Managed and Unmanaged Mesh:
Simplify Network Management with Multapplied SD-WAN
Multapplied SD-WAN has two types of modes for Core Node Mesh: Managed and Unmanaged. In Managed Mesh, the SD-WAN software manages the mesh between the core SD-WAN nodes, adding interfaces, paths, and routes automatically, and adding or removing nodes for each customer as sites are added or removed.
Managed Mesh uses a combination of VXLAN interfaces and dynamic routing protocols to deliver a routed Private WAN (PWAN) architecture on a per-space level.
How Managed Mesh Works
To understand Managed Mesh, it’s useful to start with a physical network diagram, like this:
In this network, there are four sites (in green) that connect to two data centers (red and blue) using Multapplied SD-WAN. Each data center contains a firewall or gateway device, a core switch and two Aggregators.
To illustrate how Managed Mesh works, let’s examine a scenario in which data from customer site SPC1-Bond1 (Space 1, Bond 1) — which is directly supported by Agg1-RG1 (red) — is being sent to customer site SPC1-Bond2 — which is supported by Agg2-RG1. Typically, data from SPC1-Bond1 would flow to Agg1-RG1 and be routed to Agg2-RG1, which would then forward it to SPC1-Bond2.
When deploying with Managed Mesh, the path between Agg1-RG1 and Agg2-RG1 would use VXLAN and Multapplied SD-WAN will automatically create the interfaces, paths and routes between Aggregators (Agg1 and Agg2) included in SPC1.
The next diagram illustrates the mesh between four Aggregators included in the same space.
Again, the configuration and setup of the interfaces, paths, and routes are done automatically by the network. In this diagram, Agg1 through 4 are automatically meshed with the routes in red (between Agg1 and Agg2 in RG1) and in blue (between Agg3 and Agg4 in RG2). The yellow routes support redundancy between Aggregators in RG1 and RG2.
Multapplied SD-WAN automatically creates meshed infrastructure for each specific customer space in which Managed Mesh is turned on in the management server. Managed Mesh is toggled on within a space’s Private WAN settings. Once turned on, all Aggregators added to that space are automatically meshed.
Important to Note
- A distinct mesh is established for each Managed Mesh PWAN space. The mesh expands and shrinks to include and exclude Aggregators as needed (for example, as Edge CPE/bonders belonging to a Managed Mesh PWAN space are added or removed).
- There are no statically configured gateways in Managed Mesh PWAN, and no PWAN NAT is done in bonding. Instead, Aggregator interfaces and protocols can be created to peer with external routers as needed.
- Since Aggregators and CPE/bonders peer with external routers in a channel partner’s network directly, Managed Mesh PWAN networks are fully integratable with other networks using dynamic routing.
Benefits of VXLAN
- VXLAN packets are transferred through the underlying network based on the Layer 3 header, and can take complete advantage of Layer 3 routing and link aggregation protocols to use all available paths, supporting better use of all available network paths.
- With VXLAN deployed, virtual machines can migrate between servers that exist in separate Layer 2 domains by tunneling the traffic over Layer 3 networks, allowing resources to be dynamically allocated within or between data centers without being constrained by Layer 3 boundaries
- VXLAN extends Layer 2 segments over the underlying shared network infrastructure so tenant workload can be placed across physical pods.
- VXLAN supports scalability of Layer 2 segments. VXLAN uses a 24-bit VXLAN network identifier (VNID), allowing up to 16 million VXLAN segments to coexist in the same administrative domain.
In Unmanaged Mesh, interfaces, paths and routes must be manually created by the channel partner for Aggregators included in a customer space.
Unmanaged Mesh provides Multapplied channel partners with highly granular control over network connections and performance.
How Unmanaged Mesh Works
Using the same rough topology as shown in earlier examples — but deploying it using Multapplied SD-WAN’s Unmanaged Mesh configuration — creates a network that looks like the diagram below.
In this example, there is no path between any of the sites, meaning no data can move between them.
Paths must be defined manually during PWAN setup in this Unmanaged Mesh customer space.
In the following diagram, we see the same PWAN, but with OSPF and BGP configured so that selected aggregators can route traffic to each other. Agg1-RG1 can only communicate with Agg2-RG1 and Agg2-RG1 can communicate with Agg3-RG2. All these interfaces, addressing and routing were configured manually.
In this case, data that needs to move from SPC1-Bond1 to SPC1-Bond4 would be sent to Agg1-RG1, through Agg2-RG1, across to Agg3-RG2, to Agg4-RG2 and then to SPC1-Bond4.
This particular routing could be set up to ensure that data between RG1 and RG2 uses the specific network path between Agg2-RG1 and Agg3-RG2. This path may be selected and preferred because it is a dedicated high-speed fiber connection connecting RG1 and RG2 over a long distance, for example.
Important to Note
- When Unmanaged Mesh is selected for a customer, only the Edge or CPE/bonder are configured as BGP peers with their Aggregators, and PWAN only creates the link between the CPE and the Aggregator.
- Paths between the Aggregators assigned to the specific customer space deployed with Unmanaged Mesh must be created manually when Aggregators are added to the space. This requires the channel partner to create interfaces on the Aggregators and define routes manually.