This topic is to discuss the following lesson:
Thanks Rene and the Network Lessons crew, for taking time to break down Cisco SD-WAN knowledge. I am now a full Cisco SD-WAN engineer.
Hi NL Team,
Just wanted to say thank you for the course - really nice experience.
My LAB topology as below - worked quite well!
One thing as FYI - you still have got an error in one of the first lessons about org name for vsmart due to which vedges have problems registering.
Hello Maciej
Thanks so much for your kind words and for the feedback on the lessons! And thanks for pointing out the error. I will let Rene know. Can you point us to the specific lesson and the particular error? That would help out a lot!
Thanks again!
Laz
Hi Laz,
You are welcome - well deserved.
About the error - it is in section: Cisco SD-WAN Controllers Installation.
You gave Org Name as nwl-sdwan-lab in the GUI conf, while every other reference when managing the certs via CLI is set to nwl-lab-sdwan.
Due to this vEdges were visible in vManage (as the certs were signed by CA), but not registering.
I found out about this error in one of linux logs that was saying Org Name mismatch in certificate - that finally directed me to what the problem was as it took few hours and doing the lab from a scratch No worries though - it got the skill cemented in my mind haha.
BR, Maciej Stanecki
Hello Maciej
Great, thanks for pointing that out, I’ll let Rene know to make any necessary modifications. And yes, it is typically the errors we find and troubleshoot that help us to learn the most… Keep networking!
Laz
Hi, I have a question regarding COR (Cloud OnRamp).
Question 1 - SaaS
I understand that if we have two service providers, we can send HTTP probes to our SaaS application and determine the quality (QOE) of both connections and then pick the one that is currently performing better.
This example makes great sense but every single resource mentions another example where we have just one internet circuit and then an MPLS circuit.
14:20 on the YouTube video.
My question is, why isn’t SD-WAN running over the internet circuit? I thought we’d use it since we have SD-WAN.
Question 2 - IaaS
If I understand this right, we can literally deploy a vEdge router.. inside our cloud’s IaaS service? Which would mean that we can connect the IaaS into our SD-WAN service.
What benefits does this offer? Apart from, again, being able to determine what wan circuit might be the best to access the IaaS infrastructure, what else does it do? Can the IaaS infrastructure also decide from their side which WAN circuit they want to use? (Considering that we can use IPSec, private WANs, internet, literally almost anything to connect to the cloud).
With SaaS, the benefit is limited to “yeah this path is better, we will use it” and not much else, or? Does this change with IaaS?
David
Hello David
The example in the video as well as the examples you see from other sources, are simply indicating that you can have an SD-WAN deployment with one option completely outside of the SD-WAN fabric. This is your breakout option. The fabric will include at least one, but typically multiple, connections. You can see similar diagrams in this Cisco white paper on SD-WAN Cloud OnRamp for SaaS. There, you can see the connection via the link outside of the fabric, and an additional two links (ISP2 and MPLS) within the fabric. I believe that this approach simply shows the use of a link outside the SD-WAN fabric as an alternative.
Yes, that is correct. You can deploy a vEdge (or cEdge) router inside your cloud IaaS environment (like AWS, Azure, or GCP).
Compared to SaaS, IaaS offers much more control and flexibility. With SaaS, the provider controls everything — you can only optimize how you reach it. But with IaaS, you control the infrastructure and that opens up a lot more benefits.
SaaS is passive so you only optimize the entry point. IaaS is active, so it’s part of your SD-WAN fabric. You control both ends of the connection. That means that you can enforce policies and you can build a true hybrid or multi-cloud WAN.
I hope this has been helpful!
Laz