Get started Bring yourself up to speed with our introductory content.

Best practices for WAN design and capacity planning

Today's businesses are more dispersed and more dependent on their networks than ever. Employees, partners and customers count on data and applications traveling from point to point quickly and reliably at all times. The key to that is a WAN design that supports your company's needs and realistic capacity planning and bandwidth management. This guide will help you translate business needs into WAN requirements and technology specifications.

 In this guide:

  WAN design: What to consider
  WAN capacity planning: Building a methodology
  Determining WAN bandwidth requirements


   WAN design: What to consider

Organizations attempting to connect multiple offices or remote personnel must take into account a number of variables that will impact overall costs and network functionality. When designing and implementing wide area networks (WANs) that integrate voice, video, asynchronous and synchronous data and LAN traffic, all aspects of the organization's goals must be factored into the WAN design. Specific attention must also be paid to line charges, network throughput, security, and the inclusion of application and emerging technologies.

When designing a WAN, numerous factors must be considered. The first issue to consider is the organization and its short-, medium- and long-term goals. Among the factors to think about are:


  1. Staffing
  2. Existing applications
  3. Planned applications (it's very important to factor these into the design process)
  4. Local access requirements
  5. Remote access requirements
  6. End-user equipment (workstations)
  7. Network equipment (routers, switches)
  8. Connectivity outside the organization (to suppliers, stakeholders, customers)
  9. Competitive considerations

Requirements will change, depending on whether you are creating a new network, modifying an existing network or integrating an existing network with other networks. Assuming there is an existing network, the next step is to inventory the network, identifying the circuits and all associated hardware (routers, firewalls) and software supporting the network, and summarizing all network-related expenses. Finally, access to network performance statistics (such as throughput, latency and dropped packets) is needed to establish a baseline for the new network configuration.

WAN discovery, analysis and simulation
Let's assume we have an existing WAN based on a combination of fixed private lines and Internet-based virtual private networks (VPNs). Clearly the WAN must be designed to accommodate traffic generated at each network node as well as from remote users, plus traffic across the inter-node channels. Once the incoming and outgoing traffic statistics are compiled, the network topology is defined, and relevant operational and business-related data are identified, the new network architecture's design can begin. Unless a major business change (such as a merger or acquisition) is involved, the existing network architecture usually can be retained. The WAN may need to be slightly modified in terms of node positioning, device configuration and inter-node bandwidth, as well as local access bandwidth. It may be necessary to replace fixed private lines with an MPLS (multi-protocol label switching) architecture for cost and performance reasons.

But how do we determine the new architecture? The first activity is discovery, which identifies all components on the network. Several discovery software products are available. They typically consist of mapping software that locates and documents all devices on the network and includes critical device connectivity and interdependencies.

The next activity is performance analysis, which summarizes how the network is operating in terms of throughput, bandwidth, latency, and other key factors. When capturing network performance data, a network analyzer is often the tool of choice.

The data captured must next be analyzed in the context of current and future requirements. The most efficient and cost-effective way to do this is with network simulation software. However, it's not uncommon for organizations to develop their own home-grown methods for network analysis.

Assuming you prefer the software route, numerous simulation products are available. Three examples are Shunra VE Desktop, a Windows-based software that simulates WAN links so that applications can be tested under a variety of current and potential network conditions; WANDL IP/MPLSView, a multi-vendor, multi-protocol, and multi-layer traffic engineering solution for IP and/or MPLS networks, and Boson NetSim, a software application that simulates Cisco hardware and software and builds a virtual routing table to simulate a real network environment.

Managed services for WAN design
Additional options for designing WAN architectures are the carriers, networking consultants, and managed service providers. If your organization doesn't have the staffing or other resources needed to dynamically design and manage your WAN, consider third parties who can do all or most of it for you. Typical services include network design and provisioning, project management, help desk, network monitoring and maintenance, and management of all remote locations.

Once the newly redesigned WAN has been installed and tested, regular monitoring of network performance ensures that the WAN will continue to support the organization's needs. Assuming network managers are aware of planned applications and expanded (or reduced) requirements, the network design can continue to cost-effectively support those needs.


