SD-WAN
SDWAN Lab
This section guides you to build your own SDWAN labs on a single Host Server like XenServer, VMWare, etc.
Running VM
- Download CB VWAN 8.1 VPX XVA image file from download.citrix.com
- You need atleast 4 GB RAM for a single VPX.
- Configuration is done only on the Master Control Node (MCN).
Managing VM
- Once VPX is Up and running, login into VPX console.
- Type command 'management_ip', press enter.
- Enter command 'set interface 10.107.88.84 255.255.255.224 10.107.88.65'
- Now enter command 'apply'
Enabling VWAN
- Login into WebUI
- Upload & apply License
- Now Enable MCN
CB-VW GUI > Configuration > Appliance Settings > Administrator Interface > Miscellaneous tab > Switch Console
- Click on “Switch to Client Console” to enable MCN mode.
Configuring
- Sites
Add Sites > Basic Settings > Interface Groups
- Connections
- Provisioning = Bandwidth settings
Deploying
- Save Config
- Export Config & select Change Management Inbox
- In the Change management page, Upload the Virtual Upgrade firmware file (.tar.gz)
- Select the exported Config file and select Verify.
- Click next once the verification is successful.
- Click Stage Appliances. Wait for it to complete.
- Click Next & Select Activate.
- Click Activate Staged now to activate the software on this CB.
- Wait for 120s.
- CLick Done. Enable VWAN on this page:
Configuration > Virtual WAN > Enable/Disable/Purge Flows
Topology
- WanEM Ip address is:
http://10.107.88.88/WANem/
Initial Setup
Adding Routers
Inline Mode with Version flexibility
Mixed Mode
Mixed Mode with OSPF
This deployment will cause Routing loop, SDWAN needs routing just for advertising routes on local LAN, not on the ISP side |
- SLAX Router Internet
- Zebra Config:
log file /var/log/zebra.log ! interface eth0 ip address 10.107.88.69/27 ! interface eth1 ip address 1.1.1.1/24 ! interface eth2 ip address 4.4.4.1/24 ! ip route 6.6.6.0/24 eth2 ip route 7.7.7.0/24 eth2 ! ip forwarding
- OSPFD Config:
interface eth0 ! interface eth1 ! interface eth2 ! interface lo ! router ospf passive-interface eth0 network 1.1.1.0/24 area 0.0.0.0 network 4.4.4.0/24 area 0.0.0.0
- WanEM Config:
#Start WanEM /sbin/tc qdisc add dev eth1 root handle 1: netem delay 50ms 20ms 80% reorder 2% 25% loss 2% 45% duplicate 1% 25% corrupt 2% /sbin/tc qdisc add dev eth1 parent 1:1 handle 10: htb default 1 r2q 10 /sbin/tc class add dev eth1 parent 10: classid 0:1 htb rate 512kbit ceil 512kbit /sbin/tc qdisc add dev eth2 root handle 1: netem delay 50ms 20ms 80% reorder 2% 25% loss 1% 45% duplicate 1% 25% corrupt 2% /sbin/tc qdisc add dev eth2 parent 1:1 handle 10: htb default 1 r2q 10 /sbin/tc class add dev eth2 parent 10: classid 0:1 htb rate 512kbit ceil 512kbit
- Routing Table:
root@slax:~# route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10.107.88.64 * 255.255.255.224 U 0 0 0 eth0 7.7.7.0 * 255.255.255.0 U 0 0 0 eth2 2.2.2.0 1.1.1.2 255.255.255.0 UG 20 0 0 eth1 5.5.5.0 informs.bar2.mi 255.255.255.0 UG 20 0 0 eth2 6.6.6.0 * 255.255.255.0 U 0 0 0 eth2 1.1.1.0 * 255.255.255.0 U 0 0 0 eth1 3.3.3.0 informs.bar2.mi 255.255.255.0 UG 20 0 0 eth2 4.4.4.0 * 255.255.255.0 U 0 0 0 eth2 loopback * 255.0.0.0 U 0 0 0 lo default 10.107.88.65 0.0.0.0 UG 0 0 0 eth0
root@slax:~# ip route 10.107.88.64/27 dev eth0 proto kernel scope link src 10.107.88.69 7.7.7.0/24 dev eth2 proto zebra 2.2.2.0/24 via 1.1.1.2 dev eth1 proto zebra metric 20 5.5.5.0/24 via 4.4.4.2 dev eth2 proto zebra metric 20 6.6.6.0/24 dev eth2 proto zebra 1.1.1.0/24 dev eth1 proto kernel scope link src 1.1.1.1 3.3.3.0/24 via 4.4.4.2 dev eth2 proto zebra metric 20 4.4.4.0/24 dev eth2 proto kernel scope link src 4.4.4.1 127.0.0.0/8 dev lo scope link default via 10.107.88.65 dev eth0
- SLAX Router MPLS
- Zebra Config:
log file /var/log/zebra.log ! interface eth0 ! interface eth1 ip address 2.2.2.1/24 ! interface eth2 ip address 3.3.3.1/24 ! ip route 6.6.6.0/24 eth2 ip route 7.7.7.0/24 eth2 ! ip forwarding
- OSPFD Config:
