This will be a quick post on upgrading an ASR IOS using SD-WAN. I’m going to go from 17.3.3 to 17.3.4a. We’ll just be uploading the image directly to vManage. Add Image to Repository In vManage, go to Maintenance > Software Repository > Software Images > Add New Software. Select the first option, vManage. ClickContinue reading “Bonus: SD-WAN IOS Upgrade”
Category Archives: 2.2 SD-WAN
2.2.b iii OMP
Overlay Management Protocol Reference: https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/routing/ios-xe-17/routing-book-xe/m-unicast-routing.html Each edge router peers with the vSmart controllers using OMP. OMP is strictly for control traffic, never for data plane traffic. And each WAN Edge router only peers with vSmart controllers, they’ll never peer with another WAN Edge. The OMP routes advertise TLOCs mapped to prefixes. The TLOCS have toContinue reading “2.2.b iii OMP”
Bonus: SDA/SD-WAN Integration
This isn’t really called out on the Enterprise Infrastructure blueprint (unless you count section 2.1.a iii Fabric domains (single-site and multi-site using SD-WAN transit), but I figured it would be something fun to try. It turned out to be a nightmare. First thing, you kick off the connection from DNAC, either under System > SettingsContinue reading “Bonus: SDA/SD-WAN Integration”
2.2.c Configuration templates
I’m probably going to come back here and do a ton more with Configuration Templates, because it seems like the possibilities are endless. But for now, I just want to do a quick local password, NTP, and Loopback0 interface config and attach it to the ASR 1001-X. On vManage, go to Configuration > Templates. ClickContinue reading “2.2.c Configuration templates”
2.2.b WAN edge deployment
For this lab, the plan is to convert an ASR 1001-X over to SD-WAN code (I’m using 16.12.5 SD-WAN code, instead of the 17.x universal code, so I can test upgrading the router later.) and get it added to the SD-WAN deployment. The steps are pretty straightforward: Re-image the device. Stop the PNP service. ApplyContinue reading “2.2.b WAN edge deployment”
SD-WAN: Organization Name Blunder
It turns out I really screwed up by using the organization name of “lab”. When I tried to do anything with PNP, I was stopped dead in my tracks because someone already used that name. Luckily this is just a lab, so changing the organization name shouldn’t be a big deal… except there’s no optionContinue reading “SD-WAN: Organization Name Blunder”
2.2.a iv Data plane (vEdge/cEdge)
The data plane is simple. It’s just an IPSec overlay. The big difference is that there’s a central key manager, the vSmart, which cuts down on overhead. There are two options, symmetric keys and pairwise. Using symmetric keys, each WAN Edge sends its key to the vSmart, then the vSmart sends that key to allContinue reading “2.2.a iv Data plane (vEdge/cEdge)”
2.2.a iii Control plane (vSmart, OMP)
vSmart The vSmart is the centralized control plane of the SD-WAN deployment. It provides routing and data plane policies to the WAN Edge routers. The vSmart takes in all of the routing and topology information from the WAN Edge clients, calculates the best-path, then advertises the results back to the WAN Edge routers. The communicationContinue reading “2.2.a iii Control plane (vSmart, OMP)”
2.2.a ii Management plane (vManage)
vManage The vManage server is the central manager for the SD-WAN deployment. This is where you’ll configure templates, onboard and provision devices, monitor everything with the fancy dashboards. It’s kind of like DNAC for the WAN, or it’s similar to the Admin Node in ISE. Just like everything else these days, it also supports RESTContinue reading “2.2.a ii Management plane (vManage)”
2.2.a i Orchestration plane (vBond, NAT)
vBond The vBond component is pretty much the key to the whole SD-WAN solution working. When a WAN Edge comes online, the only thing it’ll know about (learned from PNP, Zero-Touch Provisioning, or Manual or Bootstrap config) is the vBond. The vBond then directs the WAN Edge routers on how to get to vManage (ManagementContinue reading “2.2.a i Orchestration plane (vBond, NAT)”
Oscorp Labs 