Purpose of TLOC in Cisco Viptela SDWAN
TLOC is one of the major term used in the Cisco Viptela SDWAN solution. TLOC is generally used as static identifier on Cisco Viptela SDWAN vEdge device and also used for underlay network attachment.
Cisco Viptela term TLOC color as Public and Private. Dont confuse with the color, color is basically used to categorized WAN circuits on vEdges. The specific color used is categorized as Private or Public.
TLOC routes classify transport locations. These are sites in
the overlay network that connect to physical transport, such as the point at
which a WAN interface connects to a carrier. A TLOC is signified by a 3-tuple
that contains of the system IP address of the OMP speaker, a color, and an
encapsulation type.
 |
| Fig 1.1- Cisco SDWAN TLOC |
Cisco Viptela term TLOC color as Public and Private. Dont confuse with the color, color is basically used to categorized WAN circuits on vEdges. The specific color used is categorized as Private or Public.
- Private Colors (mpls, private1, private 2, private 3, private 4, private 5, private 6 and metro-ethernet)
- Public Colors (red, blue, public-internet, Biz-internet)
Note: Color setting applies to WAN Edge to WA Edge Communication and WAN Edge to Controller Communication.
Well, Colors used in the SDWAN influence the data plane endpoint selection to ensure the most optimal connectivity. Domain with respect to the NAT should use Private
endpoints, and Public
Endpoints. MPLS uses Private Color, Internet
uses Public Color. Connectivity optimized within and
across domains.
Setup of IPSEC tunnel
For every TLOC on a vEdge router, the vEdge router
advertises a symmetric key for encryption. The vSmart controller reflects this
key automatically and advertises the TLOC with the symmetric key.
A two-way
IPsec SA is set up as a result, which means two different keys will be setup
and data traffic automatically starts to use this IPsec tunnel. Once a tunnel
is up, BFD automatically starts on the tunnel.
This is done to ensure fast data
plane convergence in the event of a failure in the transport network. Note that the setup of the IPsec data plane happens
automatically. No configuration is necessary.
Check the below commands for TLOCs
NDNA_vEdge# show omp tlocs
NDNA_vEdge# show omp tlocs advertised
NDNA_vEdge# show omp tlocs received
NDNA_vEdge# show omp tlocs details
NDNA_vEdge# show bfd tloc-summary-list
NDNA_vEdge# show omp tlocs advertised
NDNA_vEdge# show omp tlocs received
NDNA_vEdge# show omp tlocs details
NDNA_vEdge# show bfd tloc-summary-list
