SD-WAN Terminologies:

System-IP:
The System-IP acts as a unique identifier for our devices across the SD-WAN environment. It can
be any IP that we choose, there is no need to have it configured anywhere on the device, much
like a Route Distinguisher or Router ID. it’s a kind of Loopback Address which needs to be
configured uniquely one each device. it doesn't need to be advertised or known by underlay.

Site ID:
A Site ID is a unique identifier of a site in the SD-WAN overlay network with a numeric value 1
through 4294967295 and it identifies the source location of an advertised prefix. This ID must
be configured on every WAN Edge device, including the controllers, and must be the same for
all WAN Edge devices that reside at the same site. A site could be a data center, a branch office,
a campus, or something similar. The Site-ID is an attribute which is used for route manipulation.

Organization Name:
Organization Name is a name that is assigned to the SD-WAN overlay. It is case-sensitive and
must match the organization name configured on all the SD-WAN devices in the overlay. It is
used to define the Organization Unit (OU) field to match in the Certificate Authentication
process when an SD-WAN device is brought into the overlay network.

Tunnel-Interface:
This identifies the interface which will be used in order to setup the SD-WAN fabric underlay.
The services allowed function as sort of an ACL, permitting traffic from/to the interface.

VPN 0:
VPN in SDWAN components are the other name of VRF. VPN 0 is called the Transport VPN.
Interface and IP address facing towards the WAN. Used for Initiate and terminate IPSEC VPN. All
the Transport Interfaces should be configured under VPN0. Used for making communication to
other controllers. Secondly can be used for management and control traffic as well. VPN 0 is
reserved for all the control connection as well as the management traffic.

VPN 512:
VPN 512 is the Management VPN. Connects to the Out-of-Band Management Network. By
default, VPN 512 is configured and enabled. You can modify this configuration if desired.

vBond Image:
The vBond controller uses the same image as the vEdge devices. The change from a regular
vEdge to the controller mode is applied via a simple command. the "local" keyword is what
changes the vEdge into vBond mode.

1 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , WhatsApp: 00966564303717

cEdge & vEdge:
cEdge is another name for the Cisco Cloud Services Router 1000v (CSR1000v), running the
special SD-WAN components. cEdge can be configured through the CLI or centrally through
vManage. cEdge CLI configuration uses config-transaction and commit to make changes. vEdge
refers to the platforms running Viptela-OS, whereas cEdge refers to the platforms running IOS-
XE SD-WAN.

Device Templates:
Device Templates are the way you create and store device configurations on the vManage
NMS. Device templates is the combination of multiple feature templates. Feature templates are
used to enable specific global configuration to the WAN edge device. The other half of the
configuration is policy other than templates.

Overlay Management Protocol (OMP):

The OMP routing protocol, which has a structure similar to BGP, manages the SD-WAN overlay
network. The protocol runs between vSmart controllers and between vSmart controllers and
WAN Edge routers where control plane information, such as route prefixes, next-hop routes,
crypto keys, and policy information, is exchanged over a secure DTLS or TLS connection. The
vSmart controller acts similar to a BGP route reflector; it receives routes from WAN Edge
routers, processes and applies any policy to them, and then advertises the routes to other WAN
Edge routers in the overlay network.

Used for sending Layer 3 updates from vEdges to vSmart. OMP is enabled by default on all
vEdge routers, vManage NMSs, and vSmart controllers, so there is no need to explicitly
configure or enable OMP. It must be operational for the Viptela overlay network to function.

2 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , WhatsApp: 00966564303717

Fabric:
Fabric is a cloud delivered network that is secure, scalable, open and simple to deploy and if we
talk about the Viptela Fabric solution, it enables an Enterprise to extend its network footprint to
all infrastructure elements using a single platform. This includes branches, campus, remote
sites, Cloud and data center. In simple words the combination of overlay and underlay, which
together provide all features to deliver data across the network with the desired features and
attributes.

DTLS (Datagram Transport Layer Security protocol):

The vSmart controller, which is the centralized brain of the Viptela solution, establishes and
maintains DTLS or TLS connections to all Viptela devices in the overlay network which means to
the vEdge routers, the vBond orchestrators, to vManage NMSs, and to other vSmart controllers.
These connections carry control plane traffic. DTLS or TLS provides communication privacy
between Viptela devices in the network, using the Advanced Encryption Standard (AES-256)
encryption algorithm to encrypt all control traffic sent over the connections.

Zero Touch Provisioning (ZTP):

Zero Touch Provisioning (ZTP) service is a Cloud-based automatic provisioning of network
devices in a remote location, without sending a network engineer to the site. ZTP limits human
errors and efficiently installs and upgrades device software images & also installs configuration
files on the network devices in the entire network.

3 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , WhatsApp: 00966564303717