The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
A transport gateway operates as the hub in a hub-and-spoke routing topology. It offers the advantage of achieving this topology
without requiring complex routing policy configuration. The following are some uses of a transport gateway:
Providing connectivity to routers in disjoint underlay networks
Serving as a gateway (hub) for all traffic in one discrete network to reach another discrete network, such as directing all
local network traffic to a cloud gateway
Information About Transport Gateways
A transport gateway connects routers that may or may not have direct connectivity. A common use case for transport gateways
is to provide connectivity between routers in disjoint networks, such as between a physical LAN and a cloud-based network.
Without a transport gateway, one method of configuring indirect connectivity for these routers is to create a control policy
that configures routes through an intermediate device with connectivity to both networks. This provides indirect connectivity
between the disjoint routers. This approach has the following problems:
Complexity: Configuring a control policy to advertise prefixes is complicated.
Potential unavailable traffic endpoint: The control policy cannot detect whether a device or a configured route is unavailable.
This can lead to packet loss if a route becomes unavailable.
Configuring a router to operate as a transport gateway solves the same issue, but with a simpler configuration process.
Figure 1. Transport Gateway
Hub-and-Spoke Topology
In the context of Cisco Catalyst SD-WAN, you can efficiently configure a hub-and-spoke routing topology by using transport gateways as hubs. This enables you to
create the hub-and-spoke topology without requiring complex routing policy configuration. For information, see Hub-and-Spoke.
Re-originating Routes
When a router is configured to function as a transport gateway, it does the following for each route that it learns from the
Cisco SD-WAN Controllers:
The transport gateway re-originates each route, substituting its own TLOCs as the next hop for the routes. This means that
it substitutes its TLOCs as the next hop for each route.
The transport gateway advertises the re-originated routes to the Cisco SD-WAN Controllers.
The transport gateway attaches its own affinity attribute to routes that it re-originates. In scenarios in which routers in
the network have re-originated routes available from more than one transport gateway, the routers apply affinity group preference
logic to choose a route.
In the following illustration, E11 advertises prefix P1 and E22 advertises prefix P2. E11 and E22 are disjoint—they do not
have direct connectivity. The transport gateway re-originates routes from E11 and E22, providing a P1 route to E22 and a P2
route to E11.
Figure 2. Transport Gateway Re-Originating Routes
Site Type
One part of configuring networks to use transport gateways is assigning a site type parameter to routers in the network. Site
type helps to classify the intended function of a router, helping to define its position within the topology. Site type values
include br, branch, cloud, spoke, type-1, type-2, and type-3.
After assigning site types, you can configure routers to prefer a transport gateway path only for traffic destined to a specific
site type. This provides greater granularity when configuring a preference for transport gateway paths.
Site types are arbitrary, with no specific meaning, except br (border router) and spoke, which have specific uses for Multi-Region
Fabric or intent-based hub-and-spoke topology, respectively.
Site Type Inheritance
Every OMP vRoute and TLOC originated from a router inherits the site type attributes of the router.
OMP Best Path Logic and Transport Gateway Path Preference
In general, when multiple paths are available between two routers, the overlay management protocol (OMP) applies best path
selection logic to choose the best path. The best path selection logic is biased toward paths with fewer hops.
When you have configured a transport gateway, you can configure routers to apply a specific preference for transport-gateway-re-originated
paths, if available. This alters the OMP best path calculation to include the transport gateway, according to the details
of the configuration, as described below.
(This is the default behavior.) Prefer a direct path.
Prefer Transport Gateway Path
No
Prefer a transport-gateway path over a direct path.
Prefer Transport Gateway Path
Yes
For a transport-gateway path that matches a specified site type, prefer a transport-gateway path over a direct path.
For a transport-gateway path that does not match a specified site type, prefer a direct path over a transport-gateway path.
Do ECMP Between Direct and Transport Gateway Paths
No
Treat a direct path and a transport-gateway path as equal.
Do ECMP Between Direct and Transport Gateway Paths
Yes
For a transport-gateway path that matches a specified site type, treat a direct path and a transport-gateway path as equal.
For a transport-gateway path that does not match a specified site type, prefer a direct path over a transport-gateway path.
Multiple Transport Gateway Options
As described earlier, a transport gateway attaches its own affinity attribute to paths that it re-originates. In scenarios
in which routers in the network have re-originated paths available from more than one transport gateway, the routers apply
affinity group preference logic to choose a path.
