• Section 1:  Enabling a VMware SD-WAN Lab Instance and Accessing the RDSH Jumpbox
• Section 2:  Accessing the Connections Home Page and Orchestrator (VCO)

This page will display the Profiles that are already created and how many Edges theyre being used by. The Quick Start Profile is a default profile that isnt used in this lab. The Branch Profile is being used by the NYC and SFO branches. The data centers are each using their own profile.

With VMware SD-WAN, all configurations start with a Profile. The Profiles provide a configuration template that can be applied to multiple Edges. When an Edge is attached to a Profile, it inherits the configuration so that only the site-specific information such as IP addresses will be required. Future configuration updates are also automated because any changes made to the Profile will be pushed to all the Edges attached to that Profile.

In this lab environment, there are four profiles that are already created but with minimal configuration. In the following steps, well introduce you to our Profiles in the Orchestrator.

1.   In the Orchestrator, select the Configure tab and then on the left menu, select Profiles.

This page will display the Profiles that are already created and how many Edges theyre being used by. The Quick Start Profile is a default profile that isnt used in this lab. The Branch Profile is being used by the NYC and SFO branches. The data centers are each using their own profile.

2.   From the Profiles page, select the DC1-Hub-Profile

This should bring you to the Device configuration where you'll find configuration for interfaces, VLANs, routing, overlay tunnels, and any other general networking features.

3.   On the DC1-Hub-Profile, scroll down to and expand the Cloud VPN section under VPN Services.

The Cloud VPN configuration controls how overlay tunnels are built between Edges. At hubs, the only required configuration is to turn the Cloud VPN feature on. Thats because the hubs will respond to the branches that attempt to build tunnels. Well explain this section in more detail later in the guide.

4.   Continue scrolling to BGP under the Routing & NAT section

This section has also come preconfigured in the lab with the local ASN and a filter list. The only thing required for BGP on a specific Edge would be adding the neighbor information.

After the Profile is configured, an Edge can be deployed. The Edge needs to be attached to a Profile and then any site specific information added such as IP addresses. Once the specific Edge configuration is completed, it can be activated.

There are two methods of activation: Auto-Activation and Email Activation. With Auto-Activation, the Edge only needs to be powered on and connected to the Internet. The email activation requires a user at the site to connect to the Edge and then click a URL that was provide by the Orchestrator. While the email activation does require a manual step, its made with non-technical people in mind that may be doing the installation. It also supports automatically provisioning static IP addresses whereas Auto-Activation will require DHCP on the Internet circuit. More info on both methods can be found in the References section.

All of the Edges in this lab have already been created and activated. To demonstrate the process of provisioning an Edge, well walk through creating a sample Edge in the following steps.

1.   In the Orchestrator, select the Configure tab and then on the left menu, select Edges.

This screen will display all Edges that are configured, what Profile they're using, their software version, and other information. You should see the six Edges that already created for the lab here.

2.   On the Edge configuration page, click Add Edge.

The Provision an Edge screen will appear and allow you to configure the Edge Name, model, profile, and other options.

For this example, add the Edge with the following information, everything else can be left default for now:

• Name: Test-ZTP
• Model: Virtual Edge
• Profile: Branch Profile
• Edge License: ENTERPRISE 10 Gbps

3.   Click Next and then on the following screen, click Add Edge

4.   Explore the Edge configuration that was inherited from the Profile.

After adding the Edge, you’ll be taken to the device configuration page. Before the Edge is activated, you’ll see the activation key displayed at the top of the page. We also haven’t added much to the Branch Profile yet but you can still see some differences from the Profile configuration in the previous section. For example, you won’t be able to make many configuration changes here because we want to enforce standardization across your sites whenever possible. When a site does need a unique configuration that differs from the Profile, you can use the Override check box.

5.  Go to the Overview tab

When using the email activation method, this is done from the overview tab. After sending the activation email to the on site personnel, they’ll connect to the Edge and click the URL provided in the email. This URL will tell the Edge the Orchestrator name, the activation key, and will automatically provision any static IP addresses for Internet circuits.

For physical device redundancy, there are two different options depending on the use case.

High Availability (HA) operates by connecting two Edges together that become mirror images of each other and are managed and configured as a single device. The Edges are deployed to a site as a pair and will be in an Active/Standby mode. If the Active Edge loses connectivity or a physical interface goes down, well failover to the standby device. While the Edges are in an Active/Standby mode, its important to note that well use all WAN circuits as Active/Active even when theyre connected to our Standby Edge.

While Clustering does provide redundancy, the main use case for clustering is for scale. HA is limited to the scale of a single device whereas clustering essentially combines the resources of multiple Edges. All devices in the cluster are Active and will be managed separately. The Orchestrator will automatically control which cluster member that branch Edges will build tunnels to.

Due to limitations of this lab environment, we cant show HA but well configure Clusters for the two data centers. For more information on HA, please see the references section.

In this reading exercise, you will understand how interfaces are configured in VMware SDWAN.

The exercise will review the interface configuration on DC1-VCE-01. The steps can be followed to review configuration on other Edges.

1.  Navigate to the Configure tab and then click Edges on the left panel.

2.   Select DC1-VCE-01. The device tab on the edge will be visible.

3.   Scroll down and expand the Interfaces section under Connectivity. This will list all the interfaces on the Edge. Review the following

a. Interfaces GE1 to GE8 are listed. This will depend on device type. For device type = virtual, these interfaces will be listed.

b. GE3 has a DHCP address, WAN link is configured as ‘Auto-Detect’. This is the Internet facing WAN interface.

c. GE3 has a Static address, WAN link is configured as ‘User Defined’. This is the MPLS facing WAN interface.

d. GE2 has a Static address, WAN link is not enabled. This is the LAN facing interface of the Edge.

4.   Click on GE3 and this will bring in the interface specific configuration on this interface.

Notice that ‘Enable WAN Link’ is checked.

5.   Scroll down to the IPv4 Settings to look at addressing information. Notice that ‘Addressing Type’ is set to DHCP.

6.   Click on CANCEL to go back to the Interfaces list. Click on GE4.

7.   Notice that ‘Enable WAN Link’ is checked.

8.   Scroll down to the IPv4 Settings to look at addressing information. Notice that ‘Addressing Type’ is set to Static with an IP Address, CIDR Prefix and Gateway configured.

9.   Click on CANCEL to go back to the Interfaces list. Click on GE2. Notice that ‘Enable WAN Link’ is not checked.

10.   Scroll down to the IPv4 Settings to look at addressing information. Notice that ‘Addressing Type’ is set to Static with an IP Address, CIDR Prefix and Gateway configured.