This article describes how to configure SDWAN gateway to connect sites in SDWAN to sites in Non-SDWAN.

 

Prerequisite 

  1. Versa Headend should be deployed and functional
  2. Hub act as the Gateway to reach all Non-SDWAN sites.
  3. There is Underlay reachability from SDWAN device to Non-SDWAN device.

 

Please Note This article describes only the configuration on Versa FlexVNF using Workflow.

 

Topology 

 

 

 

 

Configuration

IPsec-Configuration

1.      Login to the Versa Director and navigate to Workflow>Template>select the Template 

 

 

  1. Open the Template>Go to Split Tunnels
  2. Select the Lan-VR as all the SDWAN branches will have reachability to Lan-VR and select WAN interface where you have reachability to Non-SDWAN sites. (In this example, interface connecting to MPLS)
  3. And enable Gateway to advertise the Default Route to all other SDWAN branches. This will automatically create Paired TVI between Lan-VR and MPLS-Transport-VR with BGP configuration
  4. Add this configuration by clicking on + 

 

 

Create BGP between Transport-VR and PE Router

  1. To advertise the SDWAN route to MPLS network and to get the Non-SDWAN route ,we need to create BGP between MPLS-Transport-VR and MPLS-PE router (service provider router)
  2. Navigate to Service>Virtual Routers>MPLS-Transport-VR>select BGP

 

 

  1. Select Peer Group>Create BGP >Add neighbor details
    120.0.0.2 : IP address of vni-0/0 interface of the PE  router
    169.254.0.3 : Remote IP address of  MPLS-Transport-VR
    169.254.0.2 : Local IP address of  Lan-VR

 

 

Please Note We can add filter to the routes based on your requirement using Peer group policy.

 

Verification on Versa FlexVNF CPE


Spoke

admin@B5-S1-cli> show route routing-instance sub-org-LAN-VR

 

Routes for Routing instance : sub-org-LAN-VR  AFI: ipv4

 

Codes: E1 - OSPF external type 1, E2 - OSPF external type 2

IA - inter area, iA - intra area,

L1 - IS-IS level-1, L2 - IS-IS level-2

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

RTI - Learnt from another routing-instance

+ - Active Route

 

Prot   Type  Dest Address/Mask   Next-hop        Age      Interface name

----   ----  -----------------   --------        ---      --------------

BGP    N/A   +0.0.0.0/0           10.0.192.109    11:37:03 Indirect      ==================è Default Route from Hub CPE.

BGP    N/A  +9.9.9.9/32          10.0.192.101    4w1d06h  Indirect

BGP    N/A  +11.11.11.11/32      10.0.192.102    4w1d06h  Indirect

BGP    N/A  +50.0.0.0/24         10.0.192.101    4w1d06h  Indirect

BGP    N/A  +60.0.0.0/24         10.0.192.102    4w1d06h  Indirect

BGP    N/A  +99.99.99.0/24       10.0.192.109    3w6d22h  Indirect

BGP    N/A  +110.0.0.0/24        10.0.192.103    19:34:06 Indirect

BGP    N/A   110.0.0.0/24        10.0.192.104    02:36:31 Indirect

BGP    N/A  +120.0.0.0/24        10.0.192.109    4w0d21h  Indirect

BGP    N/A  +140.0.0.0/24        10.0.192.109    19:34:06 Indirect

BGP    N/A   140.0.0.0/24        10.0.192.110    4w1d06h  Indirect

conn   N/A  +160.0.0.0/24        0.0.0.0         19:34:33 vni-0/1.0

local  N/A  +160.0.0.1/32        0.0.0.0         19:34:33 directly connected

BGP    N/A  +169.254.0.0/30      10.0.192.101    4w1d06h  Indirect

conn   N/A  +169.254.0.4/31      0.0.0.0         19:35:06 tvi-0/605.0

local  N/A  +169.254.0.5/32      0.0.0.0         19:35:06 directly connected

BGP    N/A  +172.16.255.0/30     10.0.192.109    4w0d21h  Indirect

BGP    N/A  +180.0.0.0/24        10.0.192.109    19:27:18 Indirect

BGP    N/A   180.0.0.0/24        10.0.192.110    4w1d06h  Indirect

BGP    N/A  +190.0.0.0/24        10.0.192.109    7w0d11h  Indirect

BGP    N/A  +200.0.0.0/24        10.0.192.109    7w0d11h  Indirect

 

Hub

admin@B4-H1-cli> show route routing-instance sub-org-LAN-VR

 Routes for Routing instance : sub-org-LAN-VR  AFI: ipv4

 

Codes: E1 - OSPF external type 1, E2 - OSPF external type 2

IA - inter area, iA - intra area,

L1 - IS-IS level-1, L2 - IS-IS level-2

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

RTI - Learnt from another routing-instance

+ - Active Route

 

Prot   Type  Dest Address/Mask   Next-hop        Age      Interface name

----   ----  -----------------   --------        ---      --------------

BGP    N/A  +0.0.0.0/0           169.254.0.2     18:07:40 tvi-0/602.0           ==================è  Route from MPLS-Transport-VR

