Re: SD-WAN Packet Duplication

Mon, 15 Sep 2025 09:27:24 -0700 

On 2025-09-15 08:13, Mike Hammett via NANOG wrote:
One of the results of another thread mentioned that some SD-WAN technologies employ packet duplication across multiple WAN circuits as a part of their service. What are your experiences like with platforms like that? What would your recommendation be for a fairly low bit rate requirement of packet duplication? 


$DAYJOB-1 had three SDWAN flavors. (Note that these impressions are a 
few years old as of now.)



Barracuda: Packet duplication required both WAN links to have nearly the 
same latency. It worked, but deployment was limited to one or two 
customers, and we didn't support it.


Viptela: Packet duplication worked well.

 * The setup was a bit convoluted, but it was granular enough to packet 
duplicate types of traffic.
 * When I left, we had it working with a few customers. No issues that I 
remember.

 * IIRC we mostly used Viptela packet dupe for voice.

 * I don't remember what the SDWAN logs looked like, but I want to say 
that it was clear what the policy was doing.


Versa: Packet duplication worked well also.

 * Setup was easy and granular, similar to a firewall rule base. It's 
easy to enable packet dupe for specific flows.
 * Maybe 10 or so customers had it configured. Typical setup was (2) WAN 
circuits, but some packet dupe customers had (3) or more.
 * We had Versa packet dupe working for voice, medical imaging, and 
general Internet access.
 * The few packet dupe issues that customers raised were not issues with 
the Versa platform.
 * The result of an SDWAN policy decision is easy to see; the logs are 
structured similar to firewall logs.



Versa is my first choice for SDWAN-specific features, especially packet 
duplication and traffic routing. Its robust packet capture ability saved 
us more than a few times. (Viptela packet capture wasn't bad on the old 
hardware, but the C1k / C8k platforms aren't the same as the vEdges.)



Historically, Versa struggled with their NG firewall feature set back in 
2017-2018. I'm sure the bugs are worked out by now, but do test that 
thoroughly if you intend to use those features.



Viptela is a solid second choice, especially if you don't want to 
onboard another vendor. Packet dupe works as advertised.


Feel free to hit me up on- or off-list with further questions.

HTH,

-Brian
_______________________________________________

NANOG mailing list 
https://lists.nanog.org/archives/list/[email protected]/message/PJVL3Y7CPIQKVRLQXNE7QBVRBBE2PI75/





















					Reply via email to