EMAIL SUPPORT
dclessons@dclessons.comLOCATION
USSD-Access Fabric External Connectivity
SD-Access Fabric External Connectivity
SD-Access fabric sites needs to connect to external network like:
- Different Campuses
- Branch Offices ( Over WAN )
- Data Centers
- Cloud Networks
Now let’s see four main WAN hands-off options.
- SD-Access (LISP/VXLAN)
- SD-WAN
- MPLS-VPN
- VRF-Lite Over DMVPN.
To meet WAN integration with SD-Access, there are three Architecture aspects that needs to be taken in to consideration.
- Control Plane (Routing/Signaling Protocols)
- Data Plane (Encapsulation)
- Policy Plane (Endpoint Context )
SD-Access LISP/VXLAN Transport:
In SD-Access Multi-Site Model, Same Control, Data and Management Plane is used. This Site can natively extend VN and SGT with in same VXLAN encapsulation using LISP control plane over any WAN that support IP routing. In this Model Border node can be used as border node as well as for WAN Edge Functions.
With SD-Access Multi-Site, SD-Access domains can be extended to one or more close geographical location especially for Metro-Ethernet environment.
Below figure describes encapsulation and handoff method when SD-Access is extended over LISP/VXLAN transport.
SD-WAN Transport:
In this Model, SD-Access when integrated to SDWAN, VRF Lite will be used to extend the VN from SD-Border node to SDWAN edge Router.
SDWAN encapsulation will not be able to transport the SGT ID, to resolve this issue remote SD-Access border node can leverage the reclassification method where an SGT can be defined for an incoming / sub interface or subnet.
MPLS VPN transport:
In this Model, VRF lite VRF Lite will be used to extend the VN from SD-Border node (CE in MPLS-VPN) to MPLS PE Router.
In this model also MPLS encapsulation will not be able to transport SGT tag. To resolve this issue remote SD-Access border node can leverage the reclassification method where an SGT can be defined for an incoming / sub interface or subnet.
VRF Lite Over DMVPN Transport:
In this Deployment model, VRF lite VRF Lite will be used to extend the VN from SD-Border node to DMVPN edge Router.
Comment
TABLE OF CONTENTS
RECENT POSTS
- What is Docker and Why is It Important?
- Learn Python 3.0 Programming for Network Automation
- Cisco ACI Data Centre: A Comprehensive Overview
- How to Prepare for the Microsoft Azure AZ-305 Exam
- AWS Training Certification Course for Solutions Architect
- Cisco SASE Architecture
- SASE vs SD-WAN
- What is SASE
- Accessing Amazon S3 using AWS private Link in Secure hybrid method.
- Cisco Smart Licensing Policy
LEAVE A COMMENT
Please login here to comment.