Configure SD-WAN Traffic Engineering
For supported software information, click here.
An SD-WAN overlay topology consists of point-to-point tunnels that act as a direct route between any two SD-WAN sites. However, this direct path may not be the best data path in terms of link metrics (delay and loss). SD-WAN traffic engineering evaluates all the alternate paths (direct and indirect) to reach the destination site and provides the optimal path for the data traffic. In a full-mesh topology, SD-WAN traffic engineering takes advantage of intermediate hops that might seem costly based on the number the of hops involved, but might be superior in terms of the total end-to-end link cost.
SD-WAN traffic engineering uses existing site-to-site SLA-monitoring data to determine the cost of a virtual link connecting two sites. The link is used in path selection only if SD-WAN traffic engineering is enabled on both sites and both sites advertise each other as the endpoint peers on the link.
The SD-WAN traffic engineering path-selection algorithm is run per organization and per forwarding class.
With SD-WAN traffic engineering, each site is identified by a unique overlay endpoint address (ESP-IP), which is used as the site-of-origin (SoO) community string when announcing routes for each site. A separate reachability table for each site is installed in the forwarding plane. The reachability table contains the optimal paths for reaching the SoOs. During path selection, the reachability to the SoO is considered when determining the end-to-end path.
For example, in the following figure using traditional routing protocols, the path between Spoke 1 and Spoke 5 (solid green lines) is Spoke 1 → Hub 1 → Hub 5 → Spoke 5, because this is the path with the minimum number of hops between Spoke 1 and Spoke 5. SD-WAN traffic engineering incorporates SLA metrics into the path-selection algorithm to evaluate other possible paths, such as Spoke 1 → Hub 1 → Hub 3 → Hub 5 → Spoke 5, or Spoke 1 → Hub 1 → Hub 2 → Hub 5 → Spoke 5, as shown in the figure. SD-WAN traffic engineering helps determine the optimal path and facilitates load-balancing of the traffic across paths with similar performance.
Configure SD-WAN Traffic Engineering
You can configure SD-WAN traffic-engineering options globally or for individual forwarding classes
Before you configure SD-WAN traffic engineering, you must enable the site-of-origin (SoO) community string on all SD-WAN sites so that the originating site of prefixes can be identified. For more information, see Configure Data-Driven SLA Monitoring.
To configure SD-WAN traffic engineering:
- In Director view, select the Administration tab in the top menu bar.
- Select Appliances in the left menu bar.
- Select an appliance in the main pane. The view changes to Appliance view.
- Click Configuration in the top menu bar.
- Select Services > SD-WAN > Traffic Engineering in the left menu bar. The Traffic Engineering screen displays.
- Click the Edit icon. In the Edit Traffic Engineering popup window, enter information for the following fields.
Field Description SLAM (Group of Fields) Configure metrics related to SLA monitoring. - Advertisement Interval
Enter how often to poll for changes in SLA monitoring metrics, in seconds. The value of the advertisement interval directly affects convergence. Setting the value too low may increase the number of SD-WAN traffic engineering updates.
Range: 1 through 3600 seconds
Default: 15 seconds
- Advertise Latency Duration
Enter the export latency averaged over the last n-second probes. This is the number of samples used to calculate link latency, which helps dampen any temporary latency spikes. Reducing the sample size can make the system too sensitive to latency changes.
Range: 1 through 3600 seconds
Default: 20 seconds
- Advertise Loss Duration
Enter the export loss averaged over last n-second probes. This is the number of samples used to calculate loss latency, which helps dampen any temporary loss spikes. Reducing the sample size may result in incorrect loss calculations.
Range: 1 through 3600 seconds
Default: 60 seconds
- Advertise Remote
Click to republish SLA-monitoring metrics received from peer sites. You can use this option on transit nodes, such as hubs, to publish SLA-monitoring metrics across regions, which helps preserve end-to-end path visibility for spokes in each region.
- No Transit
Click to indicate that the device does not support transit traffic.
You should select this option for the spoke devices in a hub-and-spoke topology that are not intended to carry transit SD-WAN traffic. In a full-mesh topology, you can select this option for high-capacity nodes that can handle additional loads of transit traffic.
You should not select this option for hubs in a hub-and-spoke topology that are used as intermediate hops to reach the destination.
Forwarding Class (Group of Fields) - Forwarding Class
Select the forwarding class on which to enable SD-WAN traffic engineering. - Include
Click to include forwarding-class metrics for traffic engineering. - Path Metrics
Select which path metrics to consider for traffic engineering:
- Latency
- Loss
- Export
Configure values for exporting link metrics. - Latency Change Threshold
Enter the threshold by which the link latency needs to change in order for the link metrics to be exported, as a percentage.
Range: 1 through 100 percent
Default: 10 percent
- Loss Change Threshold
Enter the threshold by which link loss needs to change in order for the link metrics to be exported, as a percentage.
Range: 1 through 100 percent
Default: 2 percent
- ECMP
Configure equal-cost multipath routing options. When calculating the optimal end-to-end path, the metric calculations may not result in the same values. The ECMP options below define how much latency and loss can be tolerated for paths still to be considered equal-cost paths. - Latency Tolerance
Enter the latency tolerance, in milliseconds, to consider a path for ECMP.
Range: 0 through 500 milliseconds
Default: 10 milliseconds
- Loss Tolerance
Enter the loss tolerance, as a percentage, to consider a path for ECMP.
Range: 0 through 100 percent
Default: 1 percent
Add button
Click to add the per-forwarding class information. You can configure multiple sets of per-forwarding class information. - Click OK to save the traffic-engineering settings.
Monitor SD-WAN Traffic Engineering
To view the SD-WAN traffic engineering statistics:
- In Director view:
- Select the Administration tab in the top menu bar.
- Select Appliances in the left menu bar.
- Select the device in the main pane. The view changes to Appliance view.
- Select the Monitor tab in the top menu bar.
- Select an organization in the horizontal menu bar.
- Select the Devices tab in the horizontal submenu bar.
- Select Services in the horizontal menu bar, and then select SD-WAN.
- To view traffic-engineering data, select Traffic Engineering, and then select Brief or Detail from the drop-down box. The traffic-engineering information displays.
- To view information about live sessions, select Sessions.
- In the SD-WAN Session Count column, click the session number that you want to view. (Note that you might need to widen the Application column to see the graph icon.) Select Extensive from the drop-down menu above the Application column.
- In the Application column, click the Graph icon. A graph similar to the following displays live session status graph.
- In the SD-WAN Session Count column, click the session number that you want to view. (Note that you might need to widen the Application column to see the graph icon.) Select Extensive from the drop-down menu above the Application column.
Supported Software Information
Releases 22.1.1 and later support all content described in this article.