Technology
SD WAN

In this article, we are going to discuss about one of the most interesting and demanding technology i.e., SD-WAN. The following topics will be covered:

  1.  Introduction of SDN
  2. Traditional Network vs SDN
  3. Introduction of SD-WAN
  4. SD-WAN Components

Introduction of SDN

SDN stands for Software Defined Network. It is a software-based technology which provides a centralize control for the network. It makes a network more flexible and easier to manage.

   Types of SDN:

  1. Software Defined-Access (SDA)This software-based solution is used for campus networks or LAN networks.
  2. Application Centric Infrastructure (ACI) – This solution is used in Data Centre.
  3. Software Defined – WAN (SD-WAN) – This solution brings an advantage to Wide Area Network (WAN).

Traditional Network vs SDN

Traditional Network:

We can see in the below diagram that how we use to connect our network using traditional deployment method. The LAN users are connected to Access layer switch. The Access layer switches are further connected to Distribution layer switches. The Distribution layer switches are further connected to Core layer router in HA and the core routers are connected to firewall.

The following challenges were observed in traditional network:

  1.  Distributed Control: In our traditional network, we were required to configure each LAN devices on individual basis. It was not centralized.
  2.  Manual Configuration:  Event the same configuration was supposed to be configured on each device manually. It was a time-consuming task and there was a chance of human-error.
  3. Slow Extensibility: If we are needed to set-up branch network in new location, it was time taking process. We had to add the devices in Access layer, Aggregation layer & Core layer and manual configuration was required on each device.
  4. Software Upgradation Difficulty: The IOS upgradation was difficult as we had to upgrade the software on each device manually.

SDN Solution:

With SDN solution, we get a centralized controller to manage the devices as shown below.

The following are the advantages over SDN solution:

  1. Centralized Control: We can manage all the network from a centralized location.
  2. Automation: We can push the configuration from a centralize manager to the devices using template configuration. This provides the automatic configuration on devices that minimizes the human-error.
  3.  Fast Extensibility: This SDN solution provides the network extensibility very easier. We get Zero Touch Provisioning (ZTP) feature with this SDN solution that requires a very minimal amount of configuration on a device deployed in new branches.
  4. Low Cost: In traditional network, we were required more engineer to configure & troubleshoot the devices. With SDN solution, we are just required the limited amount of Network Administrator as all the devices are getting managed from a centralize manager. It helps to reduce the cost.
  5. Easy Upgradation: We can upgrade all the devices from the centralize manager automatically.
  6. Easier Troub shooting & Visibility: We can monitor entire network from a centralize manager that helps troubleshoot the network easier.

Introduction of SD-WAN

Before starting with SD-WAN, let us recall the traditional WAN edge device once. The traditional WAN edge devices were divided into two parts:

  1. Control plane
  2. Data plane

As shown below, the control plane & data plane are in the same chassis and interconnected with switch fabric.

As we know, there are two type of packets that could be entered on data ports

  1. Routing Packet: The packet which carries the information of routes.
  2. Routed Packet: The packet which carries normal data packet.

When a Routing Packet gets received on data port, it gets forwarded to control plane. Control plane or CPU creates a Routing Information Base (RIB) table and update the received routing information into its RIB table. Once updated the RIB, the RIB information gets handover to Data plane via switch fabric and Data plane update it into its FIB table.

If a Routed Packet gets received on data port, it will just be shared with Data plane and data plane will check the FIB table with exit interface information to forward it.

What different with SD-WAN?

In SD-WAN solution, we have separated the Data plane & Control plane. The Data plane is now located on SD-WAN edge devices (i.e., vEdge, cEdge, iEdge) and Control plane is located on controller (i.e., vSmart) at different location. The Control plane & Data plane get connected via Transport Circuit (i.e., MPLS (Multiprotocol Label Switching), Internet, and LTE etc.)

Note: In SD-WAN edge devices, there will not be Control plane or RIB table.

The routing information will be distributed to all SD-WAN edge devices (vEdge, cEdge) deployed at different-different location from controller (vSmart) so that they can communicate to each other.

SD-WAN Components

The following are the components of SD-WAN:

Controllers

  1. vManage
  2. vSmart
  3. vBond

             WAN Edge Devices

  1. vEdge
  2. cEdge

Note: ‘v’ stands for Viptela

            ‘c’ stands for Cisco

We will discuss one by one about every component of SD-WAN.

vManage: It includes the management plane. It is a virtual appliance. All the SD-WAN edge devices will be managed through this centralized manager. It provides GUI (Graphical User Interface) & CLI access of the SD-WAN edge devices. We can manage approx. 2000 edge devices from a single vManage appliance. We can also create a cluster of vManage and 6 vManage can be added in a single cluster.

               vManage Features:

  1. Central Provisioning can be done
  2. Centralized Policies can be pushed
  3. Centralized Templates can be pushed
  4. Centralized Troubleshooting and Monitoring
  5. Centralized software upgrades can be done.

vSmart: It includes the control plane. It is a virtual appliance. It distributes control plane information (route) to our SD-WAN edge devices using OMP (Overlay Management Protocol). It also acts as route reflector and reflects the route to other branches.

Note: All the policies for data traffic are defined centrally on vManage and distribute to WAN Edges using vSmart.

vBond: It includes the orchestration plane/security plane. It is also a virtual appliance.  It is used to authenticate our SD-WAN edge devices using certificate and white-list. It creates a DTLS tunnel to the vEdge/cEdge devices and share the information of vManage & vSmart. The session establishment occurs for a temporary basis and once the VManage & vSmart information are shared to vEdges/cEdges, the tunnel gets vanished.

Note: vBond must be publicly/privately reachable from vEdge/cEdge devices.

vEdge/cEdge: It includes the data plane. It communicates to vSmart controller using OMP protocol to setup the data flow. It could the physical device or virtual appliance. This article explains what SD-WAN is. We hope that while going through this article, you will be able to understand about the basic concept behind introducing SD-WAN and what components do SD-WAN have. In continuation of this blog, we will discuss how SD-WAN works in next blog. If You can also refer the blog  Prerequisite & Configuration for VSS for implementing VSS. You can also refer to another SD-WAN blog. You may visit Zindagi’s website  or contact us on 9773973971 in case of any queries.

Author
Sani Singh
Consultant – Enterprise Networking

Leave a comment

Your email address will not be published.