Multi-Region Fabric

affinity-group (Multi-Region Fabric)

Use the affinity-group command in system configuration mode to configure an affinity group for an edge router or border router. Use the no form of the command to remove the affinity group assignment.

affinity-group group-id

no affinity-group

Syntax Description

group-id

Affinity group in the range 1 to 63.

Command Default

By default, no affinity group is assigned.

Command Modes

System configuration (config-system)

Command History

Release Modification

Cisco IOS XE Catalyst SD-WAN Release 17.8.1a

This command was introduced.

Usage Guidelines

If an affinity group has been configured previously on the device, configuring a new value replaces the previous.

Example

Configure an affinity group value of 10 on a border router.

Device#config-transaction
Device(config)#system
Device(config-system)#affinity-group 10

affinity-group-number

To assign an affinity group number to routes or TLOCs, in a Multi-Region Fabric environment, use the affinity-group-number command in configuration set mode when configuring a control policy on a Cisco SD-WAN Controller. To cancel the configuration, use the no form of the command.

affinity-group-number affinity-group

no affinity-group-number affinity-group

Syntax Description

affinity-group-number affinity-group

Assign an affinity group number in the range of 0 to 63.

Command Default

There is no default.

Command Modes

configuration set (config-set)

Command History

Release Modification

Cisco IOS XE Catalyst SD-WAN Release 17.11.1a

This command was introduced.

Example

The following example, executed on a Cisco SD-WAN Controller, creates a sequence that matches routes from devices at site 100 and assigns them the affinity group 5. 

vsmart# config
vsmart(config)# policy
vsmart(config-policy)# control-policy policy-1
vsmart(config-control-policy-cpolicy1)# sequence 1
vsmart(config-sequence-1)# match route
vsmart(config-match-route)# site-id 100
vsmart(config-match-route)# action accept
vsmart(config-action)# set
vsmart(config-set)# affinity-group-number 5

To configure this using a CLI template in Cisco SD-WAN Manager, use the following: 

policy
 control-policy policy-1
  sequence 1
   match route
    site-id 100
  !
  action accept
   set
    affinity-group-number 5
   !
  !
 !
!

affinity-group preference (Multi-Region Fabric)

Use the affinity-group preference command in system configuration mode to configure the affinity group preference order, from highest priority to lowest priority. Use the no form of the command to remove the affinity group preference.

affinity-group preference group-id group-id | ...

no affinity-group preference

Syntax Description

group-id

Affinity group in the range 1 to 63.

Command Default

By default, no affinity group preference is assigned.

Command Modes

System configuration (config-system)

Command History

Release Modification

Cisco IOS XE Catalyst SD-WAN Release 17.8.1a

This command was introduced.

Example

Configure a preference for affinity groups 10, 11, 20, and 5, in that order of priority.

Device#config-transaction
Device(config)#system
Device(config-system)#affinity-group preference 10 11 20 5

filter route outbound affinity-group preference (Multi-Region Fabric)

To configure a Cisco SD-WAN Controller to restrict routers in the regions that it is managing to connect only to routers that are on their affinity list, use the filter route outbound affinity-group preference command in OMP configuration mode. To remove this restriction, use the no form of the command.

filter route outbound affinity-group preference

no filter route outbound affinity-group preference

Command Default

By default, there is no restriction.

Command Modes

OMP configuration (config-omp)

Command History

Release Modification

Cisco IOS XE Catalyst SD-WAN Release 17.8.1a

This command was introduced.

Usage Guidelines

You can configure Cisco Catalyst SD-WAN to enable routers to connect only to routers that are on their affinity list. To do this, use the filter route outbound affinity-group preference command on each of the Cisco SD-WAN Controllers that manage a region.

Example

vSmart#config terminal
vSmart(config)#omp
vSmart(config-omp)#filter route outbound affinity-group preference

management-gateway

To enable a management region on a router configured as a management gateway, use the management-gateway command in system configuration mode. Use the no form of the command to disable a management region.

management-gateway enable

no management-gateway enable

Command Default

Management region is disabled

Command Modes

System configuration (config-system)

Command History

Release Modification

Cisco IOS XE Catalyst SD-WAN Release 17.13.1a

This command was introduced.

Example 1

The following sample configuration configures a management gateway to support a management region, using VRF 3:

Device(config)# system
Device(config-system)# region 1
Device(config-region-1)# management-region
Device(config-management-region)# vrf 3
Device(config-vrf-3)# exit
Device(config-system)# management-gateway enable

Related Commands

Command

Description

management-region

Use the management-region command to enable a management region on a Cisco SD-WAN Controller or on a router.

management-region

To enable a management region on a Cisco SD-WAN Controller or on a router, use the management-region command in system configuration mode or region configuration mode, respectively. Use the no form of the command to disable a management region.

For a Cisco SD-WAN Controller:

management-region

no management-region

For a router:

management-region vrf vrf-id [ gateway-preference preference-id [ preference-id ] ... ]

no management-region

Syntax Description

vrf vrf-id

Configure the VRF to use for management traffic.
gateway-preference preference-id

Configure a preference order among management gateways, according to the affinity group number of the management gateways. See the Usage Guidelines section.

Maximum number of affinity group numbers: 12

Command Default

Management region is disabled

Command Modes

System configuration (config-system)
Region configuration (config-region)

Command History

Release Modification

Cisco IOS XE Catalyst SD-WAN Release 17.13.1a

This command was introduced.

Usage Guidelines

We recommend dedicating one or more Cisco SD-WAN Controllers to exclusively manage the management region. Alternatively, you can use one or more Cisco SD-WAN Controllers that are managing the core region. A Cisco SD-WAN Controller that is managing an access region cannot also manage the management region.

Configuring an affinity group number is optional, but when you are configuring a router in the network, you can configure a preference order among multiple management gateways, according to their affinity group numbers.

On management gateways, you can use the following to configure affinity group numbers:

  • System-level affinity group for the router:

    Use the affinity-group affinity-group-number affinity-group command.

  • Per-VRF affinity group:

    Use the affinity-group affinity-per-vrf affinity-group vrf-range vrf-range command.

    The per-VRF affinity group takes precedence over the system-level affinity group.

For information, see affinity-group-number.

Example 1

The following configures a Cisco SD-WAN Controller that is managing region 0, to also support a management region. 

Controller(config)# system
Controller(config-system)# region 0
Controller(config-system)# management-region

Example 2

The following sample configuration configures a management gateway to support a management region, using VRF 3. Configuring the affinity group number is optional, but when you are configuring a router in the network, you can configure a preference order among multiple management gateways, according to affinity group number. 

Device(config)# system
Device(config-system)# region 1
Device(config-region-1)# management-region
Device(config-management-region)# vrf 3
Device(config-vrf-3)# exit
Device(config-system)# management-gateway enable
Device(config-system)# affinity affinity-group-number 1

Example 3

The following sample configuration configures a border router to support a management region using VRF 3, and configures a gateway preference order: 

Device(config)# system
Device(config-system)# system-ip 10.1.1.2
Device(config-system)# domain-id 1
Device(config-system)# site-id 100
Device(config-system)# region 1
Device(config-region-1)# management-region vrf 3 gateway-preference 1 2
Device(config-vrf-3)# exit
Device(config-management-region)# exit
Device(config-region-1)# exit
Device(config-system)# role border-router

Related Commands

Command

Description

management-gateway

Use the management-gateway command to enable a management region on a router functioning as a management gateway.

omp best-path region-path-length ignore (Multi-Region Fabric)

To configure a device operating with Cisco Catalyst SD-WAN to enable both the primary region path and the secondary region path to a peer device, use the omp best-path region-path-length ignore command in global configuration mode. To return to the default behavior, use the no form of the command.

omp best-path region-path-length ignore

no omp best-path region-path-length ignore

Command Default

By default, the overlay management protocol (OMP) considers the path length when determining the best paths to provide to the forwarding layer.

Command Modes

Global configuration (config)

Command History

Release

Modification

Cisco IOS XE Catalyst SD-WAN Release 17.8.1a

Added the following options for configuring secondary regions: secondary-region , secondary-shared , secondary-only

Usage Guidelines

When a direct path is available to reach a destination, by default the overlay management protocol (OMP) provides only the direct path to the routing forwarding layer because the direct path uses fewer hops. The result is that the forwarding layer, which includes application-aware policy, can only use the direct path. You can use this command to disable this comparison of the number of hops so that traffic can use either the direct secondary-region path (fewer hops) or the primary-region path (more hops). When you disable the comparison of the number of hops, OMP applies equal-cost multi-path routing (ECMP) to all routes, and packets can use all available paths. 

Device(config)#omp best-path region-path-length ignore

omp best-path transport-gateway

Use the omp best-path transport-gateway command in OMP configuration mode to configure the path preference for transport gateway paths. Use the no form of the command to restore the default behavior.

omp best-path transport-gateway { ecmp-with-direct-path | prefer } [ transport-gateway-settings | site-types-list ]

no omp best-path transport-gateway

Syntax Description

ecmp-with-direct-path

For devices that can connect through a transport gateway and through other paths, apply equal-cost multi-path (ECMP) logic to choose the best path. This is the default behavior.

prefer

For devices that can connect through a transport gateway, use only the transport gateway paths, even if other paths are available.

transport-gateway-settings site-types-list

When configuring a router to prefer a transport gateway path, restrict the preference to only traffic whose destination matches one or more specific site types. For information about configuring a site type for a router, and for a list of site types, see site-type.

Command Default

ecmp-with-direct-path

Command Modes

OMP configuration (config-omp)

Command History

Release Modification

Cisco IOS XE Catalyst SD-WAN Release 17.8.1a

This command was introduced.

Cisco IOS XE Catalyst SD-WAN Release 17.12.1a

Added transport-gateway-settings site-type , which enables you to specify which traffic will prefer a transport gateway route.

The following example configures a device to prefer transport gateway routes.

Device(config)#omp best-path transport-gateway prefer

The following example configures a device to prefer transport gateway routes only for traffic destined to sites with site type cloud. 

Device(config)#omp best-path transport-gateway prefer
Device(config)#omp best-path transport-gateway-settings site-types cloud

Related Commands

Command

Description

site-type

Use the site-type command to configure the site type of a router.

region (Multi-Region Fabric)

To assign a region to a device, use the region command in system configuration mode. Use the no form of the command to remove the region assignment.

region region-id subregion subregion-id

no region

Syntax Description

region region-id

Assign a region in the range of 1 to 63.
subregion subregion-id

Assign a subregion in the range of 1 to 63.

Command Default

The command has no default.

Command Modes

System configuration

Command History

Release Modification

Cisco IOS XE Catalyst SD-WAN Release 17.7.x

This command was introduced.

Cisco IOS XE Catalyst SD-WAN Release 17.10.1a

Added the subregion option.

Usage Guidelines

Example

The following example configures a device to region 1, subregion 5.

system
 system-ip 192.0.2.1
 domain-id 1
 site-id 1100
 region 1
  subregion 5

region access, region core (Multi-Region Fabric)

To configure a border router in a Multi-Region Fabric environment that is performing route aggregation to advertise the routes specifically to the core region or access region, use the region access or region core commands in VRF configuration mode. To cancel the configuration, use the no form of the command. For a border router performing route aggregation, we recommend configuring either region core or region access.

advertise aggregate prefix aggregate-only region { access | core }

no advertise aggregate prefix [ aggregate-only ] region { access | core }

Syntax Description

aggregate-only

Use aggregate-only to advertise only the aggregate prefix and not the component routes included within the range of the prefix.

region {access | core}

When using route aggregation on a border router, advertise aggregated routes to the access region or to the core region. If you do not specify the region, the border router advertises the aggregated routes both to the access region that it serves and to the core region.

Command Default

The command has no default.

Command Modes

VRF configuration (config-vrf-vrf-number)

Command History

Release Modification

Cisco IOS XE Catalyst SD-WAN Release 17.11.1a

This command was introduced.

Example

The following example, executed on a border router in a Multi-Region Fabric environment, advertises aggregation of routes defined by the 10.0.0.0/8 prefix. The border router advertises the routes to its peers in the core region. This is useful for aggregating routes for access region devices in the 10.0.0.0/8 range to reduce the number of routes that must be advertised in the core region. 

Device#config-transaction
admin connected from 127.0.0.1 using console on vm11
Device(config)#sdwan omp
Device(config-omp)#address-family ipv4 vrf 1
Device(config-vrf-1)#advertise aggregate 10.0.0.0/8 region core

The following example, executed on a border router in a Multi-Region Fabric environment, advertises aggregation of routes defined by the 10.0.0.0/8 prefix. The border router advertises the routes to its peers in the access region. This is useful for aggregating routes for core region devices in the 10.0.0.0/8 range to reduce the number of routes that must be advertised in the access region. 

Device#config-transaction
admin connected from 127.0.0.1 using console on vm11
Device(config)#sdwan omp
Device(config-omp)#address-family ipv4 vrf 1
Device(config-vrf-1)#advertise aggregate 10.0.0.0/8 region access

role (Multi-Region Fabric)

To configure a device role as border router for Multi-Region Fabric, use the role command in system configuration mode. To configure a device to the default edge router mode, use the no form of this command.

role border-router

no role

Syntax Description

border-router

Configure the device role as border router.

Command Modes

System configuration (config-system)

Command History

Release

Modification

Cisco IOS XE Catalyst SD-WAN Release 17.7.1a

Command qualified for use in Cisco SD-WAN Manager CLI templates.

Usage Guidelines

The command does not have an option for setting the role to edge router. The default role is edge router, so you can use the no form of the command to configure the device role as edge router.

Configure a device role as border router.

Device(config)#system
Device(config-system)#role border-router

Configure a device role as edge router.

Device(config)#system
Device(config-system)#no role

transport-gateway (Multi-Region Fabric)

Use the transport-gateway command in system configuration mode to enable transport gateway functionality on a device. Use the no form of the command to disable this functionality.

transport-gateway enable

no transport-gateway enable

Command Default

By default, transport gateway functionality is disabled.

Command Modes

System configuration mode (config-system)

Command History

Release Modification

Cisco IOS XE Catalyst SD-WAN Release 17.8.1a

This command was introduced.

Example

Device(config-system)#transport-gateway enable