Fundamentals of SD-WAN

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
[Music] hey welcome back to the channel everybody this is Kevin and it's a days video we're gonna take a look at another topic from the encore exam that's a Cisco exam number 350 - 4 0 1 and in this video our other instructor Charles Judd is going to be walking you through the theory and implementation of SD LAN software to find a wide area network winds have come a long way since I used to work with them back in the 90s where we had dedicated leased lines and frame relay circuits and even ATM circuits we got into MPLS later on Cisco came out with I ran the intelligent win but with their acquisition of VIP tella we're getting really fancy now with SD LAN and Charles is gonna tell you all about it in the upcoming video by the way if you like this video please do us a favor and click like and below the video and also subscribe but to make sure you don't miss any of our weekly training videos now here's Charles Judd to teach you all about the implementation of SD one enterprise LAN connections allow us to interconnect main offices with branch locations among other things and that allows us to share resources we can share access to centrally located data services or applications traditionally dedicated circuits have been used to achieve this connectivity things such as a frame relay or MPLS although these provide reliability and security for the connection our modern networks require some rethinking of this cloud usage as we know is on the rise so we need ways to simplify the management of wide area networks we also need a way to include our cloud resources more and more enterprises are using cloud-based storage and that's why SD wanne is also on the rise SD win stands for software-defined wide area network as the name suggests this uses software to control and to manage the interactions between branch locations and our central resources when we're looking at the function of SD LAN one of the big advantages is that there's no longer than need for backhauling your traffic and when we say backhauling your traffic we mean that historically with these dedicated circuits traffic would have to go from the branch back to the main site no matter what type of traffic it was whether that was when Internet traffic whether that was traffic destined for shared resources whatever that is all the traffic was back hauled over that way in connection to the main office so that offers the potential for saturation of the LAN connection instead we want to look here at what SD win allows us to do if we take a look at a very simplified topology we can see that we have a branch location connected over an MPLS circuit which is a traditional Whang connection method that's connected back to a data center at the data center we have some advanced security and inspection happening so that's why we would tunnel all of our traffic from the branch back to the data center for inspection now in this traditional LAN setup all of the traffic from the branch is back hauled to the data center for those security services that includes traffic destined to the cloud or the public Internet and traffic destined locally within the organization as well so as we mentioned and as you can probably imagine this can cause a myriad of performance issues and delay depending on your circuit speed it can cause some bandwidth issues on the MPLS connections SD when addresses this by its ability to interact with all kinds of cloud applications more and more our applications are going cloud-based think of how cheap and easy AWS storage is now and how office 365 has turned to a cloud platform for enterprise email access SD win can easily interact with applications like AWS Dropbox as your office 365 and many many more so this means that hosting applications in either public or private clouds will allow direct traffic between the cloud application and the branch location it will allow that rather than back hauling all of the traffic through a central data center that's a big reason that we're moving more and more toward SD when SD win solutions can intelligently control the path of traffic in order to optimize traffic flow and to reduce unnecessary bandwidth in our networks now you might be wondering what happens to the security inspection services since that traffic is now not being routed through the data center any longer that's been addressed as well because most SD when offerings now provide end-to-end traffic encryption and inspection additionally more and more next-generation features are being added things such as anti-malware systems and botnet intervention many features that you would see on next-generation security devices another big advantage of SD lan solutions is that they provide traffic transport independence and in order to understand that we need to understand the difference in an overlay network and an underlay network and underlay network is simply the physical network infrastructure responsible for the delivery of packets we see that here in this example we have several sites and a data center all interconnected by physical infrastructure sd1 on the other hand that is a type of overlay network and overlay networks are simply a virtual network built on top of an underlay network or built on top of the actual physical infrastructure overlay networks aren't anything new those have been around for a long long time overlay networks even include things like voice over IP or VPNs those run on top of the Internet as an overlay with sd1 as the overlay network this gives us transport independence and by this we mean that our LAN connections can be made up of all different types of connection combinations we might have some LTE connections we might have serial connections wireless connections satellite connections MPLS it doesn't matter what's running as our underlay network because SD Wang solutions can very intelligently and coherently choose the best data path transmission and that's great news for as network administrator's because it simplifies our job even further now that we understand what sd1 is and why that's being increasingly used in our modern enterprise networks in our next video we want to take a look specifically at Cisco's s dewayne solution and how we would see that commonly implemented in an enterprise network as we take a look at sd1 implementation we want to specifically examine the recommended Cisco based solution at the time of this recording that is Cisco's sd1 based on VIP Atilla cisco acquired the VIP tella company in 2017 which provides a cloud-based sd1 solution this is recommended to be used in conjunction with Cisco's DNA Center and that will allow you to leverage automation and virtualization capabilities within Cisco SD when we can break this down into four planes the data plane the control plane and the management plane which are probably familiar with from traditional networking models and the fourth plane known as the orchestration plane this is essentially shared with the management plane there are four different solutions within Cisco's SD when created to manage each of these four different planes the first is Cisco Vee managed which is very simply the GUI interface for managing the Cisco SD win solution this is where you would perform configuration monitoring and provisioning then there's Cisco's V bond which controls the orchestration plane it's the job of V bond to understand how the network is constructed and to make sure all of the interconnected components can work together one of the big capabilities here is something called zero touch provisioning this means that when an SD when capable router is introduced into the network Cisco's V bond can remotely provision the router from anywhere without the need for an administrator to take any action at all so that's super helpful for us as administrators next we have Cisco's V smart which resides within the control plane this is thought of as the brain of the sd1 solution as we create policies envy manage as an administrator creates those policies the V smart component is responsible for the enforcement of the policies those policies are also shared with other SD when routers and locations in our network route information from branch locations are received via the overlay management protocol or OMP these Mart can use the known policies against these routes to control the traffic flow through the SD WAM fabric and finally in the data plane we have the actual LAN edge routers themselves which are responsible for establishing the network and for forwarding traffic these devices can be either physical or virtual or we can have a combination of those these SD when capable edge routers are referred to as cisco v edge routers let's take a look at a very common way that we might see this implemented here we see a sample topology within which we have a main campus location a couple of branch locations a physical data center and a cloud data center all of these are interconnected through various means we see MPLS we see LTE and we see satellite connections creating this network of sites again remember that SD wanne is an overlay technology and that provides transport independence so in other words it doesn't matter what the physical underlying network infrastructure is as we see here Sdn can work with any and all of that at each of these locations we would have a LAN edge router a cisco v edge device and these routers form IPSec tunnels with each other in order to create the sd1 overlay network this is going to make up the data plane that we discussed a bit earlier also recall that all of the control elements we discussed earlier Cisco's V managed V bond and V Smart secure control channels would be established between each of these elements and each one of the LAN edge routers and that would be used for provisioning and for configuration of the devices as for the edge routers themselves these can be either a hardware or software platform hardware platforms includes cisco v edge routers running on the VIP tella operating system and certain integrated service router and aggregation service router models virtual platforms include the v edge cloud router running VIP tella OS and cloud services router models running iOS xes deewan software so that's a look at Cisco's SD wanne based on VIP tella and how we would commonly see that implemented in an enterprise network [Music] you [Music]
Info
Channel: Kevin Wallace Training, LLC
Views: 207,390
Rating: undefined out of 5
Keywords: SD-WAN, SDN, SD-Access, ENCOR, 350-401, ccnp, ccna, ccie, cisco cert, #kwtrain, mpls, dmvpn, viptela
Id: cos4ujj80iI
Channel Id: undefined
Length: 12min 12sec (732 seconds)
Published: Tue Feb 11 2020
Related Videos
What is SD WAN (and why it's replacing MPLS)
Steve Murphy
43K
Cisco ENCOR (350-401): VXLANs
Kevin Wallace Training, LLC
42K
3. Introduction to SDN (Software defined network) - SDN and Openflow Architecture
TelecomTutorial info
160K
Fortinet Secure SD-WAN 7.0 Demo | SD-WAN
Fortinet
17K
Network Basics - VLANs
Kevin Wallace Training, LLC
4.8K
What is SD-WAN? say GOODBYE to MPLS, DMVPN, iWAN... w/ SDN, Cisco and Viptela
NetworkChuck
485K
Why does SD-WAN separate the "control-plane" from the router❔ (What did the router do)❓
Keith Barker - The OG of IT
20K
CloudGenix Secure SD-WAN: Best-of-Breed
Tech Field Day
4K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.