MPLS vs Site-to-Site
-
I have heard a new things in my site where MPLS and Site-to-Site.
I don't know how the usage of these two things.
Can anyone know about this two things.
What are the advantage and disadvantage using that in a network? -
-
MPLS is a means of doing site to site. A true site to site line is a direct connection from one site to another - it requires new and dedicated copper or fiber to be run, just for you. The line is yours and yours alone.
The traditional alternative to this is VPN. A VPN uses the public Internet to mimic the behaviour and security of a site to site connection without the cost.
MPLS is an in-between that uses a shared network but one owned completely by a single ISP and has labels or tags on the traffic to make it behave like it is on a site to site link. Less secure as the ISP can see all of your traffic wide open but no one but the ISP can see it. Typically much less expensive than a site to site link but much more expensive than a VPN. Pretty much all site to site, at least in the US, has been replaced by MPLS.
-
There are many projects are there in my office.
If I need to check the status of the Desktop or Laptop which is connected to the MPLS or Site-to-Site,how can I check? -
@Lakshmana Any site-to-site configuration, whether it is MPLS, VPN, or a cable running between the 2 buildings, should create a single LAN on the user side. You should see anything on the network at the other site just as you would see it if it was on a desk in the next room.
-
@art_of_shred said:
@Lakshmana Any site-to-site configuration, whether it is MPLS, VPN, or a cable running between the 2 buildings, should create a single LAN on the user side. You should see anything on the network at the other site just as you would see it if it was on a desk in the next room.
So just by attempting to ping the device on the other side should you be all set.
-
@Lakshmana said:
There are many projects are there in my office.
If I need to check the status of the Desktop or Laptop which is connected to the MPLS or Site-to-Site,how can I check?Should not matter. They are identical once you are on the network. You don't "connect" to either, they make the sites all appear as one.
-
My senior person told me find out the difference between the MPLS and Site-to-Site in one project because I asked him "What is the difference between the MPLS and Site-to-site?"
-
@Lakshmana said:
My senior person told me find out the difference between the MPLS and Site-to-Site in one project because I asked him "What is the difference between the MPLS and Site-to-site?"
Well, that would be because you asked him.
Now you do need to figure out what you mean by "site to site". Do you mean a site to site leased line, a site to site VPN or something else? All you have is the adjective, not the noun.
-
I mean Site-to-Site VPN.
My senior said that there is no leased line for the setup -
Site-to-site = 2 locations connected to create a single network
Types of "site-to-site" networks:- MPLS: the ISP provides a priority route between the 2 sites
- VPN: tunneling protocol over the standard internet connection to give a private link between the 2 sites
- Physical direct connection: an isolated cable/fiber connection actually runs from site 1 to site 2, linking the 2 sites as one local network
-
@Lakshmana said:
I mean Site-to-Site VPN.
My senior said that there is no leased line for the setupAh okay, that is quite different. I was explaining a site to site leased line. We normally would say VPN, not site to site. Never use site to site without the word VPN, that would be ambiguous.
MPLS is leased line, so if there is no leased line, how do you have MPLS?
-
And if you need security from the ISP's prying eyes, you can run a VPN over MPLS, of course.
-
Ok.I just heard the word but many basic are learnt from you guys.
-
The most common Site to Site VPN technology is IPSec. But you can use others too, OpenVPN's SSL VPN technology can also work well for this, for example. You can make a Site to Site VPN using Hamachi and, I believe, ZeroTier, too.
But it is generally assumed that IPSec will be used and almost always it is handled by a hardware firewall to set up the VPN connections on either end. You can do this with nearly any business class firewall including entry level devices like Netgear ProSafe, DD-WRT devices, Ubiquiti Edge devices, etc.
-
MPLS is a service that you buy from your ISP so you never "see" it in any way. To you it would look identically as if you bought a managed VPN service from the ISP where they kept the VPN gear at their location instead of at yours.
-
@scottalanmiller said:
MPLS is a service that you buy from your ISP so you never "see" it in any way. To you it would look identically as if you bought a managed VPN service from the ISP where they kept the VPN gear at their location instead of at yours.
I know what you're talking about, but man, if I didn't I could see where this would be confusing.
I'm wondering if I should try to explain it another way.
-
okay, i'm good at making things easy cause i'm dumb. so here you go!
MPLS = a service you buy from 1 ISP(same vendor). The ISP provides you with routers, and all of the infrastructure at each location. When it's finished your sites can all talk to eachother.
Site 2 Site VPN - this is where you or someone on your team has to know their stuff. you have to have internet at each location (vendor isn't important). You then will provide your own router/firewall at each location, configured (usually IPSEC) by you or your networking guy. The routers then use the internet and your configuration to create a secure tunnel between the two sites, when you're said and done the sites work together without any more interaction from you.
Benefits
MPLS is managed by someone else, you don't have to muck with it just monitor. this is good and bad. If their customer and quality of service are high this is great. If it's not high...you're gonna be bummed out when/if bad things happen. MPLS will more than likely have lower latency because you've got dedicated copper for the most part.S2S VPN is usually less expensive, and if your sites are geographicly seperate, you can use different vendors for your internet connection at each site. Just make sure your bandwidth is similar on each end.
Negatives
MPLS is not gonna be cheap, but you're paying for a service that you shouldn't have to manage, configure, etc. and it's a dedicated serviceS2S is going to be slower in my experience, you have to manage your routing equipment (not really a negative), more latency in my experience.
I'm tired now
-
oh, then there's VPLS
-
