ProHoster > Π‘Π»ΠΎΠ³ > Kev tswj hwm > Puas yuav Cisco SD-WAN txiav tawm ceg ntawm DMVPN zaum?

Puas yuav Cisco SD-WAN txiav tawm ceg ntawm DMVPN zaum?

Txij li thaum Lub Yim Hli 2017, thaum Cisco tau txais Viptela, cov thev naus laus zis tseem ceeb rau kev teeb tsa kev lag luam sib koom tes tau dhau los ua Cisco SD-WAN. Hauv 3 xyoo dhau los, SD-WAN thev naus laus zis tau dhau los ntawm ntau qhov kev hloov pauv, ob qho tib si zoo thiab ntau. Yog li, kev ua haujlwm tau nthuav dav heev thiab kev txhawb nqa tau tshwm sim ntawm cov routers classic ntawm koob Cisco ISR 1000, ISR 4000, ASR 1000 thiab Virtual CSR 1000v. Tib lub sijhawm, ntau Cisco cov neeg siv khoom thiab cov koom tes txuas ntxiv xav tsis thoob: Dab tsi yog qhov sib txawv ntawm Cisco SD-WAN thiab cov kev paub dhau los raws li cov thev naus laus zis xws li Cisco DMVPN ΠΈ Cisco Performance Routing thiab qhov txawv no tseem ceeb npaum li cas?

Ntawm no peb yuav tsum tau txais kev tshwj tseg tam sim ntawd ua ntej qhov tshwm sim ntawm SD-WAN hauv Cisco portfolio, DMVPN ua ke nrog PfR tsim ib feem tseem ceeb hauv kev tsim vaj tsev. Cisco IWAN (Kev txawj ntse WAN), uas nyob rau hauv lem yog tus predecessor ntawm tag nrho-fledged SD-WAN technology. Txawm hais tias qhov zoo sib xws ntawm ob txoj haujlwm tau daws thiab cov txheej txheem los daws lawv, IWAN yeej tsis tau txais qib ntawm automation, yooj thiab scalability tsim nyog rau SD-WAN, thiab dhau sijhawm, kev txhim kho ntawm IWAN tau txo qis. Tib lub sijhawm, cov thev naus laus zis uas ua rau IWAN tsis tau ploj mus, thiab ntau tus neeg siv khoom txuas ntxiv siv lawv ua tiav, suav nrog cov khoom siv niaj hnub no. Raws li qhov tshwm sim, qhov xwm txheej nthuav tau tshwm sim - tib yam khoom siv Cisco tso cai rau koj xaiv qhov tsim nyog WAN thev naus laus zis (classic, DMVPN + PfR lossis SD-WAN) raws li cov kev xav tau thiab kev cia siab ntawm cov neeg siv khoom.

Tsab xov xwm tsis npaj siab yuav tshuaj xyuas kom meej tag nrho cov yam ntxwv ntawm Cisco SD-WAN thiab DMVPN thev naus laus zis (nrog lossis tsis muaj Kev Routing) - muaj ntau cov ntaub ntawv muaj thiab cov ntaub ntawv rau qhov no. Lub luag haujlwm tseem ceeb yog sim ntsuas qhov sib txawv tseem ceeb ntawm cov thev naus laus zis no. Tab sis ua ntej yuav mus tham txog qhov sib txawv no, cia peb luv luv nco txog cov thev naus laus zis lawv tus kheej.

Cisco DVPN yog dab tsi thiab vim li cas nws thiaj xav tau?

Cisco DMVPN daws qhov teeb meem ntawm dynamic (= scalable) kev twb kev txuas ntawm ib tug tej thaj chaw deb ceg network rau lub network ntawm lub hauv paus chaw ua hauj lwm ntawm ib tug enterprise thaum siv arbitrary hom kev sib txuas lus raws, nrog rau hauv Internet (= nrog encryption ntawm kev sib txuas lus channel). Technically, qhov no yog pom tau los ntawm kev tsim ib tug virtualized overlay network ntawm L3 VPN chav kawm nyob rau hauv point-to-multipoint hom nrog ib tug logical topology ntawm "Star" hom (Hub-n-Spoke). Txhawm rau ua tiav qhov no, DMVPN siv kev sib xyaw ua ke ntawm cov thev naus laus zis hauv qab no:

  • IP txoj kev
  • Multipoint GRE qhov (mGRE)
  • Tom ntej no Hop Resolution Protocol (NHRP)
  • IPSec Crypto profiles

Puas yuav Cisco SD-WAN txiav tawm ceg ntawm DMVPN zaum?

