5.2 Understanding TLOC Extension, Part 1 Overview

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
[Music] hello my name is David Clemen ah've I'm a technical marketing engineering leader in a Cisco Sdn organization and today we're going to talk about the tillich extension which is one of the features of the Cisco ST one that really focuses on the branch and the high availability feature of the branch today with us we have nickel epitaphs who's going to take us through the topic take it away Nikolay thanks David hi my name is Nikolai pitaya I'm technical marketing engineer responsible for Cisco Estevan and David you know it's first time we can do the whole presentation in Russian and English moment so till of extension let's start and basically look at the agenda I would like to start with a problem description what does it mean what is a problem we're trying to solve then spend one slide about solution high-level view and then cover five different use cases from real-life experience and last but not least I would like to give you a couple of CLI and troubleshooting hints how to troubleshoot a couple questions related to keylock extension but first let's start with a problem description what is exactly the problem we are trying to solve and let's have a look at the branch which is connected to the Internet and MPLS so we have at this particular branch two routers and you need two routers for redundancy so you want to be connected to the internet on one hand and two MPLS on the other hand the question is normally you will have every router connected to all transports so you will need four different links and the problem and the question here is hey can I save costs because I have to pay to my ISP for connectivity for Internet and MPLS and I need four different links the question here is hey can I eliminate cross links you see here in red so can I eliminate both cross connects and somehow have connectivity to the other transport because I still have this link on my land side so the question we got from customers is hey guys can you make it happened can you can I use this cross link and extend my MPLS to route a and can extend Internet to router B so that's the main question it's not about fancy technical user experience or something like that it's purely about cost saving now let's have a look at the solution how we will do this as I mentioned we will using cross connect on the land side and we will run a tunnel so we will have a tunnel from router a to router be extending in this case Internet connectivity you see the Green Line to the router B and logically a router B will be connected to both transports so it will think hey I have a connectivity to Internet that's a green dotted line over the lam link and then my standard MPLS connection on the right side and the second question will be can I do symmetric solution can I extend MPLS across the same link to the router a and the answer is yes so you can do it in two ways you can do it from left to right and then you can do it from right to left that's a high level solution description and then we can talk about some details like hey do I need dedicated links or can I use the same link the same landling for both Tillich extensions and the answers yes so basically you can work with VLANs so you can use just one Gigabit Ethernet link and do one VLAN for Tillich extension from internet to the router be and use a second VLAN for the till extension point pls to the router a or it's depending on your traffic profile scale numbers you can use dedicated links so in this case you will have two different physical links for Tillich extension I have a question Nicolai so in this case would you directly connect a and B with a cable or would you go through a switch to have options right so basically it's all about connectivity how can i connect router and router B and you have options as you mentioned you can run just one link and do it directly as a cross connect or you can also use a switch it depending on your branch infrastructure and bridge the port you can do both okay so if I have a router model that doesn't have that many physical interfaces then I guess I can use sort of sub interfaces with dot1q and just use kind of an intermediate switch so I'm not burning as many physical interfaces on the router exactly exactly alright any other questions before well no it's good cool so always we have the question hey guys why you have this name Killick extension what does it mean because actually we're just extending transport and you know it kind of came from engineering it's not like marketing name ultra mega redundancy extension and giving your best options now best name came from engineering and it's basically from OMP so OMP is our overlay management protocol we are using in the whole estiven solution until contention is basically it's very similar to BGP next-hop so if you have familiar with BGP then basically you're chilling extension is just your BGP next hop and keylock carries three different components it's the system IP we have a color and we have encapsulation but it's just you know more for your reference if you want to keep it short then basically this is your long story short you can simply name it transport extension that's the same so don't be confused by chilled extension it's really just about extending your transport across the land link to the second router on the same breath now we have different use cases from real-life experience and I have a summary on the table five different use cases we have for you and then we will jump into next slides and I have one slide per use case why I'm doing this because this is really how customers are using two extension in production so I have different use cases on the left side and it's all about different transport so if you will think about dual internet extension or dual internet chill extension then you have is p1 providing your internet access and you have isp be providing you also internet access and then you have a combination between Internet and MPLS and your MPLS can be static meaning static IP routing or it can be dynamic by dynamic I do mean BGP OSPF routing protocols running on MPLS side and then last but not least you have dual MPLS scenario where you have MPLS provider provider and MPLS provider B so keep in mind this variety it's not really you know the whole life in the table but I see five use cases written here as the most common use cases for children's mansion so let's jump into the first one here I do have on my branch side is p1 an isp to providing internet service and i do have two routers when h 1 and 1 h 2 only one connection I don't have any cross connect that's why I'm doing T lock extension and I have a cross connect here like Gigabit Ethernet 0 1 going to Gigabit Ethernet 0 1 on the second router I will be using this link for my Tillich extension so now in green you will see default route so I have two different default route on left router pointing to is P a and the second route goes to my second one edge and this is for the first yield extension what you do for the second direction remember we want to extend both transport we're extending SP a to Van h2 and is PB 2 1 H 1 that's why I have the second static route into this direction and last but not least you need to run network address translation on both sides why if you are using private IP addresses you have to net private IP addresses to public IP in order to reach your controllers and then to reach your internet so that's basically this node and I do have one troubleshooting hint for you because later on if you setting up it in your lab what is the first thing you do you do pink and pink normally will not work by default you have to enable once dedicated CLI respond to pinging and the net configuration I have it on my slide later on but that's the main point to remember in relation to network address translation if you're doing pink you have to enable this okay so so just I so I understand here and if I take an example let's say an extension for ISP a so I have this t4 which is basically a tea lock and number four and so that interface between the two routers could be using the private IP space so when I communicate out from t4 out I need to net that that subnet so the return traffic can come through T 1 into T 4 exactly exactly that's that's the point so you mentioned T 4 this is this guy right and if you are using private IP addresses and you don't want to run public IP on that cross link then this is your point was network of translation here so you'll be doing T 4 to T 1 in order to go out so that's the point ok right ok so that's quite simple remember if you have dual internet case with two eyes peace providing you internet access then you'll be doing that with address translation and that's it now let's have a look at Internet and MPLS use case so you still have on the left side your internet service provider one and now on the right side you have MPLS provider this is what you see here in red and you will see couple of lines in red just to reflect changes to the previous slide so no changes to internet tiller extension same configuration you still advertise default routes all the same but now you have static route on the MPLS side pointing to t2 IP address t2 is the IP address of the Gigabit Ethernet 0 1 this is the key for MPLS kill extension this IP address must be known on your MPLS cloud recently we have high top-level escalation call with a big customer d-link was killed extension problems in real life network and guess what we figure out that this t2 IP address was not advertised properly on the MPLS Bob backbone and that was the reason why 10 sides had some issues connectivity issues and basically the whole setup was till extension was not working properly so please remember make sure that t2 IP address is known on the MPLS cloud in this case you are doing this with a steady crowd and later on you will see it's the same trick same message make sure that this is advertised by OSPF of BGP so let me let me understand the the use case sort of the the details of it so so I have this branch or remote location here with two routers during the tail up extension and then I have another site another sqn site that has connectivity to the MPLS carrier and I'm trying to build the Sdn connectivity the tunnel across the MPLS network and what you're saying I need to reach t2 yes so so my traffic flow my tunnel is going to get established through MPLS to the t3 interface and get extended to t2 right exactly it's not the best picture but that should be a router okay so this router is also connected to MPLS it's an SD website as event site and now this guy needs to talk to t2 if t2 is not know on the impeller side there is no way to establish a connectivity sure and that's the key point the key trick on silk extension for MPLS that's what you need to know does make sense it does so I guess the service provider needs to make sure that the t2 IP address is advertised throughout the MPLS network it's something you kind of work with the service provider because you're not exchanging and it's dynamic routing with them so they need to make sure they point the static and then maybe redistribute into their MPLS Network yes and as I mentioned the same configuration for network address translation on the isp side as we discussed on the previous slide nothing changed here next use case is very similar to what we discussed on the previous slide the only difference is here I'm running routing protocol OSPF or BGP that's why we have here dynamic and normally you will have loopback for routing protocol on that case so here you can run OSPF or BGP and then basically that will help you to advertise t2 to MPLS it's all about reach ability and I would say 90% of T local extension troubleshooting issues are related to standard routing it's nothing about viewers it's nothing about everywhere roaring it's a simple just a standard routing which we know since 2025 years and that's the main source of specific problems if you are not advertising here t2 properly to MPLS so I'm running dynamic routing protocol with my service provider yes in this case yes and again nothing changed on the isp side you are still doing that address translation for this internet extension for eligibility of t4 can you explain a little bit about the loopback interface what's the is it the same Lubeck as I would know from the non-st when routers like what's the use case behind a little back interface here like why do why do we say we have to move the t lock into the into the loopback interface well it's a standard recommendation if you go back to the standard bgp routing we always recommend to run BGP to establish a BGP session between the loop back because loopback will never go down it will stay always up and that's the main point if you have some in physical interface flapping you don't want to make your BGP peer nervous you want to stay up and that's why we are using loopback so there's no special reason just a best practice recommendation we have with loot bags they will always stay up now we have dual MPLS use case so now I don't have internet service provider I do have MPLS a and MPLS B in this case I'm not running routing protocols BGP or SPF it's similar to static routes we had on use case - I have to advertise static routes on one side and now I have to advertise static route to t4 on the other hand that's only difference remember in case of Internet I had network address translation to make sure that t4 can go out using t1 net at IP address and now I'm doing the same trick on this side what I did on MPLS B and that's why I don't have any network address translation here known that and I guess we should have said that the color should be MPLS MPLS am yes exactly and for the dynamic use case I still have MPLS provider 1 and MPLS provider B but the only difference now I'm running routing protocols like BGP or SPF on both sides I have dynamic routes to t2 and t3 on on this side and t1 and t4 diced on MPLS a that's it so last slide on configuration followed by the second last slide on troubleshooting is how to configure it and we will see later on during demonstration how to do it in the V managed in using the graphical user interface but my personal view is you need to see CLI first in order to be able to configure a GUI properly that's why I would like to start with configuration example for CLI even later you we'll see graphical user interface still I strongly believe that CLI will help you a lot to understand your extension so let's have a look at router a in this case I have all configuration done on the under VPN 0 I have my land cross connect which I have to know shut so I have to enable this interface and then I'm using sub interfaces remember we discussed in the beginning can I use sub interfaces different VLANs can I use dedicated links and you have all options here we are not restricting you we're not forcing you to have dedicated rings so in this case it was just a functional setup and I'm not worried of scale and traffic that's why I have villain 704 which I'm using for my cue extension and that's it on the router b-side I still have my cross connect and I have my MPLS link so this Gigabit Ethernet 0 1 goes to your MPLS cloud to your MPLS provider and then what I'm doing is this is the main configuration line and by the way for the full configuration you need just one line Killick extension Gigabit Ethernet 0 1 so what you are doing is you are sending traffic using VLAN 704 from router a to router B it goes to this interface that's my land cross connect and using just one configuration line I will forward this to MPLS that's the whole idea that's whole configuration Creators happened face or create your dedicated link and on the router be just a silk extension and then name the interface which is pointing to your MPLS cloud that's it same on GUI you will see it later in the demonstration it's under advanced features in the VPN configuration VPN interface you just need to enable to your extension and then define the interface name remember in my case it was GE 0 1 so I have to put GE 0 1 here that's it last slide before we will wrap up is the troubleshooting guidance as I mentioned if you are dealing with internet killed extension first thing in the lab you will try to do just to check if your configuration is working or not is pink and pin will fail because this CLI respond to pink the same for the GUI is not a default so if you want to enable pings please configure respond to pink and that's it because as I mentioned chill extension is more routing plus just one configuration line that's it you would see was very good nicolai thank you very much for this insightful where lesson so today we looked at the tiller extension feature of the Cisco Sdn and we we looked in the beginning as to why we need a tiller extension and we really made an emphasis on the cost-saving element of it and also the simplicity that is required to provision the branch the redundant branch connectivity where you have multiple circuits that are landing at that branch site and you have multiple routers and you want to make sure you use them in an active-active fashion even though they're connected to two different sty and when edge routers so we looked at the cost saving element of that we looked at different use cases as to which circuits those could be whether that's a dual Internet connectivity a dual MPLS connectivity or a mix of Internet and MPLS and we looked how the telic extension can operate in in both both both cases or all the cases with that we've gone through and lastly we looked at some of the configuration elements and gave you some information around some of the troubleshooting tips so I hope you enjoyed this video and have a great day you
Info
Channel: 鴻愜意
Views: 1,311
Rating: undefined out of 5
Keywords:
Id: w5QQSX_y-cU
Channel Id: undefined
Length: 26min 29sec (1589 seconds)
Published: Thu Jun 18 2020
Related Videos
AZ-104 Microsoft Azure Administrator Associate Certification SUPER Study Cram
John Savill's Technical Training
51K
5.6 Cisco SD WAN Cloud onRamp for IaaS, Part 2 Configuration Overview
鴻愜意
634
1. Introduction to Superposition
MIT OpenCourseWare
2.7M
What is Cisco SD Access, Cisco SDA Training for Beginners
I-MEDITA (IT Training Academy)
5.2K
Special Lecture: F-22 Flight Controls
MIT OpenCourseWare
2.2M
5.5 Cisco SD WAN Cloud onRamp for IaaS, P 1 Overview and Operation with Amazon Web Services AWS and
鴻愜意
2.3K
Bidirectional Forwarding Detection
Kevin Wallace Training, LLC
10K
What is SD-WAN and why do you need it? Quick Explainer Video
Dell
122K
Cisco Viptela SD WAN Hub and Spoke Topology: Hands-on Lab
BlueMap Training
580
How To Speak by Patrick Winston
MIT OpenCourseWare
5.2M
you need to learn Kubernetes RIGHT NOW!!
NetworkChuck
488K
How to avoid death By PowerPoint | David JP Phillips | TEDxStockholmSalon
TEDx Talks
3.6M
Kubernetes Tutorial for Beginners [FULL COURSE in 4 Hours]
TechWorld with Nana
2.6M
5.1 Cisco SD WAN Cloud onRamp for SaaS, Part 1 Overview and Operation
鴻愜意
1.6K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.