Cisco SD-WAN Components: vBond, vManage, vSmart, vEdge

Table of Contents

Cisco SD-WAN Components

In Cisco SD-WAN Architecture, there are main components work on different SD-WAN Architecture Planes. These SD WAN Components and their location in the SD-WAN Architecture ig given below:

vBond
vManage
vSmart Controller
vEdge

Cisco SD-WAN Architecture

At 2017, Cisco acquired Viptela. At that time, Viptale was the most successfull startup on SD WAN Technologies. Since that time,the Components of Viptela SD-WAN is being used as Cisco SD-WAN Components.

Now, let’s talk about Viptela and Cisco’s SD-WAN Architecture Components.

What is vBond?

vBond is the Ochestration Plane device of Cisco SD-WAN Architecture. In another words, it is the orchestrator of vSmart and vEdge devices in the control plane. For the new devices, vBond provide authentication and it also connects the new devices to the vSmart Controller. The discovering vManage is also another duty of vBond.

vBond and vSmart Controller connection is permanent after their connection. When a vEdge device comes online, a temporarily connection is also established between vBond and vEdge device. After the orchestration is done and permanent connectivity between vEdge and vSmart is established, this connection is broken. Before the vEdge router connection break, vBond performs vEdge load balancing across multiple vSmart controllers.

vBond uses DTLS (Datagram Transport Layer Security) tunnels for authentication of vSmart Controller and vEdge routers. There can be multiple vBond in the Cisco SD-WAN Architecture. For this type of design, a separate DTLS (Datagram Transport Layer Security) tunnel is needed toward each vSmart Controller.

Key Point: vBond is the orchestration component of SD-WAN that authenticates devices and helps them securely join the network.

vBond uses Public IP address in Cisco SD-WAN. It is the only SD-WAN device that uses Public IP. With this IP, it can connect other Cisco SD-WAN Architecture devices.

What is vManage?

vManage is the central Network Management System (NMS) of Viptela (Cisco). In SD-WAN Architecture, vManage resides in the Management Plane.

With vManage GUI, you can configure, manage and troubleshoot your all SD-WAN network devices. You can store all the required resources for your SD-WAN devices such as licences, policies, configurations etc. in vManage. And whenever SD WAN devices need this resources, vManage sends this resources to these devices.

Key Point: vManage provides centralized management, allowing administrators to configure, monitor and manage the entire SD-WAN network from a single interface.

Viptela’s (Cisco’s) vManage and vSmart Softwares can be both on separate servers and on a single server. This is up to your SD-WAN design.

What is vSmart Controller?

vSmart Controller resides in the Control Plane of SD-WAN Architecture. In other words, vSmart Controller is the Control Plane sotware of Viptela (Cisco).Mainly it is a virtuail machine runs on a server. This server can be both an ESXi or VMWare.

vSmart Controller is the place that all the complex jobs are done before data forwarding. It is the brain of the whole SD-WAN. Network activities like Path Calculations, Routing, etc. are done here. After that data plane only forward this data.

Key Point: vSmart is the control plane component that distributes routing information and policies across the SD-WAN network.

There is a specific protocol used between vSmart and vEdge for the communiction of these two SD WAN component. The name of this protocol is OMP (Overlay Management Protocol). OMP is responsible from the routing processes like BGP. In other words, OMP is used for Control Plane activities of Cisco SD-WAN Architecture.

There is also another important protocol used between vManage and vSmart Controller. This protocol is NETCONF. NETCONF is used for the provisioning of vSmarty Controller. By vManage NMS.

At the beginning, we need only a little configuration to use vSmart Controller. We should configure vSmart Controller IP address and the Orchestration point vBond’s IP address for the initial configuration of vSmart. After the connection establishent, vSmart gets the required configuration from vManage and become ready to communicate with vEdge routers.

There can be multiple vSmart Controllers in the domain. This provides redundancy and load balancing. Different vEdge routers can be connected to different vSmarts. This is managed by vBond when a new vEdge router comes online.

Maximum 20 vSmart Controller can be used on a single domain. To use multiple vSmarts in a domain, the configurations except the local ones must be identical on each vSmart in the domain.

If a new vEdge router comes online, it must be authenticated. This authentication takes places on vSmart Controller. The required authentication data resides in vSmart Controller.

What is vEdge?

vEdge devices reside in the Data Plane of SD-WAN Architecture. A vEdge device can be a hardware or a software virtual device. It has the basic characteristics of the normal router and supports protocols like OSPF, BGP, BFD etc.

The main responsibility of vEdge devices in SD-WAN Architecture is data Forwarding. vEdge devices forwards data, according to the control plane decisions (vSmart Controller).

At the beginning to establish connection, a vEdge device needs an IP address and the IP address of the vBond Orchestrator. With these informations, it is connected to vBond temporarily and authentication occurs. Then, vEdge device establishes a permanent connection with vSmart Controller.

Key Point: vEdge devices are located at branch sites and handle the data plane, forwarding traffic based on policies received from the controllers.

Become a Member!

Cisco SD-WAN Components