Configure and Troubleshoot SD-WAN Network with TLOC Extension

Available Languages

Download Options

  • PDF     (81.0 KB)
    View with Adobe Reader on a variety of devices
  • ePub     (140.1 KB)
    View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone
  • Mobi (Kindle)     (203.9 KB)
    View on Kindle device or Kindle app on multiple devices
Updated:February 27, 2024
Document ID:221734

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

    Introduction

    This document describes the Transport Locator (TLOC) extension for redundancy in the SD-WAN network.

    TLOC Extension

    The TLOC extension provides redundancy to the transport and load share of the traffic as well. It is locally significant to the site. Two vEdges connect to each other by a special link in order to extend their transport link which provides the redundancy to the control plane connection (Datagram Transport Layer Security (DTLS)\Transport Layer Security (TLS)) and Data Plane connection (IPsec and Generic Routing Encapsulation (GRE)). TLOC extensions enable vEdge\cEdge routers to utilize the transport of neighboring vEdge\cEdge routers through a designated TLOC extension interface.

    TLOC Extension Limitations

    Long-term Evolution (LTE) cannot be used as a TLOC extension interface between vEdge\SD-WAN routers.

    Prerequisites

    Requirements

    Cisco recommends that you have knowledge of these topics:

    • Routing Protocols - Overlay Management Protocol (OMP) is required in order to get the LAN subnet and advertise it to vSmart.
    • TLOC extension feature - The TLOC extension feature must be supported by the vEdge/cEdge devices.
    • Templates for configuration - A feature template is required in order to configure the TLOC extension. This includes VPN0, VPN Interface (Interfaces which are used between the vEdges in order to use TLOC extension), and default routes towards both the vEdges.

    Components Used

    The information in this document is based on these software and hardware versions:

    • Cisco vManage
    • vBond
    • vSmart
    • Integrated Service Router (ISR) 4451/K9 or vEdge

    The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, ensure that you understand the potential impact of any command.

    Configure

    Network Diagram

    Network Diagram

    Configurations

    TLOC extension using Multiprotocol Label Switching (MPLS) as a transport:

    vEdge 1 Configuration:

    !
    VPN0
    interface ge0/2
    ip address 192.168.20.1/30
    tloc-extension ge0/0

    vEdge 2 Configuration:

    !
    VPN0
    interface ge0/1
    ip address 192.168.20.2/30
    tunnel-interface
    encapulation ipsec
    color mpls restrict
    !

    ip route 0.0.0.0/0 192.168.20.1

    TLOC extension using the internet as a transport:

    vEdge 1 Configuration:

    !
    VPN0
    interface ge0/1
    ip address 192.168.10.1/30
    tunnel-interface
    encapulation ipsec
    color public-internet restrict
    !

    ip route 0.0.0.0/0 192.168.10.2

    vEdge 2 Configuration:

    !
    VPN 0
    nat
    interface ge0/2
    ip address 192.168.20.2/30
    tloc-extension ge0/0

    Verify

    1. In order to verify the Control Plane connection - After the TLOC extension configuration, both vEdges form additional Control Plane connection and Data Plane connections, use the show sdwan control connectionscommand.

    2. Verify the valid TLOC using show omp tlocs.

    3. Verify the Bidirectional Forwarding Detection (BFD) session with the show bfd sessions command.

    Troubleshoot

    Case 1. The Control Plane connection is not getting established for the extended transport.

    It is mandatory to configure the default route in VPN0 with the next hop of the extended transport. If the default route is not configured towards the redundant vEdge, there is no reachability to the controllers.

    Case 2. MPLS transport is extended but the control plane connection is not getting established.

    It is required to advertise the subnet which is being used for the point-to-point TLOC extension. If this subnet is not advertised, there is no reachability to these subnets to make the control plane connections.

    Case 3. Internet transport is extended but control plane connection is not getting established.

    If Network Address Translation (NAT) is not enabled on the vEdge device where internet transport is configured, the subnet used for TLOC extension remains non-NATted. Consequently, there is no connectivity to the controllers required to establish both control plane and data plane connections.

    Case 4. The control plane connection is not getting established.

    Ports that are being used for TLOC extension must be down - You must check the cable or port status of the device.

    Revision History

    Revision Publish Date Comments
    1.0
    27-Feb-2024
    Initial Release
    TAC Authored

    Contributed by Cisco Engineers

    • Alok Srivastava
      Cisco CMS Engineer

    Was this Document Helpful?

    FeedbackFeedback

    Contact Cisco

    This Document Applies to These Products