Showing results for 
Search instead for 
Did you mean: 

Choose one of the topics below for SD-WAN Resources to help you on your journey with SD-WAN

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC!
We will not comment or assist with your TAC case in these forums.

S. B

How to have Symmetric Traffic/SDN-WAN(Internet Edge Layer Router)


Is there any good solution with SD-WAN on Internet Edge Routers for controlling the outgoing traffic to the service providers from the customer side? (except using PBR solution)

And how does it exactly work ?


We want each buildings send/receive traffic to go through a specific ISP, while all providers can act as backup for others.


For controlling the incoming traffic, its easy.

Just advertising the specific/24 of the building + the complete /22 address, to each provider.


How about the outgoing traffic?

As we want it symmetric, so each building will send their own traffic from their specific service provider, that we have set the receive traffic to come from that direction(with BGP subnet advertisements).





Kanan Huseynli



just several question to understand scenario. As I get, you have 3 building with each 2 router and you have 2 separate internet routes with peering 3 ISP, right? Are all routers SD-WAN routers or only 2 ISP facing ones? If ISP facing ones are SDWAN,then what VPN do you use for buildings facing interfaces? VPN0 or separate service VPN or multiple service VPNs( per building). As I understand, building routers do NAT, then how do you advertise NAT subnets to your internet routers?




Maybe i can make this look simple.

We have 2 Edge Routers and 3 ISP connections, which are connected to both of these routers, as the image above.

Now we want to have symmetric traffic. 

Our Provider Independent IP Address is X.X.X.X/22, which we have split it to 4 X /24 addresses.


For controlling the incoming traffic, its easy.

Just advertising a specific/24  + the complete /22 address, to each provider. So we are managing, how to receive the Incoming traffic of each /24 subnet.


How about the outgoing traffic?

As we want it symmetric, so we want to send each /24 traffic from the ISP that we have managed to receive the traffic from it. 


This can be done via PBR. which makes it complicated in failure scenarios.

Can this be done via the 2 Edge routers being SD-WAN routers?


Hi Kanan, 

About your questions

1 - no SDWAN routers.

2- building routers do nat. by dynamic routing, its advertised to the edge routes

Kanan Huseynli

It would be better if you answer my question,but anyway...


if your ISPs send you default route,then you may do this method:


add 3 building networks in different VRF with respect to border routers, then do import default route (from ISPs) from global routing table into VRF table but with different attributes (local preference, for example).


Software-defined networking wide area network (SDN-WAN) is a term used to describe how network operators can leverage SDN to deliver services more efficiently across multiple technologies like MPLS, LTE, or broadband. The more commonly used term is software-defined wide area networking (SD-WAN).