Skip to main content
Versa Networks

Configure SD-WAN WAN-Facing Routing Protocols

  1. Last updated
  2. Save as PDF

Versa-logo-release-icon.pngFor supported software information, click here.

You define SD-WAN WAN-facing routing protocols for a Versa Operating SystemTM (VOSTM) device using a configuration workflow. You can create the configuration through the main template workflow or you can create it separately and then add it to the main template. When the main template is published to the VOS device, it uses the WAN-facing routing protocols that you defined in the configuration workflow.

Note: In Releases 12.2.2 and earlier, you configure WAN routing in device interface policies for profile elements. For information about configuring policies for profile elements in Releases 12.2.2 and earlier, see Configure Profile Elements.

This article describes how to configure the following WAN-facing routing protocols:

  • BGP
  • OSPFv2
  • OSPFv3
  • RIPv2
  • Static routes

This article also describes how to manage WAN-facing routing protocol configurations.

Note: WAN interface physical properties, such as data transmission speed, are configured separately from the routing protocols that run on the interface. For information about configuring WAN interface physical properties, see Configure WAN Interfaces.

Create a WAN-Facing Routing Protocols Configuration

You can create a WAN-facing routing protocols configuration as part of a main template, or you can create it separately and then associate it with a main template. For more information about main templates, see Configure Main Templates

  • To create a WAN-facing routing protocols configuration using the main template workflow:
    1. In Tenant view, select Configure > Secure SD-WAN > Main Templates.
    2. Click + Add, or select an existing main template for which you want to configure the WAN-facing routing protocols.
    3. Select workflow step 3, Topologies & Routing Protocols, in the top menu bar. The following screen displays.

      Main_template_workflow_step_3_routing protocls.png
       
    4. Select the WAN tab, and then click Add New WAN-Facing Routing Protocol. The Add WAN-Facing Routing Protocol workflow screen displays.
    5. Continue to Configure WAN-Facing Routing Protocols, below.
  • To create a WAN-facing routing protocol configuration separately from a main template:
    1. In Tenant view, select Configure > Secure SD-WAN > Topologies & Routing Protocols.

      Menu_select_configure_Topologiy_and_Routing.png

      The following screen displays.

      WAN_protocols_main_screen.png
    2. Select the WAN tab, and then click + Add. The Add WAN Facing Routing Protocol workflow screen displays.
    3. Continue to Configure WAN-Facing Routing Protocols, below.

Configure WAN-Facing Routing Protocols

  1. In the Add WAN-Facing Routing Protocol workflow, select step 1, WAN Connection.

    WAN-Facing_workflow_step_1_connection.png
     
  2. In the Connection Name field, select a connection.
  3. Click Next or select workflow step 2, Routing Protocols.

    WAN-Facing_workflow_step_2_routing_protocols.png
     
  4. To add static routes, select the Static Routes tab, and then select the IPv4 or IPv6 tab. Enter information for the following fields.

    static_routes_2.png
     
    Field Description
    Route Prefix Enter the IPv4 or IPv6 subnet.
    Interface Select an interface.
    Nexthop Enter the IP address for the next hop.
    Monitor Enabled/Disabled Click the toggle to enable or disable monitoring for the WAN connection.
    • Monitor Type
    		 Select the monitor type, Gateway or Custom. 
    • IP SLA Monitor
    		 (For Custom monitor types) Select an IP SLA monitor or monitor group. To add a new IP SLA monitor, click +Add IP SLA Monitors. To add a new IP SLA monitor group, see IP SLA Monitor Groups in Configure Reusable Objects.
    Advanced Settings Click to display the fields listed below.

    Preference

    Enter the preference for the traffic route. A lower preference value indicates a higher preference for using the route.

    Range: 1 through 255

    Redistribute Enabled/Disabled

    Click the toggle to enable or disable route redistribution. Route redistribution enables the exchange of routing information between different routing protocols. Concerto route redistribution is based on the personality of the device, such as hub, spoke, or Controller.

    Traffic Handling

    Select one of the following traffic handling options:

    • Discard—Drop packets marked for the destination. Do not send ICMP unreachable message.
    • Reject—Drop packets marked for the destination. Send an ICMP unreachable message.
    No Install

    Click the toggle to enable or disable the no-install option. When enabled, this option prohibits the installation of received routes in the forwarding table.
    Tags

    Enter a route tag. Route tags can be used in static routing to avoid routing loops.
    Bidirectional Forwarding Detection (BFD)

    Click the toggle to enable or disable bidirectional forwarding detection (BFD). BFD detects liveness for BGP peers, OSPF neighbors, and static route next hops.
    • Minimum Receive Interval

    Enter the minimum time interval to receive routes, in milliseconds.

    Range: 1 through 255000 milliseconds

    Default: 1000 milliseconds
    • Minimum Transmit Interval

    Enter the time after which routes can be retransmitted, in milliseconds.
    Range: 1 through 255000 milliseconds

    Versa recommended value: 500 ms or more
    • Multiplier

    Enter the multiplier value used to calculate the final minimum receive interval and minimum transmit interval.