Dab tsi yog qhov txiaj ntsig tseem ceeb ntawm Cisco DMVPN piv rau classic routing siv MPLS VPN raws?

  • Txhawm rau tsim kom muaj kev sib koom tes sib koom tes, nws tuaj yeem siv txhua txoj kev sib txuas lus - txhua yam uas tuaj yeem muab kev sib txuas IP ntawm cov ceg ntoo yog qhov tsim nyog, thaum lub tsheb yuav raug encrypted (qhov tsim nyog) thiab sib npaug (qhov twg ua tau)
  • Ib qho kev sib txuas tag nrho topology ntawm cov ceg ntoo raug tsim. Nyob rau tib lub sijhawm, muaj qhov zoo li qub ntawm cov ceg ntoo hauv nruab nrab thiab cov chaw taws teeb, thiab cov dynamic tunnels ntawm kev thov ntawm cov ceg ntoo nyob deb (yog tias muaj tsheb khiav)
  • Cov routers ntawm cov chaw nruab nrab thiab cov chaw taws teeb muaj tib lub teeb tsa mus txog IP chaw nyob ntawm cov interfaces. Los ntawm kev siv mGRE, tsis tas yuav tsum tau teeb tsa ib tus zuj zus, ntau pua, lossis ntau txhiab qhov. Yog li ntawd, dlej scalability nrog txoj cai tsim.

Cisco Performance Routing yog dab tsi thiab vim li cas nws thiaj xav tau?

Thaum siv DMVPN ntawm lub network interbranch, ib lo lus nug tseem ceeb tseem tsis tau daws - yuav ua li cas ntsuas lub xeev ntawm txhua qhov ntawm DMVPN qhov rau kev ua raws li cov kev cai ntawm kev khiav tsheb tseem ceeb rau peb lub koom haum thiab, dua, raws li qhov kev ntsuam xyuas, dynamically ua. ib qho kev txiav txim ntawm rerouting? Qhov tseeb yog tias DMVPN nyob rau hauv qhov no txawv me ntsis los ntawm classical routing - qhov zoo tshaj plaws uas yuav ua tau yog los txhim kho QoS mechanisms uas yuav tso cai rau koj mus saib xyuas cov tsheb khiav nyob rau hauv lub outgoing kev taw qhia, tab sis nyob rau hauv tsis muaj txoj kev muaj peev xwm coj mus rau hauv tus account lub xeev. tag nrho txoj kev ntawm ib lub sij hawm los yog lwm qhov.

Thiab yuav ua li cas yog tias cov channel degrades ib nrab thiab tsis tag - yuav ua li cas txhawm rau txheeb xyuas thiab ntsuas qhov no? DVPN nws tus kheej tsis tuaj yeem ua qhov no. Xav txog tias cov kev sib txuas ntawm cov ceg ntoo tuaj yeem dhau los ntawm cov neeg siv xov tooj sib txawv, siv cov thev naus laus zis sib txawv, txoj haujlwm no dhau los ua qhov tsis tseem ceeb. Thiab qhov no yog qhov Cisco Performance Routing thev naus laus zis los cawm, uas los ntawm lub sijhawm ntawd twb dhau mus dhau ntau theem ntawm kev txhim kho.

Puas yuav Cisco SD-WAN txiav tawm ceg ntawm DMVPN zaum?

Lub luag haujlwm ntawm Cisco Performance Routing (tom qab no PfR) nqis los ntsuas lub xeev ntawm txoj kev (tunnels) ntawm kev khiav tsheb raws li cov ntsuas tseem ceeb tseem ceeb rau kev siv network - latency, latency variation (jitter) thiab pob ntawv poob (feem pua). Tsis tas li ntawd, qhov siv bandwidth tuaj yeem ntsuas tau. Cov kev ntsuas no tshwm sim ze rau lub sijhawm tiag tiag li ua tau thiab tsim nyog, thiab cov txiaj ntsig ntawm cov kev ntsuas no tso cai rau lub router siv PfR los txiav txim siab dynamically txog qhov yuav tsum tau hloov txoj kev ntawm no lossis hom kev khiav tsheb.

