Cisco SD-WAN | Manual Bootstrapping of WAN Edge Devices - with Configurations.
To bring-up a #cisco #sdwan WAN edge device to join the SD-WAN overlay or fabric, it first needs to be bootstrapped to establish connectivity with the vBond Controller.
There are two methods to bootstrap a Cisco SD-WAN edge device:
1. Manually setup the minimal configurations on the WAN Edge device and
2. Use Zero Touch Provisioning (ZTP) or Plug n Play (PnP)
In this article, we will explore Method 1 – Manual setup of the minimal configuration.
To introduce this method, we will use the following demo sd-wan topology and considerations to illustrate:
A. The Simple SD-WAN Network Topology:
B. Organisation Name: ABC Corporation
C. WAN Edge Devices:
D. Scope of Work:
Configure vEdge 1000 in Site 10 to host the vBond controller and with the minimum configuration to bootstrap it.
Configure the Cisco ASR 1000 router with the initial minimum configuration to establish connectivity with the vBond controller on the vEdge at Site 10.
Workflow:
Step 1
Recommended by LinkedIn
We will configure an IP address and default gateway on both WAN edge devices
(Assuming no DHCP is in use)
Step 2
We will configure the vBond IP or hostname (if we are to use the hostname, then we will have to provide a DNS server address that must be reachable via VPN 0. We will use the vBond IP address here.)
Step 3
We will configure the WAN edge devices with their respective system identification details i.e System IP, Site ID, and Organization name.
Configurations:
Minimal Configuration for the vEdge 1000 in site 10 – a #viptela OS-based Device
vEdge# config
vEdge (config) # system host-name vEdge-1000
vEdge-1000 (config-system) # system-ip 1.0.0.10
vEdge-1000 (config-system) # site-id 10
vEdge-1000 (config-system) # organization-name ABC Corporation
vEdge-1000 (config-system) # domain-id 1
vEdge-1000 (config-system) # vbond 75.1.1.1 local
!
vEdge-1000 (config) # vpn 0
vEdge-1000 (config-vpn-0) # interface ge 0/0
vEdge-1000 (config-interface) # ip address 75.1.1.1/24
vEdge-1000 (config-interface) # no shutdown
vEdge-1000 (config-interface) # tunnel-interface
vEdge-1000 (config tunnel-interface) # color default //mpls or INET
vEdge-1000 (config-vpn-0) # ip route 0.0.0.0/0 75.1.1.254
!
vEdge (config) # commit and-quit
Minimal Configuration for Cisco ASR 1000 in site 20 – an IOS-XE SD-WAN-based Device
Device# config-transaction
Device (config) #
Device (config) # system host-name Cisco-ASR-1000
Cisco-ASR-1000 (config-system) # system-ip 2.0.0.20
Cisco-ASR-1000 (config-system) # site-id 20
Cisco-ASR-1000 (config-system) # organization-name ABC Corporation
Cisco-ASR-1000 (config-system) # domain-id 1
Cisco-ASR-1000 (config-system) # vbond 75.1.1.1 port 12346
Cisco-ASR-1000 (config-system) # exit
!
Cisco-ASR-1000 (config) # interface tunnel 1
Cisco-ASR-1000 (config-if) # no shutdown
Cisco-ASR-1000 (config-if) # ip unnumbered GigabitEthernet 0/1/0
Cisco-ASR-1000 (config-if) # tunnel source GigabitEthernet 0/1/0
Cisco-ASR-1000 (config-if) # tunnel mode sdwan
Cisco-ASR-1000 (config-if) # exit
!
Cisco-ASR-1000 (config) # sdwan
Cisco-ASR-1000 (config-sdwan) # interface GigabitEthernet 0/1/0
Cisco-ASR-1000 (config-interface-GigabitEthernet 0/1/0) # tunnel - interface
Cisco-ASR-1000 (config-tunnel-interface) # color mpls //or INET
Cisco-ASR-1000 (config-tunnel-interface) # encapsulation ipsec
Cisco-ASR-1000 (config-tunnel-interface) # exit
Cisco-ASR-1000 (config) # ip route 0.0.0.0 0.0.0.0 75.1.2.254
Cisco-ASR-1000 (config) # commit
Cisco-ASR-1000 # exit
!
All things equal, the above configurations should establish the Cisco SD-WAN overlay between Site 10 and Site 20 of ABC Corporation setting the stage for centralized network operations management (on vManage not covered here) ie. device provisioning, network operations simplification, more network automation, app aware routing, amongt the other benefits of SD-WAN to legacy enterprise WAN networks.
Olabode Oladipo | CISCO Certified Specialist - Enterprise SD-WAN Implementation