What courses does DClessons offer?

DClessons offers a wide range of online courses including SD-WAN & Cloud Networking, Data Center Technologies, VMware, Docker, SDN, and more.

How can I register for a course on DClessons?

You can register for courses on DClessons by visiting our registration page at https://www.dclessons.com/register and selecting your desired course.

What is the pricing for DClessons courses?

The pricing for each course varies. For example, the SD-WAN & Cloud Networking training is priced at $100. For detailed pricing, visit our course pages.

Is the training online or in-person?

All training provided by DClessons is fully online, allowing you to learn from anywhere, anytime.

Do I get a certification after completing a course?

Yes, upon completing the course and passing the assessments, you will receive a certificate of completion from DClessons.

SD-WAN VeloCloud Traffic Flow

Before we talk about how talk to SD-WAN network Branch and how migration is done, let’s understand what ports and Protocols are being used for communication on SD-WAN NSX VeloCloud environment.

Ports & Protocols for Communication:

Branch to VCO ( Orchestrator ) : for Management , TCP/443
Branch to Hub : data Traffic UDP/2426 ( tunnel to hub is created )
Branch to Hosted VCG or On-Prim VCC : Control and data UDP/2426
Hosted VCG or On-Prim to Orchestrator : TCP 443 for Management

SD-WAN Reference Topology:

Below topology will explain how NSX SD-WAN are connected by different method, how SD-WAN CPE is connected to MPLS and Internet via VRRP, How SD-WAN with L3 switch is connected, How Hybrid SD-WAN site is connected and How Non SD-WAN site is connected with SD-WAN CPE Internet connection.

Below is the figure that explains that:

HUB VCE Placement:

There are two options to which HUB can create Tunnel:

Option1: Route the private tunnel traffic through the firewall
Option2: Route the private tunnel traffic directly to the L3 core

Migration Work Flow

Following are the Migration flow of any WAN sites which has to be migrated from Typical WAN to SD-WAN using VeloCloud technology.

GENERAL FAQ

Which ports and protocols are used in VMware NSX SD-WAN (VeloCloud) communication?

In NSX SD-WAN, different components use specific ports for secure communication. Branch Edge to Orchestrator uses TCP 443 for management. Branch to Hub and Branch to Gateway use UDP 2426 for control and data traffic. Gateways also use TCP 443 to communicate with the Orchestrator for management functions.

How does traffic move between the branch, hub, and gateway in VeloCloud?

Traffic from branch Edges is encapsulated into secure tunnels and sent either to a Hub or to a Gateway, depending on routing policies and application requirements. Both control and data traffic typically use UDP 2426. The Gateway provides optimized internet access and dynamic path selection, while the Hub enables private site-to-site communication.

What is VeloCloud traffic forwarding, and why is it important?

VeloCloud traffic forwarding refers to the intelligent steering of application traffic across available WAN links such as MPLS and the Internet. The platform continuously monitors link conditions like latency, jitter, and packet loss, and dynamically selects the best path. This improves performance, reliability, and overall user experience.

Where should the Hub tunnel be terminated in a VeloCloud deployment?

There are two common design options. The private tunnel can be routed through a firewall for enhanced security inspection, or it can be sent directly to the Layer 3 core for lower latency and simplified routing. The decision depends on security requirements and overall network architecture.

What happens during migration from traditional WAN to SD-WAN VeloCloud?

During migration, sites are gradually transitioned from a legacy WAN architecture to SD-WAN. Secure tunnels are established between branch Edges, Hubs, and Gateways. Traffic steering policies are applied, and hybrid connectivity is supported so that both traditional WAN and SD-WAN can operate simultaneously until migration is fully completed.

Where can I learn advanced VeloCloud traffic forwarding, real-world deployment, and troubleshooting?

This page explains the communication ports, topology basics, and traffic behavior in NSX SD-WAN. For in-depth learning, including real deployment scenarios, migration strategies, advanced policy configuration, and troubleshooting labs, you can explore the complete course available on the DCLessons platform.

Comment

FM

This is one of the most effective online courses on sd wan velocloud. It has step by step guide on the SD-WAN network Branch and how migration is done. To make things easier they have also explained ports and protocols needed to make this course easy even for laymen.
- Frini Moskofian
- Apr 16, 2023

VN

Based on my experience, I can say that the course will help you gain an understanding of architecture and usage. It is very important if you work in network operations. This course has helped me know how to build an extensive hands-on lab in which you enable core SD-WAN features, such as ensuring application performance using business policies are used.
- Viet Nguyen
- Jul 02, 2023

Please login here to comment.

EMAIL SUPPORT

LOCATION

SD-WAN VeloCloud Traffic Flow