Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
519
Views
1
Helpful
4
Replies

SDWAN : WAN and LAN Extension from Nexus device to C-Edge VPN0 & VPN1

Sushil93
Level 1
Level 1

‎08-16-2023 10:32 PM

Hello All, 

Good Day to You !!

Hope you are doing well !!

Looking for your support and suggestion on the below Query: 

I have 2 Nexus devices on which 2 WAN links are terminated from different ISPs and LAN prefixes are received from the other multiple sites: 

I need to extend the WAN and LAN connectivity to C-Edge devices via separate physical connectivity for both. 

Will this scenario works or it may create issues on nexus ?

Note: we cannot remove Nexus as this is core part for communication between SDWAN and Legacy.

Scenario topology attached for your reference.

Labels:
Preview file
36 KB
0 Helpful
4 Replies 4

Kanan Huseynli
VIP
VIP

‎08-16-2023 11:06 PM

Hi,

actually, there is no special requirements from transport network by SD-WAN routers.

You can have VPN0 and service-side (VPN-X) over different physical ports. Just ensure proper L2/L3 connection from Nexus in proper VLAN etc.

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

Sushil93
Level 1
Level 1
In response to Kanan Huseynli

‎08-21-2023 06:47 AM

Hi Kanan, 

Thanks !! for your precious response !!

I want more elaboration from your end if you can guide and suggest,  as I mentioned above that: 

I have WAN terminations on my Nexus and other sites prefixes come to this Nexus via WAN interfaces as and due to which this Communication b/w the sites will happen. 

So, on the Nexus I have WAN terminations and along with the other sites WAN prefixes which will be treated as LAN prefixes for the Service Side VPN if I connect C-Edge Downstream to the Nexus per the topology attached.

Generally, in some of the used cases there is separate CE router and Core Switches are placed and due to which CE router WAN link are consider/connected  under VPN0 of C-Edge and the Core SW connected to the another interface of the C-Edge router as Service Side VPN.

But in my case both (WAN Termination + Core Switching/Routing) done on Nexus  --> which I think it will create banner/stopper for the deployments.

Request you to please share if you have any cisco doc. or see any used case in which both WAN termination and Routing happen on the same device further having physical connectivity to C-Edge device on different physical ports considering, one for the VPN0 and another for the Service side VPN,   so that I can take reference and will get more clarity as well as visibility.

Thanks in Advance !!

 

0 Helpful

abdul.qadir5001
Level 1
Level 1

‎05-13-2024 01:28 AM

@Sushil93 We have the same issue facing regarding this. Our ISP links are terminating on WAN edge routers. Due to this underlay is working fine but Control Connection is not establishing. 

0 Helpful

Rajeev Sharma
Cisco Employee
Cisco Employee

‎05-14-2024 06:44 AM

This is one of typical use case where LAN and WAN is terminated on same device and will successfully work as long as you keep LAN and WAN in separate L2 and L3 domains. Let me try to give you some overview:

1. All LAN/WAN prefixes will be in global routing table on Nexus,

2. VPN 0 interface will point towards default route towards Nexus,

3. Service VPN will have peering with Nexus to receive other sites LAN routes,

4. In current state, with just one site there no routing on overlay,

5. Everything goes via Nexus LAN routing except the control connections,

6. As a new site moves to SD-WAN the LAN subnet will be removed from Nexus and available via overlay.

HTH.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card