What is Cisco SDWAN?

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hello everyone my name is terry vinson and i'm the data center instructor for micronics training and what i thought i would do is take an opportunity to discuss some of the newer technologies that are coming out and then during that process i made the realization that it would be probably fun to create a series of videos dealing with each of them now this particular video is going to be dealing with a new solution that is called sd wan now anybody that knows anything about the network industry knows that cisco acquired the business or the company called viptela and viptela was one of the leading producers or manufacturers of a software-defined wan solution now i'm constantly getting asked two questions the first question is going to is what is sd-wan the second question is it's probably in my opinion the more important question once you understand the fundamentals behind what a software defined when infrastructure is and that's going to be what does it do for me so as a network engineer these are the two key questions that we're going to be asking ourselves when we start exploring the idea of first of all what sdn is and two when would i use it why would i use it why should it interest me as a infrastructure network engineer so what i'm going to do is i'm going to kick off this video series dealing with the very very first question that's going to be what is sd-wan specifically what is viptela cisco sd-wan there are other solutions out there among them probably the most common one is going to be vmware solution called velocloud which they also got through an acquisition just like cisco did with viptela and i intend to do a video series on vello cloud just as soon as the nsx videos are done i'm going to dive in and i'm going to talk about we're going to find out that there's again more similarities than there are differences with regard to the overall approach but the thing that we need to understand when it comes to the question what is sd lan everybody's going to have a different answer for you i'm going to tell you that sd-wan is simply a distributed switch it's a distributed switching architecture we've had distributed switching architectures for a long long time now cisco aci is a perfect example of them the vmware nsx switch that i mentioned earlier is also going to be part of it as is the vds or the cisco 1000v the ave there are a lot of different solutions but this solution that we're going to be describing here is going to be specifically for dealing with wide area network operations and functionality and it's going to bring to the party some things that are going to be very important for us to make certain that we do want to understand in case we do choose to do an implementation of this type now before i can really talk about the distributed nature of a switch what i like to do is i spend some time talking about what a normal switch looks like now from the perspective of being a network engineer a lot of times we just deal with boxes now one of the oldest boxes that we have in our inventory that we use for network functionality would be something like a catalyst switch so let's say i have say for instance an old-fashioned catalyst 6500 now the catalyst 6500 includes the box itself what we would refer to as the chassis now governing the way that our device is going to operate the chassis is actually going to provide power cooling as well as interconnectivity between all of the modules and components that go inside of the switch and it's also important to note that in the back of the switch we have a module that we're going to be plugging components into in fact a lot of times you'll hear the term backplane sometimes you'll hear the turd term mid plane used to describe this motherboard or this this um integrated circuit that's going to have slots and modules for things to plug into and we need to talk about the things that we're going to be plugging into it as an example we're going to have the opportunity to integrate things that are going to allow me to configure the switch i.e the brains of the operation the what we would refer to as control plane modules as well as what we would refer to as input output or io modules that we would integrate into this chassis to allow that this chassis to actually function now as part of this keep in mind when it comes to the control plane we typically use something like supervisor modules so whether we're talking about a catalyst switch or we're talking about say for instance the 7700 inside of the data center inventory of equipment just bear in mind that the brains of the operation is going to be the supervisor module and the supervisor module is going to be integrated into what we refer to as the control plane i o modules are going to translate to line cards and line cards are basically going to be able to provide all of my data forwarding capability now anybody that knows anything about networking should realize that what i'm describing here is a three-tiered model that's defined by the nfp guidelines the network foundation protection guidelines now nfp defines three planes of operation from the perspective of protecting them so this is more of a security concept but it applies itself perfectly when we start looking at the way devices are going to be working specifically say for instance a physical chassis like this catalyst 6500 that we're talking about and the network foundation protection guideline specifies three planes of attack when it comes to exposing our resources to the outside world and the first one on this is going to become or be determined as the management plan the management plan is going to be where we can attach to a device to be able to configure it for the most part inside of this catalyst 6500 what we would do is we would actually be connecting to the supervisor module normally more than one of them and that supervisor module would have a management ip address that we would use to configure the box and when we configure the box what we're going to be doing is we're actually going to be configuring the box at the command line or the cli now there are other ways to do it but keep in mind we do that by attaching to the management plane now when it comes to the operation of this box and the interoperation of resources connected to this box we find ourselves looking at things like different protocol types so layer two protocol type would be something expanding tree spanning tree employs message types known as bridge protocol data units that allow us to be able to discover our infrastructure discover our fabric we can agree on who's going to be in charge of specific operations whether we're talking about something like bpdus and layer 2 or we're talking about