Hybrid WAN Connectivity with an SDN Twist
Featuring Ivan Pepelnjak & Khalid Raza
Like many of us Khalid Raza wasted countless hours sitting in meetings discussing hybrid WAN connectivity designs using a random combination of DMVPN, IPsec, PfR, and one or more routing protocols… and decided to try to create a better solution to the problem.
Viptela Secure Extensible Network (SEN) doesn’t try to solve every networking problem ever encountered, which is why it’s simpler to use in the use case it is designed to solve: multi-provider WAN connectivity.
Like everyone else these days, they decided to use an SDN controller, which gave them several advantages over traditional solutions:
- Simple edge router configuration – all an edge router (vEdge Router) has to do is to report its local connectivity (subnets, VLANs, local IP prefixes) to the controller and get the WAN connectivity information from it;
- Simplified policy distribution – the WAN policy is no longer configured on every WAN edge device, but distributed from the controller cluster;
- Simple control plane – SEN vEdge Routers still run traditional routing protocols (there’s nothing wrong with using a technology that works well), but have a small set of adjacencies – they talk with the controllers, not with the other routers. While this approach lacks shared fate property and thus complicates the data plane failure detection, it scales much better; the size of the WAN network is no longer limited by the CPU capabilities of the hub router (if you ever implemented large-scale DMVPN with Catalyst 6500 as the hub router you probably know what I’m talking about).
Ivan Pepelnjak, CCIE#1354 Emeritus, is a 30-year veteran of the networking industry, with 25+ years of experience in designing, installing, troubleshooting, and operating large service provider and enterprise WAN and LAN networks. He is currently an independent network architect at ipSpace.net AG, focusing on software-defined networks, large-scale data centre technologies and advanced IP/MPLS-based networks.
Khalid is a former Distinguished Engineer at Cisco and widely regarded as a visionary in routing protocols. In a career spanning over 20 years, Khalid has played an instrumental role in architecting networks for Global Tier-1 carriers and Fortune 100 companies, and defining innovative grid solutions for the healthcare industry. He has been awarded the pinnacle of Cisco certifications: Cisco Certified Architect (CCAr) and Cisco Certified Design Expert (CCDE).