EMAIL SUPPORT

dclessons@dclessons.com

LOCATION

AF

SD-WAN Viptela Templates

SD-WAN Viptela Templates

SD-WAN Viptela Templates

Cisco SD-WAN Viptela provides various types of templates that is used to configure various configuration parameters via one Go and without CLI.

Following are the Template Benefits:

  • Scalable: you don't need to enter all the configuration commands needed for each device.
  • Used in Zero Touch Provisioning (ZTP) the device pulls the configuration from the template, allowing you to commission a device without accessing the console port.
  • Designing templates for a location such as campus, branch, home office, or data center, and all you have to do is to add site-specific values to the csv file that gets imported in the template to build the device configuration.
  • Controlled deployment and Single source of truth

 Template Planning:

Before creating templates plan on the following

  • Identify the device
  • Chassis number of the device
  • Identify the number of interfaces active
  • Circuit (transport) connections
  • Plan for an IP addressing scheme
  • Site id
  • Hostnames

Configuration Elements in a Device

Following are the parameter that is required to configure any device, as defined in below figure and these all parameter can also be configured by various Templates on vManage.

VManage: Types of Templates

  • Device template
  • Feature template

Device Template:  Device template are those specific to vEdge Model, but it can also be possible to create multiple Device template for same model due to location and function in network. Each device template can contain a number of feature template. This Device template cannot be shared between other vEdge Models, whereas Feature template can be shared across several models.

Feature template: It represents the configuration related to particular feature like System, VPN, Interface, OSPF, etc.

Below figure gives over all view of Device template components, a device template is made up of feature template grouped in to following Sections:

  • Basic information – It includes system, logging, AAA, OMP, BFD, security, archive, and NTP feature templates.
  • Transport and management VPN – It includes the templates used to configure VPN 0 and VPN 512, which includes BGP, OSPF, VPN interface, VPN interface cellular, VPN interface GRE, and VPN interface PPP feature templates.
  • Service VPN – It includes the templates used to configure the service VPNs, which contains the BGP, IGMP, Multicast, OSPF, PIM, VPN interface, VPN interface bridge, VPN interface GRE, VPN interface IPSec, VPN interface Natpool, and DHCP server feature templates.
  • Additional templates - it includes banner, Simple Network Management Protocol (SNMP), bridge, localized policy, and cellular feature templates.

Following are some Feature Template description:

  • System - Configure basic system information, such as site ID, system IP, time zone, hostname, device groups, GPS coordinates, port hopping, and port offset.
  • Logging - Configure logging to disk and/or to a remote logging server.
  • AAA - Specify the authentication method and order and configure Radius, TACACs, or local authentication, including local user groups with different read/write permissions.
  • BFD - Specify the BFD app-route multiplier and poll interval and specify the hello and BFD multiplier for each transport.
  • OMP - Change the graceful restart timers and advertisement timers and hold timers; change the number of paths advertised; configure an AS overlay number; choose which local protocols will be advertised into OMP; and change the number of equal-cost paths installed in the vEdge router.
  • Security - Change the rekey time, anti-replay window, and authentication types for IPSec.
  • Archive (optional) - Archive the full running configuration onto a file server within a time period specified.
  • NTP (optional) - Configure NTP servers and authentication if required.
  • VPN - Change the ECMP hash, add DNS servers, advertise protocols (BGP, static, connected, OSPF external) from the VPN into OMP, and add IPv4 or v6 static routes, service routes, and GRE routes.
  • BGP (optional) - Configure the AS number, router ID, distance, maximum paths, neighbors, redistribution of protocols into BGP, hold time, and keepalive timers.
  • OSPF (optional) - Configure router ID, distance, areas, OSPF interfaces, reference bandwidth, default information originate, metrics, metric type, and SPF timers.
  • VPN Interface configuration - Configure an interface name, the status of the interface, static or dynamic IPv4 and v6 addressing, DHCP helper, NAT, VRRP, shaping, QoS, ingress/egress Access Control List (ACL) for IPv4 and 6, policing, static Address Resolution Protocol (ARP), 802.1x, duplex, MAC address, IP Maximum Transmission Unit (MTU), Transmission Control Protocol Maximum Segment Size (TCP MSS), TLOC extension, and more. In the case of the transport VPN, configure tunnel, transport color, allowed protocols for the interface, encapsulation, preference, weight, and more.
  • VPN interface bridge (optional) - Configure layer 3 characteristics of a bridge interface, including IPv4 address, DHCP helper, ACLs, VRRP, MTU, and TCP MSS.
  • DHCP server (optional) - Configure DHCP server characteristics
  • Banner (optional) - Configure the login banner or message-of-the-day banner.
  • Policy (optional) - Attach a localized policy.
  • SNMP (optional) - Configure SNMP parameters, including SNMP device name and location, SNMP version, views, and communities, and trap groups.
  • Bridge (optional) - Define layer 2 characteristics of a bridge, including the VLAN ID, MAC address aging, maximum MAC addresses, and physical interfaces for the bridge.
  • Routing protocol templates, such as BGP or OSPF, and VPN interface templates are configured under a VPN. DHCP server feature templates are configured under a VPN interface.


Comment

  • AU

    The course helped me upgrade my skills and knowledge regarding in-depth networking. The software-defined wide area network has given me the confidence in designing, installing, arranging, and managing SD-WAN solutions in wide networks in a very short period of time. I would recommend this to everyone who wants to excel in their networking career.


  • MA

    After the successful completion of the course, I was able to build a lab at home from scratch with all the necessary steps. The training is very detailed, I was able to set up the controllers, and I received step-by-step instructions to configure ntp and sync all controllers with a ca server to be able to install certs. thank you.


LEAVE A COMMENT

Please login here to comment.