Hello Anoop
The vEdge routers and the vBond orchestrator can be deployed as either hardware or VMs. The vManage and vSmart controllers are only available as VMs. The VMs can be run on-premises on ESXi or KVM, or they can be hosted on cloud providers like AWS or Azure. Take a look at the following lesson for more details:
You must first generate the CSR on the vEdge router. This creates a file stored in the /home/admin folder of the vEdge router. That file can only be created by the vEdge router. It is unique to that router. This file must be signed by the vManage controller, and then installed on the vEdge router. If you skip the creation of this file on the vEdge router, then the certificate process will not take place correctly.
Yes, it seems that the topology is incomplete. There is no information about the 10.65.92.0/24 subnet, and there is no info about the configuration of vEdge2. I will let Rene know to clarify.
A TLOC is a transport locator, similar to an RLOC used in LSIP. A TLOC contains the following data:
- System IP, which is the “label” given to the particular controller, much like a router ID is given to an OSPF router
- Transport colour, used to differentiate different transports or links, like you mention
- Encapsulation type, which includes information about data plane connectivity. This can be either IPSec or GRE. For example, a GRE TLOC will not establish a data plane tunnel with an IPSec TLOC. They must be the same.
More information about TLOCs can be found at the following Cisco documentation:
I hope this has been helpful!
Laz