Yog li, txoj haujlwm ntawm DMVPN / PfR ua ke tuaj yeem piav qhia luv luv raws li hauv qab no:

  • Cia tus neeg siv khoom siv txhua txoj kev sib txuas lus ntawm WAN network
  • Xyuas kom meej qhov ua tau zoo tshaj plaws ntawm cov ntawv thov tseem ceeb ntawm cov channel no

Cisco SD-WAN yog dab tsi?

Cisco SD-WAN yog ib lub tshuab uas siv SDN txoj hauv kev los tsim thiab ua haujlwm ntawm lub koom haum WAN network. Qhov no tshwj xeeb txhais tau hais tias kev siv cov tswj hwm (cov ntsiab lus software), uas muab cov kev pabcuam hauv nruab nrab thiab kev teeb tsa ntawm txhua qhov kev daws teeb meem. Tsis zoo li cov canonical SDN (Clean Slate style), Cisco SD-WAN siv ntau hom kev tswj hwm, txhua tus ua nws tus kheej lub luag haujlwm - qhov no tau ua kom txhob txwm ua kom zoo dua scalability thiab geo-redundancy.

Puas yuav Cisco SD-WAN txiav tawm ceg ntawm DMVPN zaum?

Nyob rau hauv rooj plaub ntawm SD-WAN, txoj haujlwm ntawm kev siv txhua hom kev sib txuas thiab ua kom muaj kev ua haujlwm ntawm cov ntawv thov kev lag luam tseem zoo ib yam, tab sis tib lub sijhawm, cov kev xav tau rau automation, scalability, kev ruaj ntseg thiab yooj yim ntawm xws li ib tug network nthuav.

Kev sib tham txog qhov sib txawv

Yog tias peb tam sim no pib txheeb xyuas qhov sib txawv ntawm cov thev naus laus zis no, lawv yuav poob rau hauv ib qho ntawm cov hauv qab no:

  • Architectural sib txawv - yuav ua li cas muaj nuj nqi faib nyob rau hauv ntau yam Cheebtsam ntawm cov kev daws teeb meem, yuav ua li cas yog cov kev sib raug zoo ntawm xws li cov Cheebtsam, thiab yuav ua li cas nws cuam tshuam rau lub peev xwm thiab yooj ntawm lub tshuab?
  • Functionality - Dab tsi ua tau ib lub tshuab ua kom lwm tus ua tsis tau? Thiab nws puas tseem ceeb heev?

Dab tsi yog qhov sib txawv ntawm architectural thiab lawv tseem ceeb?

Txhua yam ntawm cov thev naus laus zis no muaj ntau qhov "txav mus" uas txawv tsis yog hauv lawv lub luag haujlwm xwb, tab sis kuj nyob rau hauv kev sib cuam tshuam nrog ib leeg. Yuav ua li cas zoo cov ntsiab cai no yog xav tawm thiab lub dav mechanics ntawm kev daws ncaj qha txiav txim siab nws scalability, txhaum kam rau ua thiab tag nrho cov efficiency.

Cia peb saib ntau yam ntawm architecture hauv kev nthuav dav ntxiv:

Cov ntaub ntawv-dav hlau - ib feem ntawm kev daws teeb meem lub luag haujlwm rau kev xa cov neeg siv tsheb khiav ntawm qhov chaw thiab tus neeg txais. DMVPN thiab SD-WAN tau siv feem ntau zoo ib yam ntawm cov routers lawv tus kheej raws li Multipoint GRE tunnels. Qhov txawv yog li cas cov txheej txheem tsim nyog rau cov tunnels no yog tsim:

  • Π² DMVPN/PfR yog ib qho tshwj xeeb ob-theem hierarchy ntawm nodes nrog lub hnub qub lossis Hub-n-Spoke topology. Kev teeb tsa zoo li qub ntawm Hub thiab kev sib txuas zoo li qub ntawm Spoke rau Hub yog xav tau, nrog rau kev sib cuam tshuam ntawm NHRP raws tu qauv los tsim cov ntaub ntawv-dav hlau txuas. Yog li ntawd, kev hloov pauv rau Hub nyuaj heevntsig txog, piv txwv li, hloov / txuas WAN cov channel tshiab lossis hloov qhov tsis muaj qhov uas twb muaj lawm.
  • Π² SD WAN yog tus qauv ua kom muaj zog rau kev kuaj xyuas qhov tsis sib xws ntawm kev teeb tsa qhov av raws li kev tswj-dav dav hlau (OMP raws tu qauv) thiab orchestration-plane (kev cuam tshuam nrog vBond maub los rau kev tswj xyuas thiab NAT traversal dej num). Nyob rau hauv rooj plaub no, txhua yam superimposed topologies tuaj yeem siv tau, suav nrog cov hierarchical. Nyob rau hauv lub tsim overlay tunnel topology, hloov tau yooj yim configuration ntawm lub logical topology nyob rau hauv txhua tus neeg VPN (VRF) yog ua tau.

