A multi Wide Area Network (WAN) Site-to-Site VPN router is a router that supports aggregating the bandwidth of multiple interconnections, e.g., WAN connections for accessing one or more remote private networks. In some implementations, each TCP/IP session is routed to only one WAN. In this configuration, a single TCP file transfer session can only utilize the bandwidth of one WAN connection on each end. For example, in a session based site-to-site virtual private network (VPN) connection VPN traffic is routed to multiple WAN connections between two sites (e.g., sites A and B). In one implementation, M×N tunnels are initially formed between the WAN connections where M and N are the number of WAN network connections of site A and site B, respectively. Application TCP/IP sessions are then routed over the different tunnels. It is notable, however, that while a session based site-to-site VPN is able to utilize different tunnels for different sessions, a single download session in this type of connection is only able to utilize one tunnel.
In order to increase throughput of single data transfer sessions, routing schemes have been created in an attempt to utilize multiple WAN connections for a single TCP/IP session. In some cases channel bonding is implemented. For example, in bonded site-to-site VPN connections on multi WAN routers, data from a single TCP/IP session is distributed to multiple tunnels. In these arrangements, the M×N tunnels are utilized according to their respective uplink or downlink bandwidth, and the amount of data in a single session that is sent over these tunnels is distributed in proportion to the individual bandwidth ratios of the tunnels. These solutions, however, still fail to realize the optimum bandwidth potential of the multiple tunnels.
For example, suppose the M×N tunnels utilize multiple connections, each of which have different throughput bandwidth capabilities. Current bandwidth distribution schemas base the tunnel bandwidth on either a manually entered value or a static determination regarding the capability of the tunnel made before the transfer. This is partly due to the fact that prior art solutions generally have been applied to devices which have multiple channels that each have fixed bandwidth connections, i.e., each channel is a T1 connection, or each channel is a DSL connection; as opposed to devices which have variable bandwidth connections, i.e., different channels may utilize different types of connections. Additionally, many of these prior art solutions assume the existence of dedicated point-to-point connections between two sites. For example, site A and site B are connected by two T1 lines over two tunnels as opposed to 2×2 tunnels.
Under the current bandwidth distribution schemas some tunnels may experience increased packet drops during a transmission session, and therefore, may not perform according to the determined bandwidth distribution. In this circumstance, the determined bandwidth distribution is not necessarily the optimum bandwidth of the tunnel because the optimum bandwidth has experienced a change. When this occurs, if data continues to be sent at a rate that is higher than an optimum rate for the tunnel, the result will be increased congestion and an increase in dropped packets. As a result, not only does this phenomenon reduce the overall throughput of the bonded connections, it may also result in an overall throughput that is slower than the throughput that would have been realized had only one tunnel been used at least because the dropped packets must be identified and re-transmitted through the network.