We've got a remote site with under ten users/workstations and typical office needs (web surfing, network shares, printing, etc). Up until now their sole network connection has been a single PtP T1 to our head office. This T1 delivers all voice and data traffic (channelized 50/50 for data/DSX voice to our PBX). Needless to say, that isn't much data bandwidth for a workgroup.
Bandwidth needs for this site are about to increase, because they are installing a new monitoring network for a large amount of equipment, and a vendor will need some kind of constant remote access, possibly RDP.
I'm reviewing two options for upgrading their connection:
- Bonded T1. We get ridiculously cheap PtP T1's: We pay $85/mo per T1. So if I order a second T1 for this site and bond them, we will have ~3Mbps throughput for roughly $170/mo. I would still have to steal roughly 25% of the aggregate bandwidth for voice traffic, so this still would not be a huge pool of bandwidth for data use.
Advantages: Cost, upstream bandwidth, potential reliability.
Disadvantages: Potential complexity of setup (I would have to replace the simple Adtran DSU we use with a more powerful router + WICs), relatively low bandwidth vs cable, initial hardware cost. - Cable Site-to-Site VPN. I can get a Time Warner Business Class cable connection at this site for $130/mo for 15Mbps down, 1Mbps upstream. The catch is that I will need to maintain the existing T1 at this site for voice service, since I can't currently send our TDM PBX traffic over an IP network, especially a remote VPN. Additionally, I would likely use a SonicWall subscription service for remote web filtering/security so the web traffic can be safely split-tunneled off the VPN. So $130 (cable) + $85 (T1) + ? (SonicWall sub) = roughly $250/mo, versus $170/mo for the bonded T1s.
Advantages: Downstream bandwidth (by a large margin), simplicity of remote VPN configuration and maintenance, initial hardware cost
Disadvantages: Cost per month, limited upstream bandwidth (1Mbps), potential reliability of cable vs PtP T1
The third option would be to order two additional T1s (3 total) for ~4.5 Mbps aggregate bandwidth at roughly the same cost of the Cable scenario.
Are there any significant factors I'm overlooking? I should note that I currently have a remote VPN over Cable (identical setup as I'm considering for this site) at a different remote site and it's working beautifully. I also have remote PtP T1's at numerous other sites with good success, but no bonded T1s like I'm looking at here. I've never done MLPPP bonding before so I'm a little nervous about it, compared to a simple Site to Site VPN.
As far as reliability, it seems to be a wash. T1s are supposedly rock solid, but the copper facilities in our area are ancient and we have frequent outages after heavy rains, and the repair downtime can be hours or even days. I haven't observed any significant cable outages since we've been using them, but a non-PtP connection does carry extra risk.
Finally, the split-tunnel aspect of the VPN would be useful, minimizing the bandwidth toll of web surfing traffic to/from our head-end. It would also allow for more creative routing of the remote management needs from vendors while keeping them off the local LAN.
Thoughts & advice?