Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
383
Views
0
Helpful
5
Replies

vBond routing from WAN Edge

ChrisNewnham_
Level 1
Level 1

‎05-10-2024 12:06 PM

So if you have 2 transports from the WAN Edge, must it have ECMP to vBond in order for vBond to detect the public and private IP of both transports?

Say for example you had an MPLS and Public-Internet TLOC. The Public-Internet TLOC is (unwittingly) relying on NAT to the internet.

If the preferred route to vBond was via MPLS, will it ever use it's internet TLOC to try and reach vBond (assume it had a route out of this interface, that was less preferred, like a default route).

I guess if this wasn't an issue and the Internet TLOC is not using NAT, then it should still work as the public and private IP would be the same.

Thanks!

Labels:
0 Helpful
5 Replies 5

MHM Cisco World
VIP
VIP

‎05-10-2024 12:10 PM

The vbond have only one transport interface as I know.

So there is no ECMP there is only one control connection between vedge/cedge and vbond 

MHM

0 Helpful

ChrisNewnham_
Level 1
Level 1

‎05-10-2024 12:37 PM

I know the vBond only has one interface usually - I am saying how can the vBond detect the public NATed IP of the Internet TLOC, if the private TLOC is used for the control connection.

0 Helpful

MHM Cisco World
VIP
VIP
In response to ChrisNewnham_

‎05-10-2024 12:43 PM

Vedge use private IP to connect to public IP of vbond' 

Then mpls will NATing private IP to public vbond 

The vedge send it private IP inside control packet 

Here vbond will know the private IP

So as rule not only sdwab all protocol use this 

The IP header have public IP 

Inside Packet private IP 

So all device have mapped private to public 

MHM

0 Helpful

ChrisNewnham_
Level 1
Level 1
In response to MHM Cisco World

‎05-10-2024 12:46 PM

I said the NATing was on the internet TLOC, not MPLS. But the MPLS is the preferred route.

0 Helpful

Kanan Huseynli
VIP
VIP

‎05-11-2024 08:20 AM

Hi,

vBond is not only used for NAT detection.

It is also used to connect router to other controllers.

Normally and if possible you need to have route over all interfaces. But if you have reachibility over one interface only (which is common when MPLS does not have route towards controllers' IPs), then you should use max-control connections 0 under tunnel interface otherwise this interface is not considered for data plane tunnels.

Basically each interface should reach vsmart in order to be advertised as TLOC route and for this interface should reach vbond firstly (unless aforementioned command is used).

For you case: put /32 route and make access over all interfaces.

 

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

0 Helpful
Customers Also Viewed These Support Documents