Citrix and VoIP performance


#1

Hi There,
We are currently looking at options for VPN bonding for VoIP and Citrix users and were hoping for some input.

Due to the nature of our business we setup about 30 temporary offices for a period of time 6-24months and then move on. The sites are a mixture of SHDSL/ADSL and 3G/4G wireless depending on lead-in availability. User numbers typically range from 2-30.

The reason for this post is to see if there are any users that are currently using Peplink equipment in the real world with this type of traffic (VoIP and Citrix) via unbreakable VPN? As we are coming up against larger sites in regional areas without lead-ins we need to look at options to make 3G services more reliable and to mitigate latency.

I realise there is a case study for Pluss which covers this type of scenario, but there just doesn’t appear to be much else in the forums or on the internet. The Peplink site also seems to make no mention of Citrix or Terminal services as a use case which makes me nervous. Likewise when they talk about QoS they only mention gaming!

If Peplink employees are looking at this I would also be keen to get a rundown of your product vs Viprinet for this type of scenario. I’m also assuming Peplink equipment is able provide QoS on these services?

Thanks,
Derek


#2

Hello Derek, thanks for posting. We are working on a couple more VoIP-related case studies; the next one should be ready within the week. Peplink routers do support Citrix and Remote Desktop Services. In fact, Pluss uses Citrix for their deployment.

We do support QoS for VoIP applications, here is a screenshot showing a Balance unit with Skype traffic placed on high priority:


Because our products and approaches are different, it is difficult to perform a like-to-like comparison. However, here is a page showcasing our value as a VoIP solution, we hope you find it useful.


#3

We do VoIP and Citrix over Speedfusion. We have a bunch of sites connected with Balance 580s and 710s, as well as remote workers with Pepwave Surfs. We don’t have any cellular data in the picture though - it’s all wired connections.

Honestly everything pretty much just works. Citrix is no problem whatsoever. VOIP is fine 99.9% of the time with the very occasional audio glitch caused by ISP issues. This is exactly the same experience as we have with regular IPsec tunnels on Cisco equipment (except the failover/balancing on the Peplink equipment is much more dynamic and responsive). The QoS options in the Peplink software let you prioritize voice traffic locally, but of course you can’t control what downstream ISPs do to your traffic!

I do think you can be confident that Peplink kit will do the job for you - but neither Peplink nor any other vendor can make VOIP work over a truly crappy connection, and from what I understand high latency can be a problem on 3G/LTE connections.


#4

Hey Derek,
We’ve been using Peplink at all of our locations for over a year now and it has been fantastic. We tried a bunch of different products but none came close to keeping the VPN online persistently like Peplink. The QoS helps to keep our VoIP running smoothly between locations and we’ve had close to zero downtime because of unreliable internet connections. In fact, the only time the internet goes out anymore is when we have a power outage.

We have one primary connection for all sites, with a 4G USB stick plugged in and set to Lowest priority on the VPN. What this means is that the USB stick is online and connected all the time and participating in the VPN, but the only traffic that it uses is to ping to check for being online. If our primary goes down, the cell modem kicks in nearly instantly (quick enough to prevent our telnet sessions from dropping, our primary concern) and keeps everything going.

We used to have it set up so that it was in Standby mode. It would have an IP from the provider, but there is no checking for it actually being online (AFAIK). The time for it to fail over to that mode was a little longer, but still much better than the 30-60sec that many Dual WAN routers or devices from companies like Mushroom Networks take. The reason we switched from this mode is because we now have a big data plan and so we aren’t so worried about the data used to perform the uptime checks (about 100mb/day/cellular device when peered with 7 other locations on a 6 second check interval)

We still use other firewalls behind the Peplinks, but as for establishing our own WAN network on top of the internet, Peplink is our go-to.


#5

Hi Derek,
we are a certified Peplink partner.

For historical reasons we still use Viprinet equipment. And we are not happy with it for the following reasons:

  • Viprinet routers are ONLY Bonding devices
  • Viprinet routers support only star scenario for networking
  • Viprinet bonding is very complex to configure, because there are a great number of options
  • Viprinet routers comes without any security features like a firewall
  • Viprinet routers have a Webinterface, that does not look modern
  • You can’t use Viprinet routers standalone, for internet access you need a bonding receiving station.

Many of our customers use Peplink for a variety of applications, like connecting branches, mobile video surveillance, mobile offices worldwide. And they all happy with Peplink.


#6

Hi All,

This is really great information, I really appreciate it. It seems there are some really good advocates for these products. We are currently a Cisco shop but I hopping the bonding component of Peplink products are going to give us an edge.

It kind of appears that most people are using the VPN tunnels with 4G devices as a failover only. Does anyone happen to know if:

  1. There is an algorithm to allow a link to seamlessly burst across to secondary link if latency becomes high?
  2. Know how bonded cellular connections perform, in particular latency management in an active/active scenario?

