Are you working on Cisco Viptela SD-WAN migration and wondering how to go about it? Are you puzzled about how the non-SDWAN sites communicate with SDWAN migrated sites during the migration? Maybe this blog might throw some light on this matter.
I have just jotted my understanding of how SDWAN migrated sites can communicate with non-SDWAN sites via the Data Center, taking examples from both MPLS and Internet sites. I have made two diagrams, one shows the control plane, on how the routes can be exchanged between various sites and the other one shows the data plane on how the traffic between various sites flow.
I also have a third diagram that shows how the vEdge, Data Center core router, DMVPN router, and the Internet Firewall can be connected.
All the diagrams are self-explanatory for network engineers. The arrows in the Control Place diagram indicate the direction of route advertisements and the arrows in the Data Plane diagram indicate the direction of the data flow. To keep it simple, I have used much simpler notation for subnets, such as 10.X for Data Center etc.
The green tunnels in the control plane diagram are the DTLS/TLS Control connections to vSmart.
The red tunnels in the data place diagram are the IPSec tunnels between SDWAN sites.
The purple tunnel is the static (or DMVPN) IPSec tunnel to an Internet-only non-SDWAN site.
The blue lines depict the data traffic flow between various sites.
Please excuse my hand made diagram. It is a lot easier to make this with the hand rather than using software.
I am posting this to know your opinion/comments on this. If you have any questions or need any information, please feel free to ask in the comments section.
The Control Plane:
The Data Plane:
The Firewall Connections:
I have just jotted my understanding of how SDWAN migrated sites can communicate with non-SDWAN sites via the Data Center, taking examples from both MPLS and Internet sites. I have made two diagrams, one shows the control plane, on how the routes can be exchanged between various sites and the other one shows the data plane on how the traffic between various sites flow.
I also have a third diagram that shows how the vEdge, Data Center core router, DMVPN router, and the Internet Firewall can be connected.
All the diagrams are self-explanatory for network engineers. The arrows in the Control Place diagram indicate the direction of route advertisements and the arrows in the Data Plane diagram indicate the direction of the data flow. To keep it simple, I have used much simpler notation for subnets, such as 10.X for Data Center etc.
The green tunnels in the control plane diagram are the DTLS/TLS Control connections to vSmart.
The red tunnels in the data place diagram are the IPSec tunnels between SDWAN sites.
The purple tunnel is the static (or DMVPN) IPSec tunnel to an Internet-only non-SDWAN site.
The blue lines depict the data traffic flow between various sites.
Please excuse my hand made diagram. It is a lot easier to make this with the hand rather than using software.
I am posting this to know your opinion/comments on this. If you have any questions or need any information, please feel free to ask in the comments section.
The Control Plane:
The Data Plane:
The Firewall Connections:
Thank you.
Hello Mohan! the way you have explained about routing SD-WAN and Non SD-WAN sites with self explanatory diagrams are so much informational. If you are looking for network services especially SD-WAN in India ,"Skylark" would be the one stop solution for Data Center Networking,Wi-Fi Solutions,SD-WANs and Campus & Branch Networking. To know more,please visit
ReplyDeletehttps://blog.skylarkinfo.com/how-banking-and-financial-sector-uses-sdwan/