EMAIL SUPPORT

dclessons@dclessons.com

LOCATION

NZ

Data Traffic across Private WANs

Data Traffic across Private WANs

Posted on Jan 27, 2020 (0)

Data Traffic across Private WANs

Now let’s suppose that your vEdge router is connected to Private network such as MPLS, Meto Ethernet, and let suppose that carrier hosting private network is not advertising router IP address to remote vEdge router which are on same private network at different sites. In this situation all remote site will not be able to exchange data traffic via Private network.

So to solve one solution was that, remote routers must route data traffic through local NAT over internet to vBond Orchestrator, which further provides routing information to direct the traffic to destination. But this solution add very much overhead for data traffic to reach to destination because vBond may be located very far distance from two vEdge routers which may be connected at DMZ.

To allow vEdge routers which are present on different Overlay network on private network to exchange data traffic directly using private IP address, there is requirement to configure WAN interface in same private colors.

Exchange Data Traffic within a Single Private WAN

Let’s see below, topology where two vEdge are connected to same private WAN, and is directly connected to PE routers of MPLS carrier provider Cloud. And if we want both router to communicate each other via private IP address, it needed specific configuration due to the following reasons:

  • The vEdge routers are in different sites with different site IDs.
  • The vEdge routers are directly connected to the PE routers
  • The MPLS carrier does not advertise the link between the vEdge router and its PE router

Here, Interface directly connected to WAN are not used for data traffic, instead loopback interface is used to handle data traffic.  This Loopback interface is source for DTLS connection and IPsec Connection and TLOC is created for it and it acts as transport interface and is in VPN 0.

To communicate over Private WAN , Set the interface color with Private WAN nomenclature.

vedge-1(config)# vpn 0
vedge-1(config-vpn-0)# interface loopback1
vedge-1(config-interface-loopback1)# ip address 172.16.255.25/32
vedge-1(config-interface-loopback1)# tunnel-interface
vedge-1(config-tunnel-interface)# color mpls
vedge-1(config-interface-tunnel-interface)# exit
vedge-1(config-tunnel-interface)# no shutdown
vedge-1(config-tunnel-interface)# commit and-quit
vedge-1# show running-config vpn 0
...
interface loopback1
ip-address 172.16.255.25/32
tunnel-interface
color mpls
!
no shutdown
!

On vEdge-2, you configure a loopback interface with the same tunnel interface color that you used for vEdge-1:

vedge-2# show running-config vpn 0
vpn 0
interface loopback2
ip address 172. 17.255.26/32
tunnel-interface
color mpls
no shutdown
!

Now data to actually allow out the WAN interface , you bind the loopback interface to a physical interface that connect to private network.
Here is the situation , where you don’t need any special configuration

• vEdge-1 and vEdge-2 both are configured with the same site ID.
• vEdge-1 and vEdge-2 are in different sites, and are connected to a CE router
• vEdge-1 and vEdge-2 are in different sites, connected to the PE router in the MPLS cloud, and the private network carrier advertises the link between the vEdge router and the PE router in the MPLS cloud.
• vEdge-1 and vEdge-2 are in different sites, communication is being done using their public IP addresses

Exchange Data Traffic between Two Private WAN


Comment

    You are will be the first.

LEAVE A COMMENT

Please login here to comment.