Re: SDWAN - configuration push - Page 2

praveen-CCNP · ‎07-07-2025

when I pushed the configuration from manage, it has been pushed the OSPF configuration but rolled back to default with in 3 mins without any errors.

please share your suggestions to troubleshoot. I am new to SDWAN

praveen-CCNP · ‎07-17-2025

I should turn off OMP at this stage ?

omp
no shutdown
graceful-restart
advertise connected
advertise static

MHM Cisco World · ‎07-17-2025

Omp between vedge and vsmart this not effect

You use ospf under vpn0 which breaks connect from vedge to vmange and/or vsmart

There is something wrong in ospf you use for vpn0.

MHM

MHM Cisco World · ‎07-17-2025

https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/system-interface/ios-xe-17/systems-interfaces-book-xe-sdwan/configure-devices.html#id_119363

More about rollback timer

MHM

Kanan Huseynli · ‎07-18-2025

Hi,

can you share topology? what is the purpose of OSPF in underlay if you have static route?

can you share show control connections and show control connection-history during issue is happening?

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

praveen-CCNP · ‎07-28-2025

can you share topology? what is the purpose of OSPF in underlay if you have static route? I am using ospf to establish the underlay connection , static route is fall back to underlay connection while pushing out the config from vmanage.

can you share show control connections and show control connection-history during issue is happening?

DTLS connection breaks when I pushing the config with ospf configuration template with dual TLOCs

A. PEER PEER PEER SITE DOMAIN PEER PRIVATE PEER PUBLIC LOCAL REMOTE REPEAT

TYPE PROTOCOL SYSTEM IP ID ID PRIVATE IP PORT PUBLIC IP PORT LOCAL COLOR STATE ERROR ERROR COUNT ORGA
NIZATION DOWNTIME
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------
----------------
vbond dtls 0.0.0.0 0 0 90.1.1.3 12346 90.1.1.3 12346 public-internet connect DCONFAIL NOERR 3740 2025
-07-28T16:18:00+0530
vbond dtls 0.0.0.0 0 0 90.1.1.3 12346 90.1.1.3 12346 public-internet connect DCONFAIL NOERR 3136 2025
-07-28T16:13:34+0530
vbond dtls 0.0.0.0 0 0 90.1.1.3 12346 90.1.1.3 12346 public-internet connect DCONFAIL NOERR 1349 2025
-07-28T16:06:54+0530
vbond dtls 0.0.0.0 0 0 90.1.1.3 12346 90.1.1.3 12346 public-internet connect DCONFAIL NOERR 744 2025
-07-28T16:04:02+0530
vbond dtls 0.0.0.0 0 0 90.1.1.3 12346 90.1.1.3 12346 public-internet connect DCONFAIL NOERR 4332 2025
-07-28T16:02:27+0530
vbond dtls 0.0.0.0 0 0 90.1.1.3 12346 90.1.1.3 12346 mpls challenge_resp RXTRDWN SERNTPRES 83 2025
-07-27T10:12:50+0530
vbond dtls 0.0.0.0 0 0 90.1.1.3 12346 90.1.1.3 12346 public-internet challenge_resp RXTRDWN SERNTPRES 25 2025
-07-27T10:12:46+0530
vmanage dtls 100.100.100.1 1 0 90.1.1.5 12446 90.1.1.5 12446 mpls tear_down DISTLOC NOERR 6 2025
-07-27T10:07:58+0530
vbond dtls 0.0.0.0 0 0 90.1.1.3 12346 90.1.1.3 12346 mpls tear_down

=================================

vedge-2# show control connections
PEER PEER
CONTROLLER
PEER PEER PEER SITE DOMAIN PEER PRIV PEER PUB
GROUP
TYPE PROT SYSTEM IP ID ID PRIVATE IP PORT PUBLIC IP PORT ORGANIZATION LOCAL C
OLOR PROXY STATE UPTIME ID
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------
--------------
vbond dtls 0.0.0.0 0 0 90.1.1.3 12346 90.1.1.3 12346 NCPNETWORK mpls
- up 1:06:05:49 0
vbond dtls 0.0.0.0 0 0 90.1.1.3 12346 90.1.1.3 12346 publi
c-internet - connect 0
vmanage dtls 100.100.100.1 1 0 90.1.1.5 12446 90.1.1.5 12446 NCPNETWORK mpls
No up 1:06:05:30 0

vedge-2#

praveen-CCNP · ‎07-21-2025

After the NTP configuration on vmanage ,Vsmart ,vbond and Vedge . everything is working as expected

is it mandatory for pushing the config from vmange ?

praveen-CCNP · ‎07-21-2025

vedge-1# show ospf neighbor
DBsmL -> Database Summary List
RqstL -> Link State Request List
RXmtl -> Link State Retransmission List
SOURCE DEAD
VPN IP ADDRESS INTERFACE ROUTER ID STATE PRIORITY TIMER DBsmL RqstL RXmtL
-------------------------------------------------------------------------------------------------------
0 10.1.1.1 ge0/0 1.1.1.1 full 1 34 0 0 0

vedge-1#

praveen-CCNP · ‎07-29-2025

I have redistributed OMP routes in to OSPF and I can see the successful dtls connection for all the controllers but still my omp routers are not working , any suggestions.

vsmart# show control connections
PEER
PEER
PEER PEER PEER SITE DOMAIN PEER PRIV PEER
PUB
INDEX TYPE PROT SYSTEM IP ID ID PRIVATE IP PORT PUBLIC IP
PORT ORGANIZATION REMOTE COLOR STATE UPTIME
---------------------------------------------------------------------------------------------------------------------
------------------------------------------------------------------
0 vbond dtls - 0 0 90.1.1.3 12346 90.1.1.3
12346 NCPNETWORK default up 0:05:48:03
0 vmanage dtls 100.100.100.1 1 0 90.1.1.5 12346 90.1.1.5
12346 NCPNETWORK default up 0:03:49:35
1 vbond dtls - 0 0 90.1.1.3 12346 90.1.1.3
12346 NCPNETWORK default up 0:05:47:59

vedge#

vpn 100
name Service-VPN
router
ospf
timers spf 200 1000 10000
redistribute omp
area 0
interface ge0/1
network point-to-point
exit

omp
no shutdown
graceful-restart
advertise connected
advertise static

MHM Cisco World · ‎07-29-2025

Close this post and open new one please

MHM

praveen-CCNP · ‎07-29-2025

sure @MHM Cisco World