Deploy & Configure vBond & Generate Certificate

Deploy & Configure vBond & Generate Certificate

To install vBond, follow these steps:

• Obtain software and verify system requirements.
• Deploy the OVA template. vBond is installed using vEdge Cloud OVA.
• OVA is preconfigured with four vNICs.
• Perform installation and initial configuration (hostname and Network Time Protocol, or NTP).
• Configure System-IP, Site-ID, Organization Name, vBond local role, and disable tunnel-interface.

Before commencing the vBond controller deployment, make sure that you size the VM accordingly with the overlay network design and scale. The more WAN Edge routers in your network, the larger your VM must be for deployment (virtual CPUs, RAM, and hard disk volumes). Solid State Drive (SSD) physical storage is required for normal vBond performance.

You may need to install additional vBond instances in multitenant deployment scenario, depending on the desired total number of supported WAN Edge routers for all of your tenants.

vBond is the first point of contact for every device in the SD-WAN, both controllers and edge devices.

After each reboot and at the first installation, every device in the fabric first reaches out to vBond to discover the other controllers, detect NAT, and so on. This initial connection is also the reason why the vBond IP address must be hard-configured on all devices. (Zero-touch deployment, discussed later, is a special case.)

The setup of vBond is similar to that of vManage, and the steps are largely the same. The notable exceptions are explained in the next figures.

The software used for vBond is the same as for vEdge Cloud routers. Therefore, when deploying an OVF template for vBond, use the vEdge Cloud OVA.

The OVA is preconfigured with four vNICs. Only two interfaces are supported for vBond: eth0 and ge0/0. For smaller deployments and lab environments, edit the VM before launching it, and lower the vCPUs from 4 to 2. Map vNIC1 to VPN 512 for eth0, and map vNIC2 to VPN 0 for ge0/0. Note that, by default, ge0/0 is assigned to VPN 0 for WAN connectivity. It is preconfigured for DHCP and IPsec encapsulation over the tunnel interface.

Both the default username and password are “admin.”

Once vBond VM has been setup and started, it will come up with factory-default configuration. Now some more basic and initial configuration still to be done manually so that devices can be authenticated and verified and can easily join the overlay network.

Once initial configuration is done, a full configuration templates can be created on vManage and then attaching these templates to vBond orchestrator.

Create Initial Configuration for the vBond Orchestrator from CLI Section

Login to the Viptela device via SSH with user admin, using the default password, admin. | Enter configuration mode:

Configure the hostname:

Configure the system IP address:

The vManage NMS uses this vBond system IP address to identify the device and can download the full configuration to the vBond.

Configure the public IP address of the vBond orchestrator which will allow all Viptela devices in the overlay network to reach the vBond orchestrator:

Configure a time limit to confirm that a software upgrade is successful: Time limit is between 1 to 60 mints.

Change the password for the user "admin" whereas The default password is "admin".

Configure an interface in VPN 0, over which an Internet or other WAN transport network can be connected and must be public IP address.

Commit the configuration:

Once overlay network is UP, create the vBond configuration template in vManage that contain the initial configuration. Use the following vManage Feature template.

• Use System feature template for hostname, system IP address, and vBond functionality configuration
• Use AAA feature template to configure a password for the "admin" user.
• Use VPN Interface Ethernet feature template to configure the interface in VPN 0