    Range: 1 through 255

    Default: 3
  5. To configure the BGP routing protocol, select the BGP tab. The following screen displays.

    BGP_screen3.png
     
  6. Select the EBGP or IBGP tab to configure external BGP or internal BPG respectively.
  7. Enter information for the following fields.
    Field Description
    Local ASN Enter the local AS number.
    Range: 0 through 4294967295
    Bidirectional Forwarding Enabled/Disabled Click the toggle to enable or disable BFD.
    • Minimum Receive Interval

    Enter the minimum time interval to receive routes, in milliseconds.

    Range: 1 through 255000 milliseconds

    Default: 1000 milliseconds
    • Minimum Transmit Interval

    Enter the time after which routes can be retransmitted, in milliseconds.
    Range: 1 through 255000 milliseconds

    Versa recommended value: 500 ms or more
    • Multiplier

    Enter the multiplier value used to calculate the final minimum receive interval and minimum transmit interval.

    Range: 1 through 255

    Default: 3
    Neighbor (Group of Fields)  
    • Enabled
    		 Click the toggle to enable or disable the neighbor.
    • Local Interface or Local Address
    		 Click either Local Interface or Local Address, and then select a value from the drop-down list.
    • Neighbor Address
    		 Neighbor IPv4 or IPv6 address.
    • Peer ASN

    Enter the remote peer's AS number. 

    Range: 0 through 4294967295
    • Password
    		 Enter the password to authenticate the BGP instance.
    • Import BGP Peer Policy

    Select a BGP import policy. BGP import policies are applied to routes imported from external BGP peers and determine which routes are accepted into the routing table. To create a new BGP peer policy, see procedure step 10, below.
    • Export BGP Peer Policy

    Select a BGP export policy. BGP export policies are applied to routes exported from the routing table to external BGP peers and control the routes are advertised to other peers. To create a new BGP peer policy, see procedure step 10, below.
    • Advanced Settings (Group of Fields)
    		 Click to configure the following three fields.
    • Suppress Peer ASN
    		 Click to enable or disable suppression of advertised routes received from an EBGP neighbor to another neighbor that is in the same AS as originating neighbor.
    • Hold Time

    Enter the hold time, in seconds, to negotiate with a peer.

    Range: 3 through 65535 seconds
    • TTL
    		 Enter the time-to-live value, which is the number of hops that a packet can travel in a network before the packet expires.
    Range: 1 through 255
    Default for EBGP: 64 (Note that you do not need to enable EBGP multihop.)
    Default for IBGP: 64
    + Add Another Click to add another neighbor.
  8. To configure BGP peer policies, select + Create New in the Import BGP Peer Policy or Export BGP Peer Policy drop-down list. The Add BGP Peer Policy workflow displays.

    Add_Peer_policy.png

    For information about adding a BGP peer policy, see Add a BGP Peer Policy in Configure Reusable Objects.
     
  9. To configure OSPFv2, select the OSPFv2 tab.

    Topology_workflow_routing_step_OSPfv2_tab.png
     
    1. In the Router ID field, enter an IPv4 address. In the Domain VPN Tag field, enter a Domain VPN tag.
    2. Click + Add. In the Add OSPFv2 Network popup window, enter information for the following fields.

      Add_ospfv2.png

      Field Description
      Network Name (Required) Select a network name from the drop-down list.
      Area ID (Required) Enter an ID for the area. A backbone area has an area ID of 0.0.0.0. Areas with non-zero IDs are non-backbone areas.
      Network Type

      Enter the network type:

      • Broadcast
      • Loopback
      • Point to Point
      Priority (Required)

      Enter a priority value to use in the election of the designated router (DR) and the backup designated router (BDR). On a multiaccess network, the OSPF router with the highest priority becomes the designated router, and the OSPF router with the second-highest priority becomes the backup router. If you set the priority to 0, the device does not participate in designated router and backup designated router election process.

      Default: 1
      Metric (Required) Enter a value for the OSPF interface cost, which is used to calculate the total cost to reach a destination.
      Range: 1 through 65535
      Default: 1
      Passive Click to mark the router as a passive listener. A passive router sends no advertisement messages.
      Timers (Group of Fields)  
      • Hello Interval

      Enter the interval, in seconds after which router sends advertisement messages.

      Range: 1-255
      • Dead Interval

      Enter the time to wait, in seconds, before the router declares a neighbor to be dead because it has received no advertisements within that amount of time.

      Range: 1-65,535
      • Retransmit Interval

      Enter the retransmit interval, in seconds, after which the router can retransmit a message.

      Range: 1-3600
      • Transit Delay

      Enter the delay, in seconds, for retransmitting a message.

      Range: 1-3600
      Authentication (Group of Fields)  
      • Type

      Select how to authenticate OSPF router traffic:

      • None
      • MD5—Use encrypted authentication
      • Simple Password—Use simple password-based authentication.
      • Key ID (Required)

      For MD5, enter the key ID.

      Range: 0-255
      • MD5 Auth Key (Required)

      For MD5, enter the authorization key.

