Ageda
In last article, we discussed briefly on different types of polices in Cisco SD-WAN Infrastructure. Now we will explore various Centralized policies use cases. Below diagram shows categorization of different SD-WAN policies.
Directionality of Policies
As can be seen in above diagram, Centralized Control Polices have two sub-types – Topology Policy & VPN Membership Policy.
In the context of centralized control policies, they can be applied either inbound or outbound. This directionality is always from the perspective of the vSmart controller.
Inbound Policies:
- Applied before the routes undergo the best-path selection algorithm.
- Applied before the routes are inserted into the OMP (Overlay Management Protocol) table on the vSmart.
- Any manipulations performed by inbound control policies impact the vSmart’s best-path selection process and, consequently, affect the OMP advertisements sent to all other WAN Edge routers.
Outbound Policies:
- Applied after the vSmart’s best-path selection process is completed.
- Limited in scope to only those site IDs listed in the control policy application configuration.
- Outbound control policies are more targeted and specific in their application.
- In contrast, centralized control policies applied inbound tend to have a broader global impact.
Topology
Use Cases of Centralized Control Policies
There could be various use cases for Centralized Control Policy usage. Over the next articles, we will discuss below use cases and step by step implementation.
- Hub and Spoke Topology
- Traffic Engineering for inbound traffic using TLOC Preference
- Internet Exit via Preferred Regional Data Center
- Regional Full Mess Network
- Implementation of Service Insertion to redirect traffic.
- Isolating Guest Uses access using VPN Membership
Note, Links to above use cases will be updated once these articles are published.
Refer Cisco SD-WAN official documentation for details.