Data Traffic across Private WANs
Data Traffic across Private WANs
Now let’s suppose that your vEdge router is connected to Private network such as MPLS, Meto Ethernet, and let suppose that carrier hosting private network is not advertising router IP address to remote vEdge router which are on same private network at different sites. In this situation all remote site will not be able to exchange data traffic via Private network.
So to solve one solution was that, remote routers must route data traffic through local NAT over internet to vBond Orchestrator, which further provides routing information to direct the traffic to destination. But this solution add very much overhead for data traffic to reach to destination because vBond may be located very far distance from two vEdge routers which may be connected at DMZ.
To allow vEdge routers which are present on different Overlay network on private network to exchange data traffic directly using private IP address, there is requirement to configure WAN interface in same private colors.
Exchange Data Traffic within a Single Private WAN
Let’s see below, topology where two vEdge are connected to same private WAN, and is directly connected to PE routers of MPLS carrier provider Cloud. And if we want both router to communicate each other via private IP address, it needed specific configuration due to the following reasons:
- The vEdge routers are in different sites with different site IDs.
- The vEdge routers are directly connected to the PE routers
- The MPLS carrier does not advertise the link between the vEdge router and its PE router
Here, Interface directly connected to WAN are not used for data traffic, instead loopback interface is used to handle data traffic. This Loopback interface is source for DTLS connection and IPsec Connection and TLOC is created for it and it acts as transport interface and is in VPN 0.
To communicate over Private WAN , Set the interface color with Private WAN nomenclature.
On vEdge-2, you configure a loopback interface with the same tunnel interface color that you used for vEdge-1:
Now data to actually allow out the WAN interface , you bind the loopback interface to a physical interface that connect to private network.
Here is the situation , where you don’t need any special configuration
• vEdge-1 and vEdge-2 both are configured with the same site ID.
• vEdge-1 and vEdge-2 are in different sites, and are connected to a CE router
• vEdge-1 and vEdge-2 are in different sites, connected to the PE router in the MPLS cloud, and the private network carrier advertises the link between the vEdge router and the PE router in the MPLS cloud.
• vEdge-1 and vEdge-2 are in different sites, communication is being done using their public IP addresses
Exchange Data Traffic between Two Private WAN
In below topology, Single vEdge router is connected to two different private WANs carrier providers.
Here following things has to be done on vEdge 1:
- Create Loopback 1 with color MPLS and carrier 2 and bind this over physical port interface Ge0/1
- Create Loopback 2 with color metro-Ethernet and carrier 1 and bind with Physical interface Ge0/0
On vEdge 2, Loopback interface with Color MPLS and Carrier 2 as this has only one WAN provider connectivity, don’t need to bind the interface with physical interface.
On vEdge 3, Loopback interface with Color mertro-ethernet and Carrier 1 as this has only one WAN provider connectivity, don’t need to bind the interface with physical interface.
On vEdge-1, the configuration in VPN 0 looks like this: