Choose one of the topics below for SD-WAN Resources to help you on your journey with SD-WAN
This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC!
We will not comment or assist with your TAC case in these forums.
Can I ask someone with better understanding of sad-wan help on following confusion points?
Does service VPN# have to match between sites? For example, there is one DC and one branch connected by the SD-WAN fabric. DC vedge is configured with VPN 10 represents the DC LAN. In order for branch to access DC lan over SD-WAN, is branch vedge must be configured with service VPN 10 as well?
Marketing material emphasizes the traffic segregation feature in the viptela SD-WAN solution. But this segregation is only applicable within the SD-WAN fabric, right? Once traffic exits out vedge on LAN side, the segregation would depend on LAN setup (whether firewall or ACL on core device) if any, right? If LAN side just provides plain routing/switching, then traffic would be able to communicate...Am I wrong?
Comparing with the traditional IPSec site to site VPN tunnel, what would be the benefit of SD-WAN, assuming there is only one Internet transport link per site/location and no office365/Azure?
1. If both are using same VPN they will communicate by default. If not, you need to create an extranet policy (similar to vrf route leaking) to communicate between DC and Branch.
2.Your understanding is correct.
3. You would get the benefit of FEC and packet duplication feature (check 19.1 release notes below)