Dual homed multi site branch on SD-WAN

Juan Manuel Acuña · ‎01-23-2019

Hi guys,

Im currently trying to connect three branches over two mpls with a lot of wan links.

I have two branches that has two v1000 with 3 transport links on each (mpls1, mpls2, internet)

the third branch consist only in two v1000 with 2 links each (mpls1, mpls2), mpls providers cant see each other.

Client wants to share the links from one vedge to the other on each branch, via tloc-extension, so the vedges can use the 6 links or 4 in the brach without internet.

Im very confused on how i should set the colors with this setup, because im trying to setup like this and is not working:

Branch1 vedge1000-1:

ge0/1 private1 restrict

ge0/2 private2 restrict

ge0/3 biz-internet

ge0/4.100 tloc-extension ge0/1

ge0/4.101 tloc-extension ge0/2

ge0/4.102 tloc-extension ge0/3

ge0/4.200 private3 ??? (i cannot duplicate private1, because is already used on another link)

ge0/4.201 private4 ??? (i cannot duplicate private2, because is already used on another link)

ge0/4.202 ??? (i cannot duplicate biz-internet, because is already used on another link)

Branch1 vedge1000-2:

ge0/1 private1 restrict

ge0/2 private2 restrict

ge0/3 biz-internet

ge0/4.100 private3 ??? (i cannot duplicate private1, because is already used on another link)

ge0/4.101 private4??? (i cannot duplicate private2, because is already used on another link)

ge0/4.102 ??? (i cannot duplicate biz-internet, because is already used on another link)

ge0/4.200 tloc-extension ge0/1

ge0/4.201 tloc-extension ge0/2

ge0/4.202 tloc-extension ge0/3

Any help would be much appreciated !!

ekhabaro · ‎01-23-2019

>> have two branches that has two v1000 with 3 transport links on each (mpls1, mpls2, internet)
>> the third branch consist only in two v1000 with 2 links each (mpls1, mpls2), mpls providers cant see each other.
Do you mean that each vEdge has connectivity to same ISPs?

Juan Manuel Acuña · ‎01-23-2019

Hello,

Yes, mpls1 is providerA for the three branches (6 links total), mpls2 is ProviderB for the three branches (6 links total)

ekhabaro · ‎01-23-2019

Why do you need TLOC-extension then to the same ISP? This make setup overcomplicated. The only link you need to extend then is Internet uplink if you're using 2 different ISPs on the same site.

Juan Manuel Acuña · ‎01-23-2019

Yes, i know its complicated but the customer wants to share the two links, every link is 100Mbit so they can loadsharing and dont waste any link with no use

ekhabaro · ‎01-23-2019

You’ll get more issues than benefits from this solution. Better advise then to renegotiate contact, they don’t need 2x100Mbps links from same ISP when only one device is primary (you are going to use VRRP on service side I assume).

Juan Manuel Acuña · ‎01-23-2019

Yes, service side is using VRRP so only the first vedge will be the gateway, and thats why the wanted to share the other link (backup link), to ensure they can reach 200Mbps with that ISP, buts seems very difficult to achieve.

Same thing applies to internet, because if i share the connection i cant reuse the color

ekhabaro · ‎01-23-2019

Yes, I see source of confusion.
On ve1 you can use only odd numbers (e.g. custom1 - for internet, private1, private3, private5 - for MPLS uplinks) and for vEdge2 - even numbers (e.g. custom2, private2, private4, private6), then extend them via TLOC-extension.

Juan Manuel Acuña · ‎01-23-2019

There will be a huge mess with all those bfd sessions, ill try it, thanks for help !

ekhabaro · ‎01-23-2019

Yes, that's why I advise to avoid overpaying for 2x circuit from same MPLS SP. Since you'll have ECMP, you can use less bandwidth for communication, then TLOC-extension will be required only for 2 different internet ISPs