Hybrid Multicloud Networking is Hard!

Editor’s Note: This blog was originally published in July 2022. It has been updated to include the latest information.

A hybrid multicloud architecture is crucial for any enterprise that wants to avoid vendor lock-in and get the best possible balance of infrastructure flexibility, innovation, cost-efficiency, resiliency and more. In addition, pairing multiple clouds with an on-premises environment can provide important security and data privacy benefits.

Considering these benefits, most enterprise IT leaders are no longer asking themselves if they should pursue hybrid multicloud. Now, the question is more likely how they should pursue it. An effective hybrid multicloud strategy requires network infrastructure that enables the uninterrupted flow of data to and from the cloud, and between different public cloud providers. To further complicate things, hybrid multicloud networking must incorporate many diverse components beyond the cloud services themselves, including branch offices, SD-WAN gateways and MPLS WAN networks.

With all these different elements in play, it’s no wonder some enterprises don’t know where to start with hybrid multicloud networking. In this blog post, we’ll drill down to look at exactly what makes hybrid multicloud networking so difficult for many organizations, and what they can do to help reduce that complexity.

Cloud-to-cloud routing presents latency challenges

The primary challenge for many enterprises is the simple fact that cloud regions are not available in all locations. This can have a serious impact on latency; to understand why, let’s consider the example of an enterprise based in my home city of Atlanta. Suppose that enterprise was looking to implement a simple multicloud use case: an application running on the Amazon Web Services (AWS) cloud that pulls user data from a Microsoft Azure database. Neither AWS nor Azure currently has a cloud region in the Atlanta area. This means all traffic would have to be routed hundreds of miles away to Northern Virginia.

If our hypothetical enterprise were running a traditional, centralized IT architecture, it wouldn’t be able to perform direct cloud-to-cloud routing between AWS and Azure. Instead, all workloads would have to pass back through the organization’s own private data center. This means that for the application to perform even the simplest task, traffic would have to pass from Atlanta to the Azure region in Northern Virginia, back to Atlanta, and then finally to the AWS region in Northern Virginia. Each roundtrip would take about 30 milliseconds to complete—more than enough latency to render many modern digital apps unusable.

When you choose Equinix to support your hybrid multicloud connectivity, you can move your cloud connectivity points closer to the providers of your choice. You can do this via colocation services in an Equinix IBX® data center, or by using virtual network functions (VNFs) from our Equinix Network Edge service. Either way, you’ll be able to keep cloud data closer to where it needs to be, and pass it between clouds as needed using Equinix Fabric® software-defined interconnection.

Also, Equinix Fabric now includes a built-in virtual routing solution: Equinix Fabric Cloud Router. With Fabric Cloud Router, it’s quick and easy to set up direct cloud-to-cloud routing, without the need to hair-pin traffic through a private data center or acquire physical networking hardware. The Fabric Cloud Router service also removes the need to send cloud-to-cloud traffic over the public internet, with all its inherent performance, privacy and egress cost implications. Thus, Fabric Cloud Router enables the reliable low latency required to keep multicloud applications running effectively.

Of course, you also have the option to use networking services offered by the cloud providers themselves. And doesn’t this seem like the simplest choice, since it allows you to acquire networking and cloud services from the same source? Not quite, as this approach gets more complex when you consider the need to integrate multiple cloud providers. Each cloud provider has its own unique approach to networking, so trying to support multiple clouds via a proprietary networking tool won’t be very intuitive.

In contrast, Equinix Fabric looks and works exactly the same no matter which cloud providers you choose to connect with. You can manage connections to the different providers from a single pane of glass using our self-service web portal. In addition, Equinix Fabric provides built-in support for automation via the Equinix Fabric APIs. This enables repeatable provisioning of cloud resources with minimal human intervention and helps avoid ClickOps—the time-consuming process of network administration via clicking through menu options in the cloud providers’ proprietary tools.

Connecting branch offices can lead to higher costs

Moving data between branch offices and cloud on-ramps is another networking use case that may sound simple enough, but becomes much more complex when you attempt to integrate it into your overall hybrid multicloud strategy. Connections between branch sites and clouds are typically created using site-to-site VPNs. All you need to create this connection is internet access in your branch offices. Your cloud provider can help set up the connection. However, data egress to users from the public clouds via internet VPNs incurs the highest tier of egress charges, which are typically metered by data amount.

Equinix can help address this problem as well. By deploying an Equinix Network Edge VNF device as your VPN concentrator—adjacent to the cloud of your choice—you can create private cloud connections for all your branch offices. Traffic will flow from the branch office to the VNF device over the internet, and then go back and forth from the VNF to the cloud over Equinix Fabric. Using private Equinix Fabric connectivity for data egress drastically reduces the metered egress cost, driving savings of up to 70%.

SD-WAN and MPLS can be difficult to integrate

Another significant challenge businesses face is integrating diverse elements into their hybrid multicloud network from remote edge locations where digital infrastructure services would typically be hard to find. SD-WAN is one example of a component that could be tricky to integrate into a global hybrid multicloud architecture from an “off-network” location.

Equinix Network Edge includes VNF devices that can be used as SD-WAN edge hubs, enabling private connectivity into the cloud from anywhere. Since these VNFs are available from many top vendors, you have your choice of SD-WAN technologies. In addition, you can program your SD-WAN devices to automatically use Equinix Fabric as their preferred path between locations, rather than the internet. This can provide significant performance, reliability and cost-efficiency benefits.

Furthermore, many organizations have determined that replacing MPLS outright may not be the best option for them. Instead, they’ll look for ways to integrate both SD-WAN and their existing MPLS technology, which of course has implications for their hybrid multicloud networking. Once again, Equinix digital infrastructure services can play a key role in enabling MPLS network integration.

Equinix Fabric is available in more than 60 metros across the world, giving you plenty of options to access software-defined interconnection directly from our facilities. However, we also provide the flexibility to use remote ports to tether into Equinix Fabric locations, from wherever you’re located. Once you’ve established this off-network Equinix Fabric connectivity, integrating MPLS into your core hybrid multicloud network becomes quick and simple.

Learn how Equinix Fabric supports a simpler approach to hybrid multicloud networking

There’s no denying that hybrid multicloud networking can be complex, time-consuming and costly, for all the reasons discussed above and more. However, the good news is that you don’t have to navigate the process alone. Our global colocation footprint, services like Equinix Fabric and Equinix Network Edge, and highly experienced Global Solutions Architects all come together to help make hybrid multicloud networking easier.

For a deeper look at why hybrid multicloud networking is so complex, get your copy of the Hybrid Multicloud Networking for Dummies e-book today. You’ll learn about the components of an effective hybrid multicloud network, how to optimize connectivity for better business outcomes, and how to future-proof your hybrid multicloud strategy.