Puas yuav Cisco SD-WAN txiav tawm ceg ntawm DMVPN zaum?

Tswj- dav hlau - Kev ua haujlwm ntawm kev sib pauv, lim dej thiab hloov kho cov kev qhia thiab lwm yam ntaub ntawv ntawm cov khoom siv tshuaj.

  • Π² DMVPN/PfR - nqa tawm tsuas yog ntawm Hub thiab Spoke routers. Kev sib pauv ncaj qha ntawm kev sib txuas lus ntawm Spokes tsis tuaj yeem ua tau. Yog li ntawd, Yog tsis muaj lub Hub ua haujlwm, lub dav hlau tswj thiab cov ntaub ntawv-dav hlau tsis tuaj yeem ua haujlwm, uas ua rau muaj kev xav tau ntau ntxiv ntawm Hub uas tsis tuaj yeem ua tau raws li txhua lub sijhawm.
  • Π² SD WAN - tswj-dav dav hlau tsis tau ua tiav ncaj qha ntawm routers - kev sib cuam tshuam tshwm sim raws li OMP raws tu qauv thiab yuav tsum tau ua los ntawm kev sib cais tshwj xeeb ntawm vSmart maub los, uas muab qhov muaj peev xwm sib npaug, geo-reservation thiab centralized tswj ntawm lub teeb liab load. Lwm qhov tshwj xeeb ntawm OMP raws tu qauv yog nws qhov tseem ceeb tiv thaiv kev poob thiab kev ywj pheej los ntawm kev ceev ntawm kev sib txuas lus nrog cov tswj hwm (hauv qhov kev txwv tsim nyog, tau kawg). Qhov sib npaug ua tiav tso cai rau koj tso SD-WAN cov tswj hwm hauv huab huab lossis ntiag tug nrog kev nkag mus hauv Is Taws Nem.

Puas yuav Cisco SD-WAN txiav tawm ceg ntawm DMVPN zaum?

Txoj cai-plam - ib feem ntawm kev daws teeb meem lub luag haujlwm rau kev txhais, faib thiab siv cov cai tswj kev tsheb khiav ntawm ib lub network sib faib.

  • DMVPN - raug txwv zoo los ntawm kev pabcuam zoo (QoS) cov cai tswjfwm tus kheej ntawm txhua tus router ntawm CLI lossis Prime Infrastructure templates.
  • DMVPN/PfR - PfR cov cai yog tsim los ntawm centralized Master Controller (MC) router ntawm CLI thiab mam li muab faib rau ceg MCs. Nyob rau hauv cov ntaub ntawv no, tib txoj cai hloov txoj kev yog siv raws li rau cov ntaub ntawv-dav hlau. Tsis muaj peev xwm cais cov kev sib pauv ntawm cov cai, kev qhia cov ntaub ntawv thiab cov neeg siv cov ntaub ntawv. Txoj cai tshaj tawm yuav tsum muaj kev sib txuas ntawm IP ntawm Hub thiab Hais. Hauv qhov no, MC kev ua haujlwm tuaj yeem, yog tias tsim nyog, ua ke nrog DMVPN router. Nws yog ua tau (tab sis tsis tas yuav) siv Prime Infrastructure templates rau centralized txoj cai tiam. Ib qho tseem ceeb feature yog tias txoj cai raug tsim thoob ntiaj teb thoob plaws hauv lub network tib yam - Cov cai ntawm tus kheej rau ib ntus tsis tau txais kev txhawb nqa.
  • SD WAN - Kev tswj hwm kev tsheb thiab kev pabcuam zoo yog txiav txim siab hauv nruab nrab los ntawm Cisco vManage graphical interface, siv tau los ntawm Is Taws Nem (yog tias tsim nyog). Lawv raug faib tawm los ntawm kev xa xov ncaj qha lossis tsis ncaj qha los ntawm vSmart controllers (nyob ntawm seb hom txoj cai). Lawv tsis nyob ntawm cov ntaub ntawv-dav hlau txuas ntawm routers, vim siv txhua txoj hauv kev muaj nyob nruab nrab ntawm tus maub los thiab lub router.

