Introduction
This document describes the Transport Locator (TLOC) extension for redundancy in the SD-WAN network.
TLOC Extension
The TLOC extension provides redundancy to the transport and load share of the traffic as well. It is locally significant to the site. Two vEdges connect to each other by a special link in order to extend their transport link which provides the redundancy to the control plane connection (Datagram Transport Layer Security (DTLS)\Transport Layer Security (TLS)) and Data Plane connection (IPsec and Generic Routing Encapsulation (GRE)). TLOC extensions enable vEdge\cEdge routers to utilize the transport of neighboring vEdge\cEdge routers through a designated TLOC extension interface.
TLOC Extension Limitations
Long-term Evolution (LTE) cannot be used as a TLOC extension interface between vEdge\SD-WAN routers.
Prerequisites
Requirements
Cisco recommends that you have knowledge of these topics:
- Routing Protocols - Overlay Management Protocol (OMP) is required in order to get the LAN subnet and advertise it to vSmart.
- TLOC extension feature - The TLOC extension feature must be supported by the vEdge/cEdge devices.
- Templates for configuration - A feature template is required in order to configure the TLOC extension. This includes VPN0, VPN Interface (Interfaces which are used between the vEdges in order to use TLOC extension), and default routes towards both the vEdges.
Components Used
The information in this document is based on these software and hardware versions:
- Cisco vManage
- vBond
- vSmart
- Integrated Service Router (ISR) 4451/K9 or vEdge
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, ensure that you understand the potential impact of any command.
Configure
Network Diagram
Configurations
TLOC extension using Multiprotocol Label Switching (MPLS) as a transport:
vEdge 1 Configuration:
!
VPN0
interface ge0/2
ip address 192.168.20.1/30
tloc-extension ge0/0
vEdge 2 Configuration:
!
VPN0
interface ge0/1
ip address 192.168.20.2/30
tunnel-interface
encapulation ipsec
color mpls restrict
!
ip route 0.0.0.0/0 192.168.20.1
TLOC extension using the internet as a transport:
vEdge 1 Configuration:
!
VPN0
interface ge0/1
ip address 192.168.10.1/30
tunnel-interface
encapulation ipsec
color public-internet restrict
!
ip route 0.0.0.0/0 192.168.10.2
vEdge 2 Configuration:
!
VPN 0
nat
interface ge0/2
ip address 192.168.20.2/30
tloc-extension ge0/0
Verify
1. In order to verify the Control Plane connection - After the TLOC extension configuration, both vEdges form additional Control Plane connection and Data Plane connections, use the show sdwan control connections
command.
2. Verify the valid TLOC using show omp tlocs
.
3. Verify the Bidirectional Forwarding Detection (BFD) session with the show bfd sessions
command.
Troubleshoot
Case 1. The Control Plane connection is not getting established for the extended transport.
It is mandatory to configure the default route in VPN0 with the next hop of the extended transport. If the default route is not configured towards the redundant vEdge, there is no reachability to the controllers.
Case 2. MPLS transport is extended but the control plane connection is not getting established.
It is required to advertise the subnet which is being used for the point-to-point TLOC extension. If this subnet is not advertised, there is no reachability to these subnets to make the control plane connections.
Case 3. Internet transport is extended but control plane connection is not getting established.
If Network Address Translation (NAT) is not enabled on the vEdge device where internet transport is configured, the subnet used for TLOC extension remains non-NATted. Consequently, there is no connectivity to the controllers required to establish both control plane and data plane connections.
Case 4. The control plane connection is not getting established.
Ports that are being used for TLOC extension must be down - You must check the cable or port status of the device.