At Kadiska, we often hear from companies: “What’s the point for us to know about the origin of Internet degradations? In all cases, we cannot do anything about it!”. Internet connectivity support the access to SaaS applications and cloud services. Hence, it is critical to manage this as network quality drives SaaS performance.

The goal of this article is to explain how organizations typically connect to the Internet and SaaS platforms through transit providers and the concrete actions they can take to solve network performance problems.

Let’s first look at how companies’ internet connections typically work.

How does your internet connection work?

IP transit

The simplest way to connect your organization to the Internet is by directly connecting to a local Internet Service Provider (ISP).

Company Internet connection through local ISP

In this case, you get one or multiple public IP addresses from your ISP, according to your requirements.

Transit providers

Some companies have their own AS (Autonomous System).

Company Internet connection through transit providers

In such a case, they use public IP addresses from their own AS range and typically peer to multiple transit providers.

How does BGP influence the network providers used in the path?

BGP is the core protocol used by the Internet to route packets from a source to a destination through multiple network providers.

As an organization, you have the ability to influence the way your data will transit on the Internet. Nevertheless, your range of action depends on two factors :

  1. The direction of the data (incoming/ingress traffic vs outgoing/egress traffic)
  2. Whether you own your AS or not

Outgoing traffic

When you connect to a local ISP, you do not have much under control. You know that your data will be handled by this ISP, that will route your data, either to the destination or to the next network provider depending on its peering configuration.

When you own an AS, you have a much greater level of control as you can decide to which transit provider you route your data. Nevertheless, you do not have any control on the peering configuration your transit providers have. So you have no control over the network path once your data leaves your direct peers (the transit providers you connect your own AS to).

Incoming traffic

The level of control you may have on incoming traffic is quite limited. Its path is driven by the transition from one network provider (AS) to another, up to either your local ISP or your direct peers in case you have your own AS.

SaaS & BGP

Connecting to SaaS platforms follows the same principles explained above.

For example, if you have your own AS as an organization, you will typically connect to one or multiple transit providers, that in turn will connect to the Cloud Service Provider (CSP) delivering the SaaS platform you connect to. 

This can be done directly from your transit provider to the CSP or your transit provider may peer with upstream providers.

SaaS connection from your own AS through multiple network providers

In this context, the egress traffic path is directly driven by your AS configuration. Your peering configuration determines to which transit provider the traffic will be routed, which in turn, transfers the data to the next provider(s), up to the SaaS destination.

At the other hand, ingress traffic path is mainly driven by the CSP peering configuration on which you obviously do not have any control. Nevertheless, you can still act at your end of the communication by controlling your peering with local transit providers.

Network path and SaaS performance

When you connect to SaaS platforms instead of accessing local resources, the performance is greatly driven by the network performance.

This performance is mainly expressed in terms of latency and packet loss, which in turn are of course driven by the network path.

What can you do to optimize performance?

As seen previously, network performance drives SaaS performance.

And network performance on the Internet depends on the network paths, which are configured through BGP peering between network providers.

As an organization, what can you concretely do when you experience SaaS performance degradation due to network issues?

Well, the following table gives some perspective:

Connection to a local ISP You have your own AS
Egress traffic
  • Open a support ticket to your local ISP
  • Open a support ticket to the CSP that delivers the SaaS platform or the SaaS provider
  • Modify BGP policy or route
  • Change transit provider or establish a new peering
Ingress traffic
  • Change ISP
  • Kill the ongoing BGP session
  • Stop announcing your AS prefix to the worst transit provider(s)
  • Change transit provider or establish a new peering

Where to start?

When looking at SaaS platform performance management, you have to know about key SaaS applications driving your business. It looks quite obvious but shadow IT may play a role in your organization you are not aware of.

Once this first exercise is done, it’s time to focus on performances. As explained above, performances are driven by network traffic paths in both directions. In case of degradation, you can take some actions, whose scope depends on your specific situation (having your own AS or not).

But you’ll not be able to act accordingly without first monitoring these network paths and related performance metrics!