top of page
Search
Celal

VERSA SD-WAN FLEXVNF NOTES-5


Branch Deployment:

The template is everything for sd-wan. The template makes our work easier. I will prepare the templates

in the Workflow section.

For my topology, I will select full-mesh because there is no hub device. After branches learn the necessary route from the controller with BGP, they will install direct communication between them.

The interfaces come up as empty, we choose the interface functions as wan or lan. I have two wan interfaces and one LAN interface for the default configuration. Also, I configure MPLS and CLOUD routers as DHCP servers. Automatically IP address is assigned to wan interfaces by the DHCP server.

Mgmt interface is Eth0. You can access the web UI of the branch over eth0. I don't need it as I work on the console.


Wan interfaces configuration;

Lan interface configuration;

Leave as default the following section, for now, don't make any changes then click the Create button.

After creating the branch template, I need to define the branch device. this part is related to device registration.

Device Group appears empty, click +Device group section

Don't forget to select the Branch Template is created before.


Set location;

There is no Device Service Template, pass this section and click the continue button.

I had left the Lan interface as static when I created the Branch Template. I assign the IP address to the Lan interface at this part.

we will see branch1 as deployed.

I need to input a static route so that the director can access the overlay network.


I have finished the template part. I need staging parameters. The following figures show where I will find the parameters. Mpls-controller-1-staging and internet-controller-1-staging parameters are the same. I will use the one's parameters of them for staging.

This information is necessary for the IKE session between controller and branch


I am login via console. I will configure it as a branch device.

Default Credential;

Username:admin

Password:versa123

I input the following command for staging.

-l Local ID

-r Remote ID

-c Controller ip address

-w Wan port number ( vni0/0 is mpls for us)

-d Use dhcp for wan link

sudo /opt/versa/scripts/staging.py -l SDWAN-Branch@networktcpip.com -r Controller-1-staging@networktcpip.com -c 192.168.50.2 -w 0 -d

staging is started. check the interface status.

  • IKE session starts between a branch and a staging server.

  • After the IKE session comes up, the staging server assigns an IP address to the branch.

  • The Versa Director IP address is notified to the branch.

I see the branch device on Director as an unknown device.

I had defined the Branch1 device before. I match the unknown device to Branch1

at This part;

  • Versa Director pushes the stage two configuration to the branch device, through the staging server.

  • The controller IP address, in the IPSec profile, is given as a remote IP.

  • The branch device is rebooted.

  • After the branch device comes up with stage two configuration, it establishes the IKE session with the controller.

Also, look via console, Director uses netconf to configure the branch device. the following figure shows


The controller assigns an IP address to the branch device and generates a notification to Versa Director.

Branch1 device is ready.

I will see BGP and IPsec connections between controller and branch.

By repeating the same steps, configure the Branch2 device.

Remember, I have installed a full-mesh topology between branches. I have to see two IPsec tunnel


  • Branch to Controller

  • Branch1 to Branch2



check the routing table, are Branch2's routes in the Branch1 routing table? Yes, I see 192.168.128.0/24



How do branch devices monitor interfaces? The following figure gives some information. SLA-monitor is important for link redundancy. I made a link redundancy test. Versa is successful


Test with ping from Branch1 to Branch2;

Everything is properly working.


When I check the Analytics, I see the Analytics start to collect the information from devices.



After all these installations, The rest is up to your imagination :))


Thanks for reading.

3,996 views5 comments

5 Comments


bala.inspirer
Aug 15, 2021

Great work ! appreciating your effort. Thanks

Like

believemk
Aug 02, 2021

my controller cannot communicate with branch mgmt ip 10.0.0.0/8. there is route on controller vrf, but vrf name on branch is mgmt, vrf name on controller is internet-control-VR.

Like

Uldis Dzerkals
Uldis Dzerkals
Mar 05, 2021

Which emulator did you use for this lab? And did you face any issues during VNF pre-stage phase, it stuck on 30% and then drops

Like
Uldis Dzerkals
Uldis Dzerkals
Apr 02, 2021
Replying to

Thanks that helped

Like
bottom of page