The orange lines in the following diagram shows the pathways to reach the 192.168.22.0/24 network from cEdge2 as both the Internet link and MPLS links are load balancing by default.
We can verify this from cEdge2 router by following command output.
Let's see how to cater the following requirement.
(click on the image to view in full size)
Let's see how to cater the following requirement.
Traffic going to 192.168.22.0/24 (SITE2-TOKYO) from cEdge2 (SITE3-SYDNEY) must use MPLS as primary link and Internet Link as the secondary link.
Since I have already created a Centralized Policy for AAR which does not have a Topology (Control) component, I am going configure it under the same policy as there can be only one active Centralized Policy at a time.
Following link shows the AAR example.
Still need to create Groups of Interests.
Click on the Custom Options button on the right side of the Policy Configuration Page.
Click on the Lists and the select TLOC to create TLOC Lists.
Create the 2 Sites also.
Now it's time to edit the Centralized Policy.
Go to the Topology and hit Add Topology and select Custom Control (Route & TLOC).
Hit + Sequence Type and select Route.
Hit + Sequence Rule
Match condition should be the created Site List "SITE2-TOKYO" and the Set condition should be the created TLOC List "SITE2-TLOCs"
**Also don't forget to select the Default Action under the Sequence to Accept and Enabled otherwise other traffic will be dropped.
(click on the images to view in full size)
Hit Save Control Policy.
Now go to the Policy Application.
Outbound Site List should be selected only and it should be "SITE3-SYDNEY"
Now all done, Save the Policy and Activate it.
Now let's inspect the routing table of cEdge2 (Site3)
Ok, as we can see the Internet route for 192.168.22.0/24 route is gone. Let's check what will happen after I Pause the MPLS link of cEdge1.. (Pausing can be done in PNET Lab which I am doing this lab on, hopefully EVE-NG also can. It is achieved through right clicking the connection and selecting Suspend)
As you can see, it works.
Note that cEdge2 actually knows both the routes but it only put the highest proffered route in forwarding tables.
You can check this by show sdwan omp routes command.
Big Question :-
How to determine the Match condition Site and Outbound Site in policy?
The green lines indicate how the OMP updates regarding this requirement flows. Because the Centralized Policy is applied to the vSmart and it is doing the route manipulation; site selection in policies should be done with vSmart's point of view. It receives the routes from cEdge1 as "In" and advertises to cEdge2 as "Out".
Note that since this is a Topology / Control Policy this can only be seen at vSmart CLI by the following command.
show running-config policy
No comments:
Post a Comment