      Range: 4-16 characters
      • Simple Password Auth Key
      		 For Simple Password, enter the password.
      Bidirectional Forwarding Enabled/Disabled Click the toggle to enable or disable BFD. 
      • Minimum Receive Interval

      Enter the minimum time interval to receive routes, in milliseconds.

      Range: 1-255000
      • Minimum Transmit Interval

      Enter the time after which routes can be retransmitted, in milliseconds.

      Range: 1-255
      • Multiplier

      Enter the multiplier value used to calculate the final minimum receive interval and minimum transmit interval.

      Range: 1-255000

    3. Click Add OSPFv2 Network.

  10. To enable OSPFv3 ,select the OSPFv3 tab.

    OSPFv3_tab.png
     
    1. In the Router ID field, enter an IPv4 address. 
    2. Click + Add. In the Add OSPFv3 Networks popup window, enter information for the following fields.

      add_ospfv3.png
       
      Field Description
      Connection Name (Required) Select a connection name from the drop-down list.
      Area ID (Required) Enter an ID for the area. A backbone area has an area ID of 0.0.0.0. Areas with non-zero IDs are non-backbone areas.
      Network Type

      Enter the network type:

      • Broadcast
      • Loopback
      • Point to Point
      Priority (Required)

      Enter a priority value to use in the election of the designated router (DR) and the backup designated router (BDR). On a multiaccess network, the OSPF router with the highest priority becomes the designated router, and the OSPF router with the second-highest priority becomes the backup router. If you set the priority to 0, the device does not participate in designated router and backup designated router election process.

      Range: 0 through 255
      Metric (Required) Enter a value for the OSPF interface cost, which is used to calculate the total cost to reach a destination.
      Range: 1 through 65535
      Passive Click to mark the router as a passive listener. A passive router sends no advertisement messages.
      Timers (Group of Fields)  
      • Hello Interval

      Enter the interval, in seconds after which router sends advertisement messages.

      Range: 1 through 255
      • Dead Interval

      Enter the time to wait, in seconds, before the router declares a neighbor to be dead because it has received no advertisements within that amount of time.

      Range: 1 through 65535
      • Retransmit Interval

      Enter the retransmit interval, in seconds, after which the router can retransmit a message.

      Range: 1 through 3600
      • Transmit Delay

      Enter the delay, in seconds, for retransmitting a message.

      Range: 1 through 3600
    3. Click Add OSPFv3 Network.
       
  11. To enable RIPv2, select the RIPv2 tab.

    RIPv2_tab.png
    1. Click Add RIPv2 Network. The Add RIPv2 Network popup window displays. 

      Add_RIPv2_network_popup.png
      ​​​​​​
    2. Enter information for the following fields.
       
      Field Description
      Network Name Select a network name from the drop-down list.

      Type

      Select how to authenticate router traffic:

      • None
      • MD5—Use encrypted authentication
      • Simple Password—Use simple password-based authentication.

      Key ID

      		 For authentication type MD5, enter the key ID.

      MD5 Auth Key

      		 For authentication type MD5, enter the authorization key.

      Simple Password Auth Key

      		 For authentication type Simple Password, enter the password.
      Send

      Selection how to send request messages:

      • None
      • Version 2
      Receive

      Select how to receive response message from neighboring routers:

      • Multicast
      • None
      Bidirectional Forwarding Enabled/Disabled Click the toggle to enable or disable BFD. 
      • Minimum Receive Interval
      		 Enter the minimum time interval to receive routes, in milliseconds.
      • Multiplier
      		 Enter the multiplier value used to calculate the final minimum receive interval and minimum transmit interval.
      • Minimum Transmit Interval
      		 Enter the time after which routes can be retransmitted, in milliseconds.
    3. Click Add RIPv2 Network.
       
  12. Click Next or select workflow step 3, Permissions. 

    permissions.png
  13. To change the permissions for a role, select Create, Read, Update, or Delete in the Permissions column. These permissions apply to this specific policy; see Object Permissions in Versa Concerto for SD-WAN.
  14. Click Next or select workflow step 4, Review & Submit.
  15. In the General section, enter information for the following fields.

    General_pane_with reusable on other templates option.png
     
    Field Description
    Name Enter a name for the WAN-facing routing protocols configuration. 
    Description Enter a text description.
    Tags Enter a tag, and then press the Enter key. You can enter multiple tags. A tag is an alphanumeric text descriptor with no spaces or special characters. The tags are used for searching the objects. 
    Reuse Options (For configurations added through the Main Templates workflow.) Click Reusable on Other Templates to make the configuration usable in other main templates. Otherwise, click Not Reusable. 
  16. Review the settings you have selected. Click the pencil-icon-blue-on-white-22.png Edit icon to change a setting, as needed.
  17. Click Submit.

Manage SD-WAN WAN-Facing Routing Configurations

You can perform the following actions on SD-WAN WAN-facing routing configurations:

  • Edit
  • Clone
  • Delete
  • View references
  • Propagate
  • Compare versions
  • View the audit log
  • Enable and disable auto delete

For information about these actions, see Manage SD-WAN Policies and Profiles.

Supported Software Information 

Releases 13.1.1 and later support all content described in this article.