USD ($)
$
United States Dollar
India Rupee

Cisco SD-WAN VSmart Controller Deployment

Created by Amar Singh in Articles 31 Aug 2024
Share
«Importance of Learning Cisco SD-WAN

The Cisco SD-WAN vSmart Controller is a pivotal component in the Cisco SD-WAN architecture, serving as the centralized control plane. It orchestrates network operations by managing routing decisions, policy distribution, and secure communication between WAN edge devices.

By leveraging the Overlay Management Protocol (OMP), the vSmart Controller ensures efficient data traffic flow, enhances network visibility, and simplifies management, making it essential for scalable and resilient SD-WAN deployments.

In this article, we will be covering an important concept from Cisco enterprise training i.e. configuring Cisco SD-WAN vSmart Controller.


Online Cisco SD-WAN TrainingGain Cisco SD-WAN certification with our online training course.Explore course
custom banner static image

How to Configure Cisco SD-WAN VSmart Controller

To configure the vSmart Controller we need to setup virtual machines (VMs) first in our overlay. Once we set up and started VMs automatically they came up with factory default configuration.

After that, we need to configure some basic features and functions so that all the devices can be authenticated and can join the overlay network. The IP address, vBond orchestrator of our networks, IP address of our system, and tunnel interfaces are included in these features.

For the participation of vSmart controllers in the overlay network and for the overlay network to be functional we must do the following:

● Set up a tunnel interface on at least one VPN 0 interface that must connect with the WAN transport network accessible through all Cisco vEdge devices. In that overlay network, VPN 0 carries all control plane traffic among Cisco vEdge devices.

● Enable Overlay Management Protocol (OMP).

Once we create this initial configuration we need to create a full configuration now by templates configuration on vManage NMS. After that, we will attach them to the vSmart Controllers. Once we do this the template parameters overwrite the initial configuration.

Then we must assign a system IP address to the vSmart Controller in the initial configuration. This IP address identifies the controllers of any interface address. The IP address is similar to the router ID on non-Cisco SD-WAN routers.

Let us learn how we can set the initial configuration for the vSmart controller

Create Initial Configuration for the vSmart Controller

In the CLI session, log in to the Cisco vEdge (Viptela) device via SSH. Log in as the user admin and the default password admin. You will log into the CLI session.

Then enter configuration mode.

Configuration mode:

vSmart# config

vSmart(config)#

Hostname Configuration

This is an optional step but recommended.

Configure the hostname:

Cisco(config)# system host-name hostname


Online CCNP Enterprise Training
Get online CCNP enterprise training with certification.Explore course
custom banner static image

IP address configuration

The IP address can be IPV4 and IPV6 address.

Configure the system IP address:

vSmart(config-system)# system-ip ip-address

Here Cisco vManage uses the system IP address to identify the device. Then NMS can download the full configuration to the device.

Configure the site identifier where the device is located:

vSmart(config-system)# site-id site-id

Configure the domain identifier in which the device is located:

vSmart(config-system)# domain-id domain-id

IP address configuration of vBond orchestrator or vBond DNS name

The Cisco vBond orchestrator’s IP address must be public so that all Cisco vEdge devices in the overlay network can reach it.

Configure the IP address of the vBond orchestrator or vBond DNS name:

vSmart(config-system)# vbond (dns-name | ip-address)

To confirm software upgrade is successful, configure a time limit:

vSmart(config-system)# upgrade-confirm minutes

This time may be from 1 minute to 60 minutes. When we upgrade the software on the device after this time limit configuration we must confirm that the software upgrade is successful within the configured limited time. If it does not happen it reverts to the previous software image.

This is box title

vSmart(config-system)# user admin password password

Configure an interface in VPN 0 that will be used as a tunnel interface. VPN 0 is the WAN transport VPN. The interface name has eth number format. Here you must configure IP address and enable the interface. This IP address can be configured as static or via DHCP.

Configure an interface in VPN:

vSmart(config)# vpn 0

vSmart(config-vpn-0)# interface interface-name

vSmart(config-interface)# (ip dhcp-client | ip address prefix /length)

vSmart(config-interface)# no shutdown

vSmart(config-interface)# tunnel-interface

vSmart(config-tunnel-interface)# allow-service netconf

Tunnel interface must be configured on one interface in VPN 0. So that overlay network will come up and then Cisco vSmart Controller will participate in the overlay network. This interface should be connected with WAN transport network accessible by all Cisco vEdge devices.

Identify the type of WAN

To identify the type of WAN transport need to configure tunnel color. You can configure your color or default color.

To identify the type of WAN transport need to configure tunnel color:

vSmart(config-tunnel-interface)# color color

Configure a default route to the WAN transport network:

vSmart(config-vpn-0)# ip route 0.0.0.0/0 next-hop

Commit the configuration:

vSmart(config)# commit and-quit

vSmart#

Verify that the configuration of vSmart Controller is correct and complete:

vSmart# show running-config

Now this is done.

To learn more about such IT techs, check our IT infrastructure Courses.

TLOC Extension: Explore Cisco SD-WAN»
Amar Singh

Amar Singh is a senior security architect and a certified trainer. He is currently working with a reputed organization based out of India. His accomplishments include CCNA, CCNP Security, CEH, Vmware, Checkpoint and Palo Alto Certifications. He is holding more than 12 years of experience in Network security domain. In his career he has been ...

More... | Author`s Bog | Book a Meeting

Related Articles

#Explore latest news and articles

CCNP Enterprise Concentration Exam Options 28 Oct 2024

CCNP Enterprise Concentration Exam Options

Explore a roadmap for becoming CCNP enterprise certified professional by choosing wisely one of the CCNP enterprise concentration exams options. Read More!
SD-WAN Vendors Comparison: Choosing the Best SD-Wan Provider 12 Nov 2024

SD-WAN Vendors Comparison: Choosing the Best SD-Wan Provider

Top Leading SD-Wan Vendor solutions and comparison for features, performance & pricing. Find the best SD wan providers fit for your organization with our ...
CCNP Certification Cost and Exam Fees 29 Aug 2024

CCNP Certification Cost and Exam Fees

Do you know? Cisco CCNP Certification Exam Cost & Fees for Security, Enterprise, ENCOR, Collaboration, and Data Center Modules. Learn More!

FAQ

The vSmart controller is a centralized component of the Cisco SD-WAN solution, acting as the brain that manages data traffic flow and policy distribution across the network.
In an SD-WAN deployment, the vSmart controller is responsible for orchestrating the control plane, managing routing decisions, and ensuring secure communication between WAN edges.
The vBond Orchestrator is typically deployed first in an SD-WAN environment, establishing secure connections and facilitating the authentication of WAN edge devices.
SD-WAN can be deployed in various ways, including on-premises, in public clouds, or as a hybrid model, depending on organizational needs and infrastructure.
The vSmart controller's role includes managing policy distribution, optimizing routing, and facilitating secure communication between WAN edge devices in the SD-WAN architecture.
SD-WAN is deployed by establishing secure control connections between vSmart controllers and WAN edges, utilizing protocols like DTLS or TLS for encrypted communication and policy management.

Comments (0)

Share

Share this post with others

Contact learning advisor

Captcha image
Join Cisco ACI Live Training – Starting 7th December! Enroll Now to Master ACI.
Join Cisco ACI Live Training – Starting 7th December! Enroll Now to Master ACI.
Expert-Led Cisco ACI Training with Lab Access.
Day
Hr
Min
Sec
Register Now