BGP    N/A  +9.9.9.9/32          10.0.192.101    4w1d06h  Indirect

BGP    N/A  +11.11.11.11/32      10.0.192.102    4w1d06h  Indirect

BGP    N/A  +50.0.0.0/24         10.0.192.101    4w1d06h  Indirect

BGP    N/A  +60.0.0.0/24         10.0.192.102    4w1d06h  Indirect

static N/A  +99.99.99.0/24       169.254.0.2     4w0d15h  tvi-0/603.0

BGP    N/A  +110.0.0.0/24        10.0.192.103    11:40:05 Indirect

BGP    N/A   110.0.0.0/24        10.0.192.104    6w4d10h  Indirect

BGP    N/A  +120.0.0.0/24        169.254.0.2     4w0d21h  tvi-0/603.0

BGP    N/A   140.0.0.0/24        10.0.192.110    11:40:05 Indirect

conn   N/A  +140.0.0.0/24        0.0.0.0         20:33:47 vni-0/1.0

local  N/A  +140.0.0.1/32        0.0.0.0         20:33:47 directly connected

BGP    N/A  +160.0.0.0/24        10.0.192.106    11:40:06 Indirect

BGP    N/A  +169.254.0.0/30      10.0.192.101    4w1d06h  Indirect

BGP    N/A   169.254.0.2/31      169.254.0.2     4w0d21h  tvi-0/603.0

conn   N/A  +169.254.0.2/31      0.0.0.0         20:34:11 tvi-0/603.0

local  N/A  +169.254.0.3/32      0.0.0.0         20:34:11 directly connected 

 

admin@B4-H1-cli> show route routing-instance MPLS-Transport-VR

 Routes for Routing instance : MPLS-Transport-VR  AFI: ipv4

 

Codes: E1 - OSPF external type 1, E2 - OSPF external type 2

IA - inter area, iA - intra area,

L1 - IS-IS level-1, L2 - IS-IS level-2

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

RTI - Learnt from another routing-instance

+ - Active Route

 

Prot   Type  Dest Address/Mask   Next-hop        Age      Interface name

----   ----  -----------------   --------        ---      --------------

BGP    N/A  +0.0.0.0/0           120.0.0.2       20:36:13 vni-0/0.0            ====================è Routes from MPLS PE

BGP    N/A  +9.9.9.9/32          169.254.0.3     4w1d06h  tvi-0/602.0

BGP    N/A  +11.11.11.11/32      169.254.0.3     4w1d06h  tvi-0/602.0

BGP    N/A  +50.0.0.0/24         169.254.0.3     4w1d06h  tvi-0/602.0

BGP    N/A  +60.0.0.0/24         169.254.0.3     4w1d06h  tvi-0/602.0

BGP    N/A  +110.0.0.0/24        169.254.0.3     20:36:05 tvi-0/602.0

conn   N/A  +120.0.0.0/24        0.0.0.0         20:36:13 vni-0/0.0

local  N/A  +120.0.0.1/32        0.0.0.0         20:36:13 directly connected

BGP    N/A  +140.0.0.0/24        169.254.0.3     20:36:13 tvi-0/602.0

BGP    N/A  +160.0.0.0/24        169.254.0.3     19:39:20 tvi-0/602.0

BGP    N/A  +169.254.0.0/30      169.254.0.3     4w1d06h  tvi-0/602.0

conn   N/A  +169.254.0.2/31      0.0.0.0         20:36:36 tvi-0/602.0

local  N/A  +169.254.0.2/32      0.0.0.0         20:36:36 directly connected

conn   N/A  +172.16.255.0/30     0.0.0.0         20:36:13 vni-0/4.1

local  N/A  +172.16.255.1/32     0.0.0.0         20:36:13 directly connected

BGP    N/A  +180.0.0.0/24        169.254.0.3     13:46:21 tvi-0/602.0

BGP    N/A  +190.0.0.0/24        120.0.0.2       7w0d11h  vni-0/0.0         ==================è  Routes from MPLS PE 

BGP    N/A  +200.0.0.0/24        120.0.0.2       7w0d11h  vni-0/0.0

conn   N/A  +169.254.0.6/31      0.0.0.0         20:34:11 tvi-0/607.0

local  N/A  +169.254.0.7/32      0.0.0.0         20:34:11 directly connected

conn   N/A  +169.254.0.8/31      0.0.0.0         20:34:11 tvi-0/609.0

local  N/A  +169.254.0.9/32      0.0.0.0         20:34:11 directly connected

BGP    N/A  +172.16.255.0/30     169.254.0.2     4w0d21h  tvi-0/603.0

BGP    N/A  +180.0.0.0/24        10.0.192.105    13:43:55 Indirect

BGP    N/A  +190.0.0.0/24        169.254.0.2     7w0d11h  tvi-0/603.0

BGP    N/A  +200.0.0.0/24        169.254.0.2     7w0d11h  tvi-0/603.0

 

Please Note We allowed only Default route to advertise, so remaining routes will not be advertised to LAN-VR.