something like hello messages for a layer 3 writing protocol like ospf it really doesn't matter but all of that functionality is going to be constrained in what we call the control plane now the control plane is very very important and the control plane is one of our primary avenues of risk because it's typically the control plane that is going to be exposed to things like denial of service attacks and security and things along those lines so again it's a very very critical component and the control plane also has a tendency inside of our devices to have information stored on say for instance a logic module like a supervisor module so you'll find that management and control seems to normally be coalesced on some component and typically that's going to be a supervisor module or it's going to be say for instance a construct built into a specific line card based on things that we have in cisco called asics application specific integrated circuits that actually allow us to be able to perform functions in hardware now performing functions and hardware becomes really important for us because what we want to do is we want to be able to forward data as fast as possible so if i come in here and i insert say for instance a 48 port line card and then down here let's say i insert another 48 port line card i want those cards to be able to talk to one another and be connected to resources outside of the chassis in order to be able to communicate or send information keep in mind that as data comes into this line card i'm going to have options i could actually send it out of another port on this line card i could actually send that data out of another port on a different line card and data has to move from one line card to another and it does that in chassis and it does that by navigating the back plane we provide ample circuits in the back of these chassis to allow us to be able to communicate and this is one of the reasons that i like calling this my chassis fabric so whatever that connectivity mechanism is whether it's cross bar modules in a 7k or it's going to be the backplane module in something like catalyst 6500 these are all very important and integrated into the mechanism that allows me to be able to send data and data it should come as no surprise is actually going to be sent inside of the data plane so we have three planes of operation the management plane the control plane and the data plane and it comes as no shock that devices inside of a physical chassis have the capability of being able to communicate with one another via the back plane or via interfaces that may be connected between lying cards in the case of say for instance like a 7700 or a 7000 with regard to virtual device contexts so just keep in mind that this is the gist of the way a switch or a router functions it's divided into three planes of operation and there are components that provide specific functions in those specific planes so as an example like i said the the supervisor module houses the management ip address the supervisor module governs the ability to be able to provide resource sharing in the form of cpus and forwarding engine functionality inside of the chassis by maintaining databases now for the most part one of the things we're going to have to keep straight in our head right out of the gate is going to be the fact that in the control plane i maintain databases one of those databases could be something like my routing information base so let's say i'm running ospf now ospf is going to be exchanging information i'm going to be sending link state advertisements between devices and we're all going to be compiling a database that database is going to be called my routing information base and it's against that database that i run dijkstra's shortest path first algorithm to be able to pick best prefixes now once those best prefixes are created what ends up happening is because again i want to operate at line rate what we do a lot of times is we're going to in hardware distributed forwarding which is taking place inside of this chassis what i do is i copy that information down to the asic on the line card and then i use that asic to be able to provide line rate forwarding capability and we call that database something else we call it the forwarding information base so whether we're talking about mpls in the form of the label information base and the the lfib the label forwarding information base just understand that these databases exist at different layers in the network foundation protection hierarchy now when we start talking about something like sd-wan what i want you to do is i want you to think about the context or the idea of taking these line cards and these components the supervisor modules and sticking them somewhere in the cloud imagine taking a line card or more than one line card and assigning it to a physical location let's say texas and then another line card and assigning it a physical location of say virginia where i am and providing the infrastructure that's going to allow me to be able to to allow those devices to be maintained from a central point of management integrate a unified control plane mechanism and allow me the capability of being able to provide data forwarding between all of the different data devices in other words the line cards and what you have right there is just a snapshot of exactly what sd-wan is it my working definition of what sd-wan is is going to be a cloud distributed or cloud scaled distributed switch and we're going to talk about exactly how that functions again inside the confines of the nfp in the next video understand that we're going to in we're going to emulate every one of these three layers and because the fact that parts are scattered all over creation what we're going to end up doing is we're going to entertain the idea of another plane and i'll go ahead and say what that plane is i'm going to call it the orchestration plane and it's going to be managed by a specific type of device that's part of the architecture of the sd-wan viptila solution i'm terry vinson and we'll discuss the architecture of sd-wan in the next video

Info

Channel: Terry Vinson CCIEx2

Views: 1,334

Rating: undefined out of 5

Keywords: ccie enterprise 2021, ccie enterprise infrastructure sdwan, ccnp enterprise 2021, cisco 300-415, cisco sdwan, cisco sdwan 2021, cisco sdwan controller onboarding, cisco sdwan controllers, cisco sdwan vmanage, cisco vbond, cisco vbond orchestrator, cisco vsmart, cisco vsmart controller, dtls tunnels, ensdwi, eveng, implementing cisco sd-wan solutions, implementing cisco sd-wan solutions (sdwan300), sdwan, sdwan configuration, viptela, sd wan training, sd wan viptela training

Id: G5cbEITel1c

Channel Id: undefined

Length: 14min 27sec (867 seconds)

Published: Wed Dec 30 2020