06-19-2019 11:43 PM
control-policy policy-name (in| out)
Would like to understand the difference between IN & OUT for the control policy command in SD-WAN.
I read Cisco documentation. But not able to understand clearly.
06-20-2019 12:27 AM
Hello,
you need to interpret in and out from the perspective of the vSmart.
In means when updates are sent to the vSmart, i.e. the updates received on vSmart.
Out means when vSmart sends updates to WAN edges.
So if you have a control policy in you prevent vSmart from learning certain info like TLOCs.
If you specify control policy out, the vSmart will filter updates preventing them being sent out.
Regards,
Danny.
06-20-2019 06:41 PM
Thanks Got it.
I am planning to configure route leak between different VPNs & control the routes between them.
So wanted to understand how to apply it.
From your explanation, I understand that it is always recommended to apply as OUT by which vSmart will filter updates preventing them being sent out to vEdge.
vSmart will control which route each vEdge should receive, if we specify the control policy as OUT.
06-29-2019 02:10 PM
There isn't really any "recommended" direction of applying the policy to. It just depends on what you want to achieve. Yes, in most cases it's in the out direction but there are cases when you want to control what gets to the vsmarts.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide