Difference between OMP session and Control-Connection

muthumohan · ‎12-10-2019

Hello,

SDWAN documentation is driving me crazy. Can't believe that there are so many mistakes and contradicting information in the official Cisco SDWAN documentation.

I am trying to understand the vEdge and vSmart affinity configuration. The more I read the documentation, more it confuses.

Anyway, here are my questions.

1. What exactly is the difference between an OMP Session and a Control-Connection? Are they same?

2. How many control-connections between vEdge and vSmart (if there is only one vSmart and the vEdge is connected to only one transport interface in VPN0, say internet)

3. Even if there are two tunnel interfaces in VPN0 (mpls, internet) on vEdge, there will be only one OMP session between a vEdge and a vSmart. TRUE or FALSE?

Any other clarification on these would be highly appreciated.

Thank you,

Mohan

David Aicher · ‎12-12-2019

1 - control connection is a dtls/tls connection for secure communication. OMP is similar to BGP and creates a session over TLS(ie the control connection)

2 - there is one control connection to vsmart per color

3 - there is no need to have multiple omp sessions to the same device from vsmart. However the vedge does need to have multiple control connections. It will not advertise the tloc to vsmart if there is not a control connection on that color.

you can verify this using the following commands

show control-connections

show omp peers

muthumohan · ‎04-20-2020

Hello David,

Thanks for taking the time to reply to my questions. Appreciate it.

I quote you, " It (vEdge) will not advertise the tloc to vsmart if there is not a control connection on that color"

The above confuses me. So, if I have two TLOCs on vE (say MPLS and Internet), two Control Connections to vSmart is established. And if my service-side LAN is 10.1.1.0/24, will this subnet be advertised to vSmart over both Control connections, with respective TLCOs? And if the connection to MPLS fails, we loose one CC and now vE advertises 10.1.1.0/24 only via the available CC, which is Internet. In this case, vE does not advertise MPLS TLOC via Internet CC to vS. Is this correct?

Thank you,

Mohan

Surjeet Singh · ‎12-25-2019

. What exactly is the difference between an OMP Session and a Control-Connection? Are they same?

OMP: is overlay management protocol which is used to exchange the route information for one site to other site.same like BGP, here OMP advertise three type of route OMP routes, TLOC routes, Service Routes and some other information like ipsec key and all. this protocol only run between vSmart and vEdge Devices.

Control connection is first step which is basically use to transfer all your information between vedge and controllers to securely transfer control plane information between each other.this use DTLS protocol to build connection.

2. How many control-connections between vEdge and vSmart (if there is only one vSmart and the vEdge is connected to only one transport interface in VPN0, say internet)

you will have at least three control connection one to each controller.

3. Even if there are two tunnel interfaces in VPN0 (mpls, internet) on vEdge, there will be only one OMP session between a vEdge and a vSmart. TRUE or FALSE?

yes it is true because you omp session is setup using vEdge system IP(virtual IP) this can be reached by any of the color mpls or internet.

Regards,
Surjeet Singh