When I was talking about QoS I was thinking more enterprise grade VoIP protocols rather than Skype, i.e. h.323 / SIP trunks. I’m assuming this would be implemented otherwise people would be screaming for it.

Likewise Citrix, Alan I know you said you support it but do you have a QoS profiles for it or any built in optimisations for it? Obviously pretty much all traffic is going to work over a bonded VPN, but not necessary well.

Dietmar, thanks a lot for the comparison to Viprinet. I don’t really care about setup complexity but you have detailed some really important points for us. I’ll take it that bonded performance is on par with Viprinet?

Regards,
Derek


#7

Hi Derek,

You’re right that a lot of enterprise customers tend to use 4G as a fail-over circuit only - this is normally because they are just looking for cellular fail-over if their main fixed links go down -so buy cheaper data packages for that purpose. However we have lots of customers using our MAX multi-cellular routers with just 4G/3G connectivity for temporary site deployments and in vehicles, so the choice of how you use a cellular WAN link is very much down to what you need to get out of it and the deployment scenario.

In answer to your questions:

  1. There is an algorithm to allow a link to seamlessly burst across to secondary link if latency becomes high?

A. Yes and No. When using session based load balancing we have a lowest latency rule so that the lowest latency link will always be favoured when sending traffic. This isn’t technically ‘seamless’ though since load balancing works at a session level - it is an automatic process however, and depending on the application/traffic in use, can appear seamless to the end user. If you want true seamless fail-over between WAN links then you need to use SpeedFusion our VPN Bonding technology.

With SpeedFusion, WAN links are given usage priorities where only available WAN connections with the highest priority will be utilized. So if you have a fixed line set to Priority 1 and a cellular link set to priority 2, the cellular link will only be used if the fixed line connection fails (saying that, the cellular link does have some keep alive traffic running over it to make sure its ready when needed). This hot fail-over is performed at a packet level and is seamless.

If you had both a fixed line and a cellular connection set to priority 1 (so active/active) we will always favour the healthiest lowest latency link in the tunnel, so if the fixed line WAN latency rises above the latency of the cellular link, traffic will effectively burst across the cellular link. Since SpeedFusion works at a packet level this is a seamless process.

  1. Know how bonded cellular connections perform, in particular latency management in an active/active scenario?

A. In an active/active bonded cellular scenario, traffic is sent down the lowest latency cellular WAN link. If the traffic saturates that first link, it will overflow to any available additional higher latency links, at which point overall latency across the VPN bonded tunnel will rise. You can of course use QoS within the SpeedFusion Tunnel to prioritise any type of traffic to improve the end user experience for time sensitive applications like VoIP over a bonded cellular connection.
Ultimately though, no matter how clever SpeedFusion is, the end user experience will naturally always be governed by the quality and bandwidth availability of the WAN links connected, and dependant on what applications are in use. For example I have personally used VoIP over bonded 3G services here in the UK when I moved house and was waiting for my fixed line internet to be connected. This worked great. I have also used VoIP and Citrix in a moving vehicle (I wasn’t driving of course) using the same bonded cellular set up which also worked great until we entered a tunnel where the Voip call dropped but Citrix just temporarily froze and then recovered.

Therefore its important to set customer expectations correctly when deploying any VPN bonding solution depending on the applications they want to use and their deployment scenario, SpeedFusion will do its best with any type of WAN link that’s connected, but it will struggle to provide a high quality VPN connection if the underlying WAN links are themselves of a very low quality. When using cellular links then, any improvements you can make to cell reception are well worth the effort. Nearly all of our partners who specialise in cellular bonding will use additional high gain external antennas and perform cellular provider surveys before customer deployments to guarantee they are providing the best quality cellular connections possible for SpeedFusion.

As for QoS, we have inbuilt application profiles for most traffic types to make things quick and easy to configure, or you can create custom rules based on protocol/port/IP or use DSCP values as required.
If you haven’t already, I recommend logging into the demo web interfaces for both the MAX and the Balance that we have on our website. You can see the full webui for WAN, SpeedFusion and QoS settings there and get a great feel for what’s possible.

MAX Demo: http://www.peplink.com/products/max-cellular-router/max-live-demo/
Balance Demo: http://www.peplink.com/products/balance/live-demo/

Kindest,

Martin


#8

Hi Martin,

Thanks very much for the detailed reply. I have a much better understanding of how Peplink products work and I did actually check out the demos during the week and learnt a lot from them.
I’m pretty confident Peplink has want we need and take steps acquire some trial units and deploy them in the field as proof of concept.

Thanks again,
Derek


#9

Hi DerekH, we have earlier used Peplink equipments and they are good. Now I have just established my new IT institute and I am using LG Vertical submit - Business Telephone System. It has good services in terms of voip etc. It has the capability to control 48 lines with single equipment.