interface eth0 ! interface eth1 ! interface eth2 ! interface lo ! router ospf network 2.2.2.0/24 area 0.0.0.1 network 3.3.3.0/24 area 0.0.0.1
- WanEM Config:
#Start Wanem /sbin/tc qdisc add dev eth1 root handle 1: netem delay 20ms 4ms 25% reorder 1% 25% loss 1% 25% duplicate 1% 25% corrupt 1% /sbin/tc qdisc add dev eth1 parent 1:1 handle 10: htb default 1 r2q 10 /sbin/tc class add dev eth1 parent 10: classid 0:1 htb rate 2097kbit ceil 2097kbit /sbin/tc qdisc add dev eth2 root handle 1: netem delay 20ms 4ms 25% reorder 1% 25% loss 1% 25% duplicate 1% 25% corrupt 1% /sbin/tc qdisc add dev eth2 parent 1:1 handle 10: htb default 1 r2q 10 /sbin/tc class add dev eth2 parent 10: classid 0:1 htb rate 2097kbit ceil 2097kbit
- Routing Table:
root@10:~# route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10.107.88.64 * 255.255.255.224 U 0 0 0 eth0 7.7.7.0 * 255.255.255.0 U 0 0 0 eth2 5.5.5.0 3.3.3.2 255.255.255.0 UG 20 0 0 eth2 2.2.2.0 * 255.255.255.0 U 0 0 0 eth1 1.1.1.0 2.2.2.2 255.255.255.0 UG 20 0 0 eth1 6.6.6.0 * 255.255.255.0 U 0 0 0 eth2 4.4.4.0 3.3.3.2 255.255.255.0 UG 20 0 0 eth2 3.3.3.0 * 255.255.255.0 U 0 0 0 eth2 loopback * 255.0.0.0 U 0 0 0 lo default 10.107.88.65 0.0.0.0 UG 0 0 0 eth0
root@10:~# ip route 10.107.88.64/27 dev eth0 proto kernel scope link src 10.107.88.70 7.7.7.0/24 dev eth2 proto zebra 5.5.5.0/24 via 3.3.3.2 dev eth2 proto zebra metric 20 2.2.2.0/24 dev eth1 proto kernel scope link src 2.2.2.1 1.1.1.0/24 via 2.2.2.2 dev eth1 proto zebra metric 20 6.6.6.0/24 dev eth2 proto zebra 4.4.4.0/24 via 3.3.3.2 dev eth2 proto zebra metric 20 3.3.3.0/24 dev eth2 proto kernel scope link src 3.3.3.1 127.0.0.0/8 dev lo scope link default via 10.107.88.65 dev eth0
- GNS3 Router Config
interface Ethernet0/0 no ip address full-duplex ! interface Ethernet0/0.10 encapsulation dot1Q 10 ip address 6.6.6.1 255.255.255.0 ip policy route-map traf1 ! interface Ethernet0/0.20 encapsulation dot1Q 20 ip address 7.7.7.1 255.255.255.0 ip policy route-map traf2 ! interface Ethernet0/1 ip address 5.5.5.1 255.255.255.0 ip policy route-map traf3 full-duplex ! interface Ethernet0/2 ip address 4.4.4.2 255.255.255.0 ip policy route-map traf4 full-duplex ! interface Ethernet0/3 ip address 3.3.3.2 255.255.255.0 full-duplex ! router ospf 1 log-adjacency-changes redistribute connected subnets network 3.3.3.0 0.0.0.255 area 1 network 4.4.4.0 0.0.0.255 area 0 ! ip route 0.0.0.0 0.0.0.0 4.4.4.1 ! access-list 101 permit ip 6.6.6.0 0.0.0.255 any access-list 102 permit ip 7.7.7.0 0.0.0.255 any access-list 103 permit ip 5.5.5.0 0.0.0.255 any access-list 104 permit ip any 5.5.5.0 0.0.0.255 no cdp log mismatch duplex ! route-map traf1 permit 10 match ip address 101 set ip next-hop 4.4.4.1 ! route-map traf3 permit 10 match ip address 103 set ip next-hop 6.6.6.2 ! route-map traf2 permit 10 match ip address 102 set ip next-hop 3.3.3.1 ! route-map traf4 permit 10 match ip address 104 set ip next-hop 6.6.6.2
- Routing Table:
R1#show ip route Gateway of last resort is 4.4.4.1 to network 0.0.0.0 1.0.0.0/24 is subnetted, 1 subnets O 1.1.1.0 [110/20] via 4.4.4.1, 04:48:43, Ethernet0/2 2.0.0.0/24 is subnetted, 1 subnets O 2.2.2.0 [110/20] via 3.3.3.1, 04:45:37, Ethernet0/3 3.0.0.0/24 is subnetted, 1 subnets C 3.3.3.0 is directly connected, Ethernet0/3 4.0.0.0/24 is subnetted, 1 subnets C 4.4.4.0 is directly connected, Ethernet0/2 5.0.0.0/24 is subnetted, 1 subnets C 5.5.5.0 is directly connected, Ethernet0/1 6.0.0.0/24 is subnetted, 1 subnets C 6.6.6.0 is directly connected, Ethernet0/0.10 7.0.0.0/24 is subnetted, 1 subnets C 7.7.7.0 is directly connected, Ethernet0/0.20 S* 0.0.0.0/0 [1/0] via 4.4.4.1
Dynamic Routing BGP
This deployment will cause Routing loop, SDWAN needs routing just for advertising routes on local LAN, not on the ISP side |
Routing corrected and IPSEC
SDWAN Center and W2W forwarding
- References
{{#widget:DISQUS
|id=networkm
|uniqid=SD-WAN
|url=https://aman.awiki.org/wiki/SD-WAN
}}