   WAN capacity planning: Building a methodology

When managing wide area network (WAN) capacity, it's not enough to buy additional leased lines and hope for the best. The key question when addressing network capacity planning is, "How much is enough?" Network managers must decide if it makes sense to configure the minimum amount of bandwidth or to over-engineer the network. They must regularly review network performance to know what capacity is needed, now and in the future. And they must always balance the need to meet user performance expectations against the available budget.

WANs are typically built with high-capacity node-to-node links such as DS3 (45 Mbps) channels, with lower-capacity links such as DS1 (1.544M bps) connecting from the major nodes to office locations. Internet-based networks, such as virtual private networks (VPNs), use low- to high-speed access (based on the requirements) from the originating user site to an Internet node, and the same or similar configuration at the terminating site.

Predicting application performance
Before deploying a new application on the network, networking professionals must first assess its possible impact on WAN resources. The following factors should be considered, as they can affect the delivery of data (e.g., frames, packets and segments):


  • Latency: Because it can take a long time for packets to be delivered across WANs, be sure to use protocols in which receivers acknowledge delivery of data, as this can measure round-trip time


  • Packet loss: It is possible, even in the best networks, for intermediate devices to lose packets. This may be due to errors, to overloading of the intermediate network, or to intentional discarding of traffic to enforce a particular service level


  • Retransmission: When packets are lost in a reliable network, they are retransmitted. However, this incurs two delays: 1) the delay from resending the data; and 2) the delay resulting from waiting until the data is received in the correct order before forwarding it up the protocol stack


  • Throughput: This describes the amount of traffic a network can carry, usually in terms such as kilobits or megabits per second.

These factors, and others -- such as the impact of network signaling, compression and encryption -- affect WAN performance. Fortunately, capacity planning solutions are available to ensure that WAN traffic is effectively managed to benefit all users.

The many facets of capacity planning
Network managers perform many tasks that factor into capacity planning, such as performance measurement, forensic analysis, load-testing and/or load generation. They are constantly receiving and collecting data from these activities. They also collaborate with application developers and IT departments who in turn depend on them to deliver network services. Let's briefly examine some of these activities:


  • Performance measurement: Network managers measure WAN performance using different parameters, such as per-port metrics (traffic volume on port 80 between clients and servers and the elapsed time) or end-user metrics (speeds of key functions)


  • Forensic analysis: Network operators can use sniffers to break down transactions by protocol and locate problems, e.g., retransmissions or protocol negotiations


  • Load generation: Software, network appliances or managed service providers can generate scripted traffic; this helps determine when network capacity has been reached.

Additional capacity planning factors include:


  • WAN design or topology
  • Existing voice and data traffic on the network
  • Devices connected to the network, e.g., routers, switches, PBXs, domain controllers
  • Connectivity to the public switched telephone network (PSTN), if needed
  • Network redundancy and resilience
  • Network security requirements
  • Growth of data volumes over time
  • Number of concurrent users
  • User response times
  • Long-running versus intermittent applications

Capacity planning methodology
Let's assume that WAN capacity planning will be performed once the network has been installed and is running. This makes sense because network operation is ever-changing. Thus, capacity planning ought to be a fairly regular activity. The steps below outline a simple methodology for capacity planning success.


  1. Understand the network's activities, e.g., the work it's expected to support. This includes applications such as email, voice communications, and remote access
  2. Discuss short-, medium- and long-term service and usage requirements of network users
  3. Gather network performance data from endpoints, routers, switches and other devices
  4. Review network performance audit reports, if available
  5. Analyze bandwidth usage and whether the existing network infrastructure is sufficient for the demand
  6. Determine the number and type of devices the network will need to support at the present and in future time frames (six months, 12 months)
  7. Use capacity planning and network design tools to analyze network configurations
  8. Based on results of network tools, determine the aggregate amount of bandwidth required, and correlate this into the type of circuit(s) that will support the traffic;
  9. Analyze the need for network redundancy and how this will translate into additional capacity;
  10. Test and validate the new WAN configuration using traffic generators as mentioned earlier along with network design software.