Consider direct paths and transport gateway paths as equal.
The following figure shows how routers in a network can operate with a transport gateway, preferentially directing all traffic
or specific traffic through transport gateway routes.
Figure 3. Edge Routers and Transport Gateway Path Preference
The devices in the illustration are configured as follows:
Device
Configuration
E0
Configure as a transport gateway.
By feature template:
In a Cisco System template, use the Transport Gateway field.
By CLI add-on template:
system transport-gateway enable
E1
Configure the site type as type-1.
By feature template:
In a Cisco System template, use the Site Type field.
By CLI add-on template:
system site-type type-1
For best path, configure a preference for transport gateway routes.
By feature template:
In an OMP template, use the Transport Gateway Path Behavior field. Choose the Prefer Transport Gateway Path option.
By CLI add-on template:
omp best-path transport-gateway prefer
E2
Configure the site type as type-1.
By feature template:
In a Cisco System template, use the Site Type field.
By CLI add-on template:
system site-type type-1
For best path, configure a preference for transport gateway routes for traffic to type-2 devices.
By feature template:
In an OMP template, use the Transport Gateway Path Behavior field. Choose the Prefer Transport Gateway Path option. In the Site Types field, choose type-2.
In a Cisco System template, use the Site Type field.
By CLI add-on template:
system site-type type-2
For best path, configure a preference for transport gateway routes for traffic to type-1 devices.
By feature template:
In an OMP template, use the Transport Gateway Path Behavior field. Choose the Prefer Transport Gateway Path option. In the Site Types field, choose type-1.
Resource demands of transport gateway functionality
Because of the resource demands of transport gateway functionality, we recommend enabling this only on a high-performance
device with CPU and memory resources to handle the additional load. The specific resource requirements depend on your networking
environment.
Multiple transport gateways: best path
If you enable transport gateway functionality on multiple devices, edge routers apply best path selection logic to determine
the best path. This may include multiple transport gateway paths.
Multiple transport gateways: preventing routing loops
If you enable transport gateway functionality on multiple devices within network, the Cisco SD-WAN Controllers for the network do the following to avoid creating routing loops: When a Cisco SD-WAN Controller receives a route re-originated by one transport gateway, it does not advertise the route to another transport gateway. Avoiding
advertising a transport gateway route to another transport gateway prevents routing loops.
On-demand tunnels
You cannot configure dynamic on-demand tunnels for a device configured as a transport gateway. However, edge routers that
are not operating as transport gateways can use on-demand tunnels. For information about dynamic on-demand tunnels, see Dynamic On-Demand Tunnels in the Cisco SD-WAN Systems and Interfaces Configuration Guide, Cisco IOS XE Release 17.x.
Use Cases for Transport Gateways
In this use case, an organization needs to bridge a local network with a cloud services network, such as Azure or AWS. Edge
routers in the local and cloud networks lack direct connectivity.
To create a transport gateway to bridge the local and cloud networks, network administrators configure the devices as follows:
Intent
Devices to Configure
Configuration
Configure the cloud gateway router with site type cloud.
Cloud gateway router
Configure the site type as cloud.
By feature template: In a Cisco System template, use the Site Type field.
By CLI template:
system site-type cloud
Deploy a transport gateway to operate as a hub for cloud-destined traffic from devices in a local network. The transport gateway
attracts the cloud-destined traffic and routes it to the cloud gateway for the cloud-based network.
Transport gateway router
Enable as a transport gateway.
By feature template: In a Cisco System template, use the Transport Gateway field.
By CLI template:
system transport-gateway enable
Traffic within the local network uses direct routes, not transport gateway routes. Traffic from the local network to the cloud
uses a transport gateway route.
Edge routers in the local network
Use a transport gateway route for all cloud-destined traffic.
By feature template: In an OMP template, use the Transport Gateway Path Behavior field. Choose the Prefer Transport Gateway Path option.
By feature template: In a Cisco System template, use the Site Type field.
By CLI template:
system site-type spoke
The following illustration shows the topology and configuration:
Figure 4. Transport Gateway Topology and Configuration
Configure a Router as a Transport Gateway Using Cisco SD-WAN Manager
From the Cisco SD-WAN Manager menu, choose Configuration > Templates.
Click Feature Templates.
Do one of the following:
To create a new System template, click Add Template, choose a device type, and click Cisco System.