    Rau cov kev sib txawv network, nws muaj peev xwm hloov tau yooj yim tsim cov cai sib txawv - cov kev cai ntawm txoj cai yog txiav txim siab los ntawm ntau tus cim tshwj xeeb uas tau muab rau hauv cov kev daws teeb meem - ceg naj npawb, hom ntawv thov, kev coj mus los, thiab lwm yam.

Puas yuav Cisco SD-WAN txiav tawm ceg ntawm DMVPN zaum?

Orchestration-plane - cov txheej txheem uas tso cai rau cov khoom sib xyaw kom pom kev sib txawv, teeb tsa thiab sib koom ua ke tom ntej.

  • Π² DMVPN/PfR Kev sib nrig sib pom ntawm routers yog ua raws li kev teeb tsa zoo li qub ntawm Hub cov khoom siv thiab cov teeb tsa sib txuas ntawm Spoke li. Kev tshawb pom Dynamic tshwm sim tsuas yog rau Spoke, uas tshaj tawm nws qhov kev sib txuas ntawm Hub rau lub cuab yeej, uas nyob rau hauv lem yog pre-configured nrog Spoke. Yog tsis muaj IP txuas ntawm Spoke thiab tsawg kawg ib Hub, nws tsis tuaj yeem tsim cov ntaub ntawv-dav hlau lossis lub dav hlau tswj.
  • Π² SD WAN orchestration ntawm cov tshuaj tivthaiv tshwm sim siv vBond maub los, uas txhua yam khoom (routers thiab vManage / vSmart controllers) yuav tsum xub tsim kom muaj kev sib txuas IP.

    Thaum xub thawj, cov khoom tsis paub txog kev sib txuas tsis sib xws - rau qhov no lawv xav tau vBond intermediary orchestrator. Lub hauv paus ntsiab lus tseem ceeb yog raws li hauv qab no - txhua yam hauv cov theem pib kawm (automatically lossis statically) tsuas yog hais txog kev sib txuas tsis sib xws rau vBond, tom qab ntawd vBond qhia lub router txog vManage thiab vSmart controllers (pom tau ua ntej), uas ua rau nws muaj peev xwm tsim tau. tag nrho cov tsim nyog signaling kev twb kev txuas.

    Cov kauj ruam tom ntej yog rau lub router tshiab kom paub txog lwm lub routers ntawm lub network los ntawm OMP kev sib txuas lus nrog vSmart maub los. Yog li, lub router, tsis tau pib paub dab tsi ntawm txhua yam ntawm lub network tsis, muaj peev xwm ua kom pom tseeb thiab txuas mus rau cov tswj hwm thiab tom qab ntawd tseem tuaj yeem ntes thiab tsim kev sib txuas nrog lwm cov routers. Nyob rau hauv rooj plaub no, qhov kev sib txuas tsis tau ntawm tag nrho cov Cheebtsam yog pib tsis paub thiab tej zaum yuav hloov thaum lub sij hawm ua hauj lwm.

Puas yuav Cisco SD-WAN txiav tawm ceg ntawm DMVPN zaum?

Kev tswj-dav hlau - ib feem ntawm kev daws teeb meem uas muab kev tswj hwm hauv nruab nrab thiab kev saib xyuas.

  • DMVPN/PfR - tsis muaj kev tswj tshwj xeeb-txoj kev daws teeb meem. Rau qhov yooj yim automation thiab saib xyuas, cov khoom xws li Cisco Prime Infrastructure tuaj yeem siv. Txhua lub router muaj peev xwm tswj tau los ntawm CLI hais kom ua kab. Kev koom ua ke nrog cov tshuab sab nraud ntawm API tsis muab.
  • SD WAN - txhua qhov kev sib tham tsis tu ncua thiab kev saib xyuas yog nqa tawm hauv nruab nrab los ntawm graphical interface ntawm vManage maub los. Tag nrho cov yam ntxwv ntawm cov kev daws teeb meem, tsis muaj qhov tshwj xeeb, muaj rau kev teeb tsa los ntawm vManage, nrog rau los ntawm cov ntaub ntawv REST API cov ntaub ntawv tag nrho.

