This article attempts to explain some of the decisions we’ve made surrounding network architecture, and how these will impact technology in the new Elanco ecosystem.
It goes without saying that as a company we need a way of connecting our employees, systems and devices together to form a network across the globe. Conveniently, one such thing exists already, it’s kind of new but you might have heard of it - The Internet - A huge network of networks.
Any network that wants to peer with other networks can connect to an exchange point. Internet Service Providers interconnect with each other at Internet eXchange Points (IXP) across the world to allow their customers to communicate.
An IXP is usually an Ethernet switch, much like the Ethernet switches that connect computers in an office network. Each network connecting to the exchange point connects one or more of its routers to the exchange point’s Ethernet switch, and they send traffic across the Ethernet switch to routers belonging to other networks.
There’s even a map which shows every IXP in the world:
There’s also a route server directory at that link, if you’re really keen. But for the Normal Folk out there, what we can tell from this map, is that life is kind of hard if you’re in central Africa or Australia. The further away you are from one of these IXPs, the slower your Internet speed is going to be. You’ll have to traverse a bunch of third-party providers to get to the exchange point and onto the backbone of the Internet. This can lead to some pretty grim Latency.
Latency, you say?
Imagine you’re taking a trip from the UK to France, but you have to do the whole journey by different methods of public transport.
You’re not necessarily going to be able to find a direct method of transport. You might start off on a little local bus service which takes you to a local train station to get a local train service. That train takes you to a national train station, and from there you can get to the international railway to cross the sea.
Or, you could just fly there …
This journey is like the way people access consumer broadband. When you consume broadband at home you might be buying your access from a company who relies on another company who relies on another company who buys it from the company which actually has access. As a user of consumer internet, you’re at the bottom of the routing hierarchy. At the top, are Tier 1 networks large telecommunication companies that exchange traffic directly with each other via very high-speed fibre optic cables and governed by peering agreements. If you want fast connection, with low latency, you want to plug straight into the Tier 1 network with all the cool kids.
In network terms:
- Tier 4 would be your rural bus service
- Tier 3 is closer to a regional train service
- Tier 2 would be your national express coach
- Tier 1 is your international airline.
In order to get to the Internet, your data packets need to make several jumps, across networks. Each connection point, they need to be redirected to reach the destination. This relies on all the ISPs cooperating with one another, and all the services working. The more hops you need to take, the more chance there is that your packet can get lost. These failure points are like your transfers at different stations. Trains break down, maintenance needs to happen to repair tracks, and some tickets are not accepted by all travel companies.
Consumer is not equal to business grade
We’re not connecting the enterprise to the Internet using consumer broadband. We’re working with a company called CenturyLink who are a Tier One network provider. They don’t buy their access from anyone else, so we’ve basically got the equivalent of living next door to the airport– Dedicated Internet Access. The service they provide is more expensive, and for this we get synchronous bandwidth (same upload as download speed which is important with a remote workforce), monitored speeds, service level agreements, few hops and greater reliability. All adding up to less lost packets, and less latency.
Another provider who plugs straight into the Tier One backbone, is Equinix. Equinix are providing our Colocation (Colo) data centres. A colocation facility is a type of data centre that leases equipment, space and network bandwidth for companies to run their applications. We rent a bit of space in someone else’s data centre so that we don’t have to manage our own. We currently have two colos, one in Amsterdam and one in Ashburn, Virginia. These are called our beachheads. Colo hosting is one of the applications hosting services ETS offer, providing higher levels of security, governance and control of data. This kind of hosting may be more suitable for applications which need dedicated resources with tight performance SLAs, special hardware dependencies or lower latencies than the public cloud can provide.
Equinix also provides a single access point to a multitude of cloud service providers (Amazon, SAP (Virtustream), Microsoft, Google Cloud), so we can connect directly to those we work with. This puts us in a great position now for Azure, but also if we choose to go multi-cloud with other providers in the future.
What does this mean for Cloud Services?
If you’re concerned about performance loss by cloud hosting, then think again. With the traditional corporate network model, access to SaaS applications/IaaS is not direct to the internet. All internet-bound traffic needs to travel back to a central point, e.g. Indianapolis where additional security screening is performed to protect Elanco from vulnerabilities. Only from there does traffic breakout to the Internet. This journey adds latency which negatively impacts cloud application performance resulting in decreased productivity for our employees and a general dissatisfaction. People often conclude that a SaaS application/IaaS is just slow and unreliable, because they don’t know how the network is configured. In our new network configuration, traffic bound for the Internet (for trusted destinations like Microsoft etc) will be allowed to break out locally, preventing this additional journey back to HQ!
As a side interesting fact: There’s also a distributed element to Microsoft services where they are a pool rather than a single location. This means that local DNS name lookup allows traffic to be resolved to the nearest resource by IP, rather than be redirected across the world!
And for the Colo?
Sadly, ETS haven’t yet cracked the problem which is the speed of light. If you are an application owner and your application is used by employees in APAC region, it’s important to note that there is no Colo in the APAC region. You should first establish if your application really needs to be hosted in the Colo for quality/security reasons. If this is the case, then the application should be designed so that it is not latency sensitive. If Cloud is a feasible hosting option, then it should be moved to Azure.
Has this article raised questions for you? Is there a topic you’d like more information on? Give us a shout on the ETS – Ask Us Anything Teams channel or email Jo Joss. We want to hear from you!