Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1009
Views
3
Helpful
7
Replies

TLOC - Underlay or Overlay?

ChrisNewnham_
Level 1
Level 1

‎07-30-2023 12:23 PM

Would you say the TLOC is present in the underlay or overlay?

I think it is both, as the "next hop" for prefixes in an overlay VPN will resolve to a TLOC, and the TLOC contains the public and private address required to route the packet, in the underlay.

Labels:
7 Replies 7

MHM Cisco World
VIP
VIP

‎07-30-2023 12:27 PM - edited ‎07-30-2023 12:37 PM

TLOC is carrying underlay IP (transport vpn0 interface IP).

https://www.networkacademy.io/ccie-enterprise/sdwan/omp-overview

0 Helpful

MHM Cisco World
VIP
VIP
In response to MHM Cisco World

‎07-31-2023 03:33 AM

images (2).png

for this case I search in omp wireshark' but since the data  is encrypted we can not see inside.

But take look photo I share' the info. Inside OMP for tloc.

0 Helpful

M02@rt37
VIP
VIP

‎07-30-2023 12:35 PM

Hello @ChrisNewnham_ 

TLOC concept is associated with the SD-WAN underlay network, providing information about the physical locations and connectivity characteristics of the SD-WAN routers.

In the context of SD-WAN, the overlay network refers to the logical network that runs on top of the underlay network. The overlay network is formed by establishing VPN tunnels between the SD-WAN routers located at different sites. While the TLOC information is used to determine how traffic is routed in the underlay, the overlay network handles the logical routing of traffic between different sites using the SD-WAN tunnels.

 

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.
0 Helpful

ChrisNewnham_
Level 1
Level 1
In response to M02@rt37

‎07-31-2023 12:51 AM

I don't have access to my lab right now, but what is the next hop in the overlay, to a prefix on a remote site in the same VPN? (assuming no route filtering)

M02@rt37
VIP
VIP
In response to ChrisNewnham_

‎07-31-2023 01:03 AM - edited ‎07-31-2023 01:05 AM

Hello @ChrisNewnham_ ,

Next hop for a prefix on a remote site in the same VPN is typically the IP address of the local SD-WAN router (edge device) at the source site.

When a host at Site A sends traffic to a prefix (subnet) located at Site B, the traffic is first forwarded to the local SD-WAN router (edge device) at Site A. The local SD-WAN router then makes a forwarding decision based on the SD-WAN overlay's routing table. Since the destination prefix is within the same VPN and is known to the overlay network, the SD-WAN router identifies the best path for the traffic.

The local SD-WAN router uses its knowledge of the overlay network and the available paths (TLOCs) to forward the traffic to the next hop, which is the IP address of the local SD-WAN router at Site B. This destination IP address is the next hop in the overlay network, and it represents the gateway to reach the prefix at Site B.

As the traffic traverses the overlay network, it is encapsulated in SD-WAN tunnels and forwarded to the destination site. At Site B, the local SD-WAN router receives the encapsulated traffic, decapsulates it, and forwards it to the host in the destination subnet.

TLOC routes: https://nwktimes.blogspot.com/2021/04/cisco-sd-wan-part-iii-overlay.html

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.
0 Helpful

svemulap@cisco.com
Cisco Employee
Cisco Employee

‎07-30-2023 05:25 PM

To be more precise, 

TLOCs  = Transport Locators 

are the attachment points where a WAN Edge router connects to the WAN transport network.

A TLOC is uniquely identified and represented by a three-tuple, consisting of

{System IP address, Color, Encapsulation ( [GRE] or IPsec)}.

TLOC routes are advertised to vSmarts via OMP, along with a number of attributes, including the private and public IP address and port numbers associated with each TLOC, as well as color and encryption keys. 

These TLOC routes with their attributes are distributed to other WAN Edge routers. Now with the TLOC attributes and encryption key information known, the WAN Edge routers can attempt to form BFD sessions using IPsec with other WAN Edge routers.

The SDWAN Design Guide has additional info.:

https://www.cisco.com/c/en/us/td/docs/solutions/CVD/SDWAN/cisco-sdwan-design-guide.html

HTH

Kanan Huseynli
VIP
VIP

‎07-31-2023 03:26 AM

Hi,

I'd call it as part of overlay. Interface "becomes" TLOC when it has tunnel interface configuration and respective configs under this tunnel interface. TLOC has attributes like color, encapsulation, private and public IP, encryption and integrity keys etc and advertised as TLOC route in OMP towards vSmart from local router. All of stuff it has is related to overlay and to build overlay network.

However, its physical interface uses IPs for underlay reachibility, I'd still call it part of overlay.

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

0 Helpful
Customers Also Viewed These Support Documents