Cisco SDWAN : Preferred color group
Cisco SDWAN : Preferred color group
We are going to talk about the feature in cisco sdwan called as "Preferred color group". The term “color” in Cisco SD-WAN refers to a classification of transport circuits or paths that traffic can take, which helps in differentiating the types of connectivity (like MPLS, internet, 3G/4G, etc.).
This feature adds support for ranking of Application Aware Routing (AAR) or Data Policy preferred over a primary color and followed by backup preferred colors. You can configure up to three levels of priority based on the color or path preference on a Cisco IOS XE Catalyst SD-WAN device.
Supported versions
- Cisco IOS XE Catalyst SD-WAN Release 17.9.1a and above
- Cisco vManage Release 20.9.1 and above
Fig 1.1- Cisco SDWAN : Preferred color group |
So let's assume an example where we have 4 sites as shown below with 3 different TLOCs ( INET, MPLS & private1). So i want my traffic going from site-1 going to DC-1 use MPLS TLOC and traffic going from site-1 to DC-2 use private1. So what i need to do.
Here we will use "Preferred color group" so will put either on AAR policy or Data policy. As in our case we are generally using the data policy, so we will call it in data policy. Lets start with the process
Step 1: Login to vManage with your credentials
Step 2: Now Navigate to SDWAN >> Configuration >> Policies ; on the top left hand side, you will see Custom Options, Click there and navigate to Centralized Policy >> Lists as shown below:
Step 3: Now when you are inside the Lists, check for the option "Preferred Color Group" in the left bar menu. Now create a new "Preferred Color Group" for site-1 towards DC-1. Below is our "Preferred Color Group" with the name of "Site1_dc1". Where you can put primary color as MPLS and secondary color as private1.
Step 4: Similarly you can create an another "Preferred Color Group" for site-1 towards DC-2. where you can put primary color as private1 and secondary color as MPLS.
Step 5: Now as we need to create Data policy to match the "Preferred Color Group". Now Navigate to SDWAN >> Configuration >> Policies ; on the top left hand side, you will see Custom Options, Click there and navigate to Centralized Policy >> Traffic Policy as shown below:
Step 6: Now you need to add a new policy for "Preferred Color Group" named as "Site1_dc1" as shown below. This policy will match with the site id and we use this policy for the router in Site-1 only towards outbound direction.
Step 7: Now save the policy and call it in Centralized policy as you are doing for other policy. Once called you will see the traffic going to the DC1-10.10.10.0/24 subnet will flow through the MPLS circuit only and will only switch to private1 in case of MPLS link failure.
Another important thing to consider here, this is only the applied to outbound side which means any traffic coming from DC-1 to Site-1 will be coming from all the available TLOC paths ( MPLS, private1 and INET).
In order to manipulate the traffic from the DC-1 to Site-1 you need to apply the policy on DC-1 router using the data policy and import it to the Centralized policy.
- Finding the Right SD-WAN Vendor for Your Business
- The Evolution: Exploring the Origins of SD-WAN discussions
- Discover the Power of Multitenancy with Versa SDWAN!
- Introduction to Silver-Peak SDWAN Solution
- Introduction to VeloCloud SD-WAN Solution
- Introduction to Palo Alto's Prisma (CloudGenix) SDWAN
- Introduction to Fortinet SDWAN