't see much of a functional difference between our network based IPSec VPNs and the MPLS VPNs. But they've expressed some preference for MPLS, and we want to respond to those requests."

Sprint plans to keep its IPsec network based service, too. It will offer it to customers looking for extranet, Internet and remote access connectivity. MPLS VPNs will only be offered to build corporate Intranets, Tishgart said.

Tishgart also said MPLS makes certain features easier to deploy. For example, MPLS can support IP multicast, a feature that lets content be disseminated simultaneously to select individuals in a group. Some companies want to use multicast for videoconferencing and streaming video. Others, such as companies in the financial industry, want to use it to deliver data to specified groups at the same time.

Sprint's conversion to MPLS is a positive endorsement for the technology in general. Analysts say the technology is hitting the mainstream as corporate customers start to realize the benefits of using MPLS over traditional data services like Frame Relay and ATM (asynchronous transfer mode).

"People want MPLS," said Mark Bieberich, a senior analyst at The Yankee Group. "You can't compete for a wide area contract without at least having MPLS as an offering."

The main difference between MPLS VPNs and Frame and ATM VPNs has to do with network topology. Frame Relay and ATM are point-to-point technologies that are usually deployed in a hub-and-spoke architecture. This architecture works well for smaller companies concentrated in one location. But for companies that have offices scattered throughout the country, or even the world, it doesn't scale well.

By contrast, MPLS VPNs connect sites in a mesh, or web. Because of this topology, MPLS provides better resiliency than traditional data services. If one path fails, it can route around it on another path. It also uses bandwidth more efficiently, since all the traffic isn't sent to the same hub before making its way to its final destination. And because new sites can be added easily, it is ideal for companies that are rapidly expanding.

One of the applications driving the deployment of MPLS VPNs is VoIP (voice over Internet Protocol). Take as an example a company with offices in Singapore and Hong Kong and headquarters in New York City. In a traditional Frame Relay deployment, if someone wanted to make a call from Singapore to Hong Kong, traffic would first have to go through New York. While this may not make much of a difference for noncritical applications like e-mail, it can destroy the quality of a voice call, since voice traffic is sensitive to delays.

Because MPLS is deployed in a mesh, the routing protocols simply find the quickest path, making it much more suitable for delivering voice over IP traffic.

Jim Daugherty, product director of MPLS VPNs for AT&T, said Sprint is late to the MPLS party. He said Sprint still has a long way to go before its new service will match AT&T's offering, which has been available since 1999.

"I think MPLS has reached critical mass," Daugherty said. "People know what it means and they know the benefits. I think Sprint realized they were one of the few without an offering, and they needed to do something about it."