While capacity planning can take volumes to describe adequately, in this article we have offered a simple yet effective approach to the subject.


   Determining WAN bandwidth requirements

How can you build a network without knowing the bandwidth needed? Business and financial issues, competition and existing network topology issues will affect your decisions. Should you look at your bandwidth requirements in terms of the whole network or parts of it? Perhaps you can segment and subdivide your network so that issues in any one part won't limit your ability to address unique requirements of other parts.

In order to develop a network that fulfills your requirements today and can accommodate future demands, it makes sense to develop a migration path on a network-by-network basis, then revisit and reassess each element in that path over time. With market, business, and technology dynamics changing quickly, you must keep a watchful eye on your network so that it can dynamically support opportunities as they occur.

Gathering business information
When addressing bandwidth management, business issues cannot be overlooked. This means that as a network manager you must identify several key factors:


  1. Current and potential users of network resources
  2. Primary activities, such as email, file transfers and the applications to support them
  3. Types of devices to be used, such as PCs, laptops and printers
  4. Expectations for network performance
  5. Other applications currently being used, such as voice, and video
  6. Applications planned for future use
  7. Amount and frequency of data users plan to download or upload
  8. Security issues like data encryption.

Unlike servers and routers, which can be configured and reconfigured at any time, bandwidth as a network design element should be done correctly (e.g., optimized) the first time, when the network is first launched. After that, regular reviews of network performance are necessary to ensure that sufficient bandwidth is available.

Questions to identify bandwidth requirements
We can convert the above criteria into specific interview questions to ask when identifying bandwidth requirements. Schedule appointments with your key technical users, such as applications programming, database management, information security and data center, and key business departments such as human resources, legal, and administration.

For each current and potential department using network resources, ask:

  • How many users do you currently have in this department?
  • How many of them require network connections?
  • How many additions/deletions to staff are you anticipating in the next three to six months?
  • Where are your staff members located (time zones)?
  • How many will require remote access?


    For primary activities and the applications to support them, ask:

  • What are their primary functions?
  • What applications (financial, email) do they currently use?
  • How frequently do they use these applications?


    For types of devices to be used, ask:

  • What devices do your employees currently use on their desktops?
  • How many have attached printers?
  • What other devices are used?
  • What devices will be used for remote access?
  • How many will be remotely accessing the network?


    For expectations for network performance, ask:

  • What is your current assessment of response time (excellent, fair, poor)?
  • What level of response time would you like to see in the office?
  • What level of response time would you like to see for remote access?


    For other applications currently being used, ask:

  • How much does your department depend on voice communications?
  • How many calls does your department generate in a typical day?
  • Aside from applications such as Microsoft Office and email, what other applications are being used (such as video conferencing)?


    For applications planned for future use, ask:

  • What new applications are planned for your department?
  • How many people will be using them?
  • When are you planning to implement them?


    For amount of data users plan to download or upload, ask:

  • Typically what kinds of files are being uploaded or downloaded?
  • How often does your staff download or upload data, e.g., files, Internet?


    For security issues, ask:

  • How much of the information you utilize requires encryption?
  • What additional requirements for data security do you have, such as passwords?

    Once you have gathered subjective information about your user community, next begin gathering empirical network performance data. This information can be obtained using network analyzers. Continue with network design and configuration tools, test the network configuration, compare the carrier service offerings, and soon you'll have an efficient and cost-effective WAN.

    So, how much bandwidth is enough for your organization? Think of the answer in terms of "as much as you can deliver." And before you roll out any complex network analyzers, simulation software or other tools, be sure you understand the current and long-term requirements of your customers. With all the options available today, you can build the WAN you and your organization need.

    About the author: Paul F. Kirvan, FBCI, CBCP, CISSP, has more than 35 years experience in telecommunications and information technology as a practitioner, consultant, author and educator. He also specializes in business continuity and disaster recovery.

This was last published in March 2009