Overlay network designs
In this chapter we describe several reference design flavors for the SD-WAN/ADVPN overlay network.
-
Starting from release 7.4, we use only one foundational overlay routing design as is preferred by some of the largest service providers: BGP on loopback.
-
The BGP on Loopback design is further enhanced by the new mechanism known as Dynamic BGP, which greatly increases ADVPN scalability and configuration simplicity by lifting the requirement for BGP Route Reflection. While optional, Dynamic BGP is recommended as a default choice for most new deployments.
The combination of BGP on Loopback and Dynamic BGP is often referred to as Dynamic BGP on Loopback.
-
The overall SD-WAN intelligence is greatly improved, thanks to the ADVPN 2.0 framework—the new generation of ADVPN, designed for and natively integrated with SD-WAN.
The following scheme summarizes the elements. (The combination highlighted in green is recommended as the default choice for most of the new deployments.):
Finally, the choice must be made between a simple single-VRF deployment and a more advanced multi-VRF deployment. The latter allows you to implement end-to-end segmentation across the entire SD-WAN network. It is often referred to as a Segmentation over Single Overlay, because the same overlay network is forwarding traffic belonging to multiple segments (VRFs), while preserving their segregation across all the SD-WAN sites. All the elements mentioned in this topic support this functionality.
In the remaining of this chapter, we discuss all these elements in more detail.