USD ($)
$
United States Dollar
India Rupee

TLOC Extension: Explore Cisco SD-WAN

Created by Deepak Sharma in Articles 8 Nov 2024
Share
«Cisco SD wan vManage Overview Explained

The TLOC Extension feature is a crucial component of Cisco's SD-WAN architecture, enabling WAN Edge routers to communicate seamlessly across multiple transport networks.

By allowing routers to extend their transport capabilities, TLOC Extensions enhance site redundancy, load balancing, and the integration of new WAN transports without disrupting existing connections.

This flexibility is vital for maintaining robust and efficient network operations. For those looking to deepen their understanding of these concepts, Cisco enterprise training offers comprehensive resources and hands-on experience, equipping professionals with the skills needed to implement and manage TLOC Extensions effectively.

TLOC Extension

Sometimes it may not be possible to connect two transports to WAN edge routers and it is necessary to connect each WAN edge router to a single transport. An alternative solution would be to connect a switch to each transport and have the SD-WAN routers connect to the transports via the switches.

However, this option is typically not recommended for branches as it can increase the overall solution cost and add an extra device to manage.
banner image

Using TLOC extensions, each WAN Edge router can establish connectivity with the opposite transport by utilizing the TLOC-extension interface on the neighboring WAN Edge router.

In the diagram provided, WAN Edge 1 directly connects to the MPLS transport and establishes a connection to the INET transport by utilizing the TLOC extension interface on WAN Edge 2.


SD-WAN Training Course OnlineJoin the online course and train in SD-WAN solutions.Explore course
custom banner static image

On the other hand, WAN Edge 2 connects directly to the INET transport and utilizes the TLOC extension interface on WAN Edge 1 to connect to the MPLS transport. When using a TLOC extension interface to establish connectivity with a transport, the connection is seamless and transparent.

As per the diagram, the WAN Edge 1 router still maintains two physical interfaces with configured tunnels - one to the MPLS and another to the Internet and remains unaware that the tunnel to the Internet is passing through another SD-WAN router.
banner image

TLOC Extension Types

There are various ways to connect TLOC extensions on SD-WAN routers. The connections can be established directly between SD-WAN routers, or through an L2 or L3 switch/router.

L2 TLOC extensions refer to extensions between two routers that are L2-adjacent to each other, and the links are within the same subnet. On the other hand, L3 TLOC extensions describe TLOC extensions between two routers that are separated by an L3 switch or router, and the links are within different subnets.

In L3 TLOC extensions, GRE tunnels are utilized for implementation. It is worth noting that TLOC extensions can be separate physical interfaces or subinterfaces, depending on the available bandwidth.
banner image

While TLOC extensions can be useful, there are some limitations to their use:

● TLOC and TLOC extension interfaces are only compatible with L3 routed interfaces. L2 switch ports/SVIs cannot serve as WAN/Tunnel interfaces and can only be utilized on the service side. Additionally, LTE cannot be used as a TLOC extension interface between WAN Edge routers.

● L3 TLOC extension is only supported on IOS XE SD-WAN routers and is not supported on vEdge routers.

● TLOC extension does not function on transport interfaces that are associated with loopback tunnel interfaces.

LOC Extension Routing

The TLOC extension interface needs to be configured by assigning it an IP address and binding it to the appropriate WAN interface in VPN 0. In the diagram below, WAN Edge 1's TLOC extension interface is ge0/7 and is bound to the MPLS transport through ge0/2.

WAN Edge 2's TLOC extension interface is also ge0/7 and is bound to the INET transport through ge0/4.

banner image

To enable controller reachability and establish IPsec tunnels and BFD sessions with other sites over the TLOC extension interfaces, certain routing considerations must be made.

Static default routes should be configured in the underlay (transport VPN 0) on each WAN Edge router, pointing to the Service Provider router as the next hop.

In order to reach the INET transport, a default route should be configured on WAN Edge 1's INET interface (ge0/4) pointing to WAN Edge 2's ge0/7 IP address.

If subnet A is in a private address space, NAT should be configured on WAN Edge 2's ge0/4 transport interface to ensure traffic can be routed back from the Internet to WAN Edge 1 over the TLOC extension.

To reach the MPLS transport, a default route should be configured on WAN Edge 2's MPLS interface pointing to WAN Edge 1's ge0/7 IP address.

To ensure traffic can be routed back to the TLOC extension interface, a routing protocol (usually BGP or OSPF) can be run in the transport VPN (VPN 0) of WAN Edge 1 to advertise subnet B so that the MPLS provider has a route to subnet B through WAN Edge 1.

It's recommended to apply a route map inbound to deny all incoming dynamic routes from the service provider since the static default route is used in the transport VPN for control plane and IPsec tunnel establishment.

Alternatively, the MPLS PE router can implement a static route to subnet B through WAN Edge 1, which can then be redistributed through the service provider network. However, static routes are not recommended when there is a large number of sites since it's not as manageable or scalable as using a dynamic routing protocol.

Recently I delivered a live session on the Cisco SDWAN TLOC extension where I briefly covered on theoretical concepts of TLOC and configured it in a lab environment in a systematic and step-by-step approach. Here is the video link for TLOC Extension.


To learn more about such concepts related to SD-WAN or Cisco technologies check out some IT infrastructure courses.

SD-WAN vs MPLS: Exploring Differences»
Deepak Sharma

He is a senior solution network architect and currently working with one of the largest financial company. He has an impressive academic and training background. He has completed his B.Tech and MBA, which makes him both technically and managerial proficient. He has also completed more than 450 online and offline training courses, both in India and ...

More... | Author`s Bog | Book a Meeting

Comments (1)

Dcancerian Student
26 Oct 2023 | 08:19 pm

Good one. Please share the next video where you have shown practical of TLOC extension.

Share

Share this post with others

Contact learning advisor

Captcha image
Join Cisco ACI Live Training – Starting 7th December! Enroll Now to Master ACI.
Join Cisco ACI Live Training – Starting 7th December! Enroll Now to Master ACI.
Expert-Led Cisco ACI Training with Lab Access.
Day
Hr
Min
Sec
Register Now