To edit an existing System template, locate a System template in the table of existing feature templates, click … adjacent to the template, and choose Edit.
In Basic Configuration, in the Transport Gateway field, choose On.
Click Save if creating a new template, or Update if editing an existing template.
Configure a Router as a Transport Gateway Using a CLI Template
For more information about using CLI templates, see CLI Add-On Feature Templates and CLI Templates. By default, CLI templates execute commands in global configuration mode.
Enter system configuration mode.
system
Enable transport gateway functionality.
transport-gateway enable
Note
To disable transport gateway functionality, use the no form of the command.
Example
system
transport-gateway enable
Configure the Transport Gateway Path Preference
The following sections describe methods for configuring a router's best path decision to handle transport-gateway-re-originated
paths.
Configure the Transport Gateway Path Preference Using Cisco SD-WAN Manager
From the Cisco SD-WAN Manager menu, choose Configuration > Templates.
Click Feature Templates.
Do one of the following:
To create a new OMP template, click Add Template, choose a device type, and click Cisco OMP.
To edit an existing OMP template, locate a OMP template in the table of existing feature templates, click … adjacent to the template, and choose Edit.
In the Best Path section, in the Transport Gateway Path Behavior field, choose Global mode and choose one of the following options:
Option
Description
Do ECMP Between Direct and Transport Gateway Paths
For devices that can connect through a transport gateway and through direct paths, apply equal-cost multi-path (ECMP) to all
available paths.
Prefer Transport Gateway Path
For devices that can connect through a transport gateway, use only the transport gateway paths, even if other paths are available.
Note
If you do not configure this field, by default, routers favor a direct path as the best path.
(Optional) Click the Site Types field and choose one or more site types to which to apply the transport gateway behavior. For information about how the Site
Types parameter operates together with the Transport Gateway Path Behavior parameter, see OMP Best Path Logic and Transport Gateway Path Preference.
Click Save if creating a new template, or Update if editing an existing template.
Configure the Transport Gateway Path Preference Using a CLI Template
Do the following on a device to configure it to use a transport gateway:
Enter sdwan configuration mode.
sdwan
Enter system OMP configuration mode.
omp
Configure the transport gateway path preference, using one of the following options:
For devices that can connect through a transport gateway and through direct paths, apply equal-cost multi-path (ECMP) to all
available paths.
prefer
For devices that can connect through a transport gateway, use only the transport gateway paths, even if other paths are available.
(Optional) Specify one or more site types to which to apply the transport gateway behavior. For information about how the
Site Types parameter operates together with the Transport Gateway Path Behavior parameter, see OMP Best Path Logic and Transport Gateway Path Preference.
Configure the Site Type for a Router Using Cisco SD-WAN Manager
From the Cisco SD-WAN Manager menu, choose Configuration > Templates.
Click Feature Templates.
Do one of the following:
To create a new System template, click Add Template, choose a device type, and click Cisco System.
To edit an existing System template, locate a System template in the table of existing feature templates, click … adjacent to the template, and choose Edit.
In Basic Configuration, click Site Type and choose a type from the drop-down list .
Click Save if creating a new template, or Update if editing an existing template.
Configure the Site Type for a Router Using a CLI Template
For more information about using CLI templates, see CLI Add-On Feature Templates and CLI Templates. By default, CLI templates execute commands in global configuration mode.
Enter system configuration mode.
system
Configure up to four site types for the router. Possible values are br, branch, cloud, spoke, type-1, type-2, and type-3.
site-typesite-type
Note
To disable transport gateway functionality, use the no form of the command.
Example
The following example configures a router site type as cloud:
system
site-type cloud
Example
The following example configure a router with site types cloud and branch.
system
site-type cloud branch
Verify the Site Type of a Router Using the CLI
Use the show sdwan omp summary command on a device to verify the site type configuration of a router. The output includes a site-type field and the configured
value.
In this example, the router is configured with a site type, spoke:
Verify a Transport Gateway Configuration Using the CLI
Use the show sdwan running-config system command on a device to check whether it is configured as a transport gateway. In the output, transport-gateway enable indicates that it is configured.
Device#show sdwan running-config system
system
system-ip 192.168.1.1
domain-id 1
site-id 11100
region 1
!
role border-router
transport-gateway enable
...
You can also use the show sdwan omp summary command on a device to check whether it is configured as a transport gateway. In the output, transport-gateway enabled indicates that transport gateway functionality is enabled.
Feedback