cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
529
Views
1
Helpful
7
Replies

SD-WAN TLOC Preference

apfeil
Level 1
Level 1

Question on TLOC preference. Quick diagram attached.

If private1 is set to higher TLOC preference, can it cause issue routing to sites that only have public-internet?

For example:

R1 should always route traffic across private1 to R3 and vice-versa.

R1 should route traffic directly to R2 and R4 over public-internet because R2 and R4 only have public internet.

I was going to modify a central policy that would prefer private networks over public by setting a higher tloc preference on the private colors. I just want to make sure this would not cause any routing issues with routing between sites. 

For example:

R1 should not route traffic to R3 to get to R4.

Thanks in advance,

Alex

 

7 Replies 7

Sorry can you more elaborate if this issue still not solve?

MHM

apfeil_0-1726231937713.png

This is what I am trying to accomplish. I am just wanting to apply preference on all internet circuits and MPLS circuits. However, some sites only have internet circuits. I do not want to break traffic to a site that does not have MPLS.

satveluc
Cisco Employee
Cisco Employee

Hi ,

 

From your Scenario I understand R1 and R3 has both Private1 and Public-internet whereas R2 and R4 has only Public Internet. In this case when R1 wants to communicate with R4 then R1 routing table has R4 site routes with next hop of R4 Public Internet TLOC only(because no private 1 color in R4). So R1 will send the traffic through R1pubInt:R4PubInt ipsec tunnel directly. R1 will send the R4's traffic to R3 only when it does not finds the R4 site specific routes in its routing table and default route pointed to R3

Thanks,
Sathish

apfeil_1-1726232037629.png

Here is a diagram of what I am trying to accomplish. I just want to make sure that after I apply the preference: 
1. A site talking to another site where each site have MPLS circuits, use the MPLS circuit both directions (symmetric)

2. A site talking to another site where one site has MPLS and internet and the other site only has internet talks to that site over internet and is not broken.

https://www.networkacademy.io/ccie-enterprise/sdwan/tunnel-groups 

I think this solved with TLOC group 
MHM

Yes its doable with the Preference. If you would like to have Site 3 to Site 4 Communication this can be achieved using Transport gateway which is used to connect two disjoint network. In this case Site 1 or 2 can be Transport gateway for Site 3 -Site 4 communication

 

https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/routing/ios-xe-17/routing-book-xe/transport-gw.html#transport-gateway-use-cases

Thanks,
Sathish

So sites 1 and 2 can talk to 3, and sites 1 and 2 can talk to 4. Even though MPLS is preferred on sites 1 and 2, the site with only internet is still reachable?

Review Cisco Networking for a $25 gift card