cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
617
Views
0
Helpful
2
Replies

SD-WAN policy

Hi sdwan-lovers,

Suppose local site has 2 internet channels (ISP A and B), but remote has only one (ISP C). Normally, 2 IPSec are established between sites: A-C and B-C.

If ISP A has 100mbps, but B has 10mbps, we normally need to enforce local routes to go over ISP A to reach remote site. In traditional network ,it is very easy just by manipulating routing protocol that run over tunnels (gre/ dmvpn etc).

In SD-WAN it seems no way to it with routing, we need to use local-tloc set, but it becomes more complicated and complex when number of sites are many and different number of transport internet channels are used on sites (one has 1 , another has 2 , the 3rd has three isp channels).

 

How do you manage policy when number of sites is more and number of channels per site is different? Especially, when you use both prefered/ backup paths for some traffic and ECMP with AAR for specific traffic (voice/video)?

 

If would be better to hear from those who did this type of jobs in production.

 

Thanks.

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

2 Replies 2

Watch this videos and you are going to see that in SDWAN is actually eaiser to do even though is more complicate to understand. Pay attention on video 2, minute 2:24 when it create the TLOC and add both Links (Colors) into TLOC.

 

https://www.youtube.com/watch?v=FJva8X8-nzw 

youtube.com/watch?v=nHS6AiFua6I&t=24s 

Hi Flavio,

 

unfortunately, these videos are totally unrelated to my case.

 

In videos there are 2 tunnels :inet and mpls and each has separate ipsec tunnel.

In mycase, on site has 2 internet and another has 1 internet. Since, remote site has 1 internet (i.e one TLOC) control policy does not help -> tunnel destination is the same.

 

regards,

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco