Choose one of the topics below for SD-WAN Resources to help you on your journey with SD-WAN
This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC!
We will not comment or assist with your TAC case in these forums.
we are in the the designing phase before we deploy viptela. we have around 2 dc and 10 branches. each branch have 1 internet and 2 mpls links. sip service from service provider is provided via mpls (ie service provider sip network reside in mpls), so all external incoming/outgoing call use mpls for calls. i believe that once viptela is installed, phone system/server wont be able to reach sip service because of overlay. is there a work around of this that somehow customer sip network get advertised/leaked from vpn 0 to service vpn.
my second query is, if all branches are not migrated to cisco sdwan and will use traditional router, is there a design that these non sdwan branches be able to communicate with sdwan branches and dc.
It is possible to leak routes between VPNs but that is normally between service VPNs. What I'm thinking is that it could be enough to put a static route in the service VPN pointing to VPN 0. For example, when doing local internet breakout, you could have a service VPN that has "ip route 0.0.0.0/0 vpn 0" to send traffic towards internet via VPN 0. I think you can reuse the same principle to add a static route for your SIP service in the service VPN to point to VPN 0.
To get traffic between migrated and non-migrated sites, you need a site, often a DC or HQ, that connects to both "worlds". That way, traffic will go through that location if it needs to go between the new and old network.
thanks for the reply,
outgoing call might work but i am worried about incoming call. if incoming call will hit vpn0, it will not be routed to Service vpn for phone to ring
Yes. That's a good observation. One option would be to have the service VPN peer with the MPLS router to learn routes straight into the service VPN. I will see if I can come up with any other designs.
You can also use NAT to allow traffic from VPN 0 to service VPN. But I feel this complicates the design.
Simple solution is to peer with MPLS route from Service side as Daniel mentioned.