    Tag nrho SD-WAN network teeb tsa hauv vManage nqes mus rau ob lub ntsiab tsim - tsim cov cuab yeej qauv (Device Template) thiab tsim ib txoj cai uas txiav txim siab txog kev ua haujlwm hauv network thiab kev ua haujlwm. Nyob rau tib lub sijhawm, vManage, tshaj tawm txoj cai tsim los ntawm tus thawj coj, cia li xaiv cov kev hloov pauv thiab ntawm tus kheej cov khoom siv / cov tswj yuav tsum tau ua, uas ua rau muaj txiaj ntsig zoo thiab muaj peev xwm ntawm kev daws teeb meem.

    Los ntawm vManage interface, tsis yog kev teeb tsa ntawm Cisco SD-WAN kev daws teeb meem nkaus xwb, tab sis kuj muaj kev saib xyuas tag nrho ntawm cov xwm txheej ntawm txhua qhov kev daws teeb meem, nqes mus rau lub xeev tam sim no ntawm kev ntsuas rau tus kheej tunnels thiab kev txheeb cais ntawm kev siv ntau yam kev siv. raws li DPI tsom xam.

    Txawm hais tias muaj kev sib cuam tshuam hauv nruab nrab, txhua yam khoom siv (cov tswj hwm thiab cov routers) kuj muaj cov kab ke ua haujlwm CLI tag nrho, uas yog qhov tsim nyog nyob rau theem kev siv lossis thaum muaj xwm txheej ceev rau kev kuaj mob hauv zos. Hauv hom ib txwm muaj (yog tias muaj lub cim qhia ntawm cov khoom sib txuas) ntawm routers, kab hais kom ua tsuas yog muaj rau kev kuaj mob thiab tsis muaj rau kev hloov pauv hauv zos, uas lav kev ruaj ntseg hauv zos thiab tsuas yog qhov kev hloov pauv hauv lub network no yog vManage.

Integrated Security - ntawm no peb yuav tsum tham tsis yog tsuas yog hais txog kev tiv thaiv cov neeg siv cov ntaub ntawv thaum kis tau tus kab mob qhib, tab sis kuj hais txog kev ruaj ntseg tag nrho ntawm WAN network raws li kev xaiv thev naus laus zis.

  • Π² DMVPN/PfR Nws muaj peev xwm encrypt cov neeg siv cov ntaub ntawv thiab signaling raws tu qauv. Thaum siv qee cov qauv router, firewall ua haujlwm nrog kev tshuaj xyuas tsheb, IPS / IDS kuj muaj. Nws tuaj yeem faib cov ceg tes hauj lwm siv VRF. Nws muaj peev xwm ua kom paub tseeb (ib qho xwm txheej) tswj cov txheej txheem.

    Nyob rau hauv cov ntaub ntawv no, lub chaw taws teeb router yog suav hais tias yog ib tug ntseeg lub ntsiab ntawm lub network los ntawm lub neej ntawd - i.e. Cov xwm txheej ntawm kev cuam tshuam lub cev ntawm tus kheej cov cuab yeej thiab qhov muaj peev xwm tsis raug tso cai nkag mus rau lawv tsis raug suav los yog muab rau hauv tus account; tsis muaj ob qhov kev lees paub qhov tseeb ntawm cov khoom siv tshuaj, uas nyob rau hauv rooj plaub ntawm thaj chaw faib network. tej zaum yuav muaj teeb meem loj ntxiv.

  • Π² SD WAN los ntawm kev sib piv nrog DMVPN, lub peev xwm los encrypt cov neeg siv cov ntaub ntawv yog muab, tab sis nrog kev nthuav dav network kev ruaj ntseg thiab L3 / VRF segmentation functions (firewall, IPS / IDS, URL filtering, DNS filtering, AMP / TG, SASE, TLS / SSL npe, ib.) d.). Nyob rau tib lub sijhawm, kev sib pauv ntawm cov yuam sij encryption yog ua tau zoo dua los ntawm vSmart controllers (tshwj tsis yog ncaj qha), los ntawm kev tsim ua ntej cov teeb liab channel tiv thaiv los ntawm DTLS / TLS encryption raws li daim ntawv pov thawj kev ruaj ntseg. Uas nyob rau hauv lem guarantees