Cisco SD-WAN Solution - Viptela Architecture Components and Configuration

Today I am going to talk about the Cisco acquired Viptela SD-WAN solution. SD-WAN is one of the most demanding technology in the modern era and many of the enterprises or other segments are looking to deploy them in their environment to have a automatic workflows in their WAN networks.

What is the basic difference of the traditional vs SD-WAN solution approach ?
Well now a days OEMs trying to put the data plane and control plane separate. So if you are looking on the SD-WAN solution devices they are driven by the orchestration controller which has control plane and the physical devices only have the data plane.

With the help of controller all the policies, configurations are automated and pushed to physical devices. No need to have the CLI configurations on the devices as all will be taken care with the help of controller. That is the big difference which makes your work easy and save your time to configure the various devices in one go.

Here in this article, I will talk about the Cisco SD-WAN solution components. I already discuss about the basics of the Viptela SD-WAN solution.
Note : Viptela is acquired by Cisco and hence the solution name is Cisco SD-WAN solution.

For basic information, check the below mentioned link for your reference

Cisco Viptela SD-WAN solution

What are the basic components of Cisco SD-WAN solution ?
Below are the four major components of the Cisco Viptela SD-WAN solution.

Fig 1.1- Cisco Viptela SD-WAN components

vBond – initiates the bring up process of every vEdge device, at the first step it creates secure tunnel with vEdge and informs vSmart and vManage about it’s parameters like for instance ip address. It has to be fully connected with every device.

vEdge – router which receive complete control and data policies from the vSmart, it is able to run routing protocol like OSPF, BGP to create connectivity on LAN side but also with MPLS provider if necessary. It establishes secure IPSec tunnels with others vEdges depending on selected topology.

vSmart – this is a controller for your network, it is responsible for managing all control and data policies by using special Overlay Management Protocol (OMP).

vManage – fully manageable centralized portal to run and operate software defined network (SD-WAN).

Basic Configuration of vEdge configuration

RouteXP_vEdge1000# show running-config
system
 vbond ztp.viptela.com
 aaa
  auth-order local radius tacacs
  usergroup basic
   task system read write
   task interface read write
  !
  usergroup netadmin
  !
  usergroup operator
   task system read
   task interface read
   task policy read
   task routing read
   task security read
  !
  user admin
   password XXXXXX
!
logging
  disk
   enable
  !
 !
!
omp
 no shutdown
 graceful-restart
 advertise connected
 advertise static
!
security
 ipsec
  authentication-type ah-sha1-hmac sha1-hmac
 !
!
vpn 0
 interface ge1/0
  ip dhcp-client
  tunnel-interface
   encapsulation ipsec
   no allow-service bgp
   allow-service dhcp
   allow-service dns
   allow-service icmp
   no allow-service sshd
   no allow-service netconf
   no allow-service ntp
   no allow-service ospf
   no allow-service stun
  !
  no shutdown
!
!
vpn 100
 interface mgmt0
  ip address 192.168.10.1/24
  no shutdown

!

Basic vBond Configuration

vBond# show running-config 
system
 host-name         vBond
 gps-location latitude 40.7127837
 gps-location longitude -74.00594130000002
 system-ip         172.16.240.161
 organization-name "Viptela Inc"
 clock timezone America/Los_Angeles
 vbond 11.1.11.14 local
 aaa
  auth-order local radius tacacs
  usergroup basic
   task system read write
   task interface read write
  !
  usergroup netadmin
  !
  usergroup operator
   task system read
   task interface read
   task policy read
   task routing read
   task security read
  !
  user admin
   password encrypted-password
  !
 !
 logging
  disk
   enable
  !
!
vpn 0
 interface ge1/0
  ip address 11.1.1.14/24
  no shutdown
 !
 ip route 0.0.0.0/0 11.1.1.1
!
vpn 100
 interface eth1
  ip dhcp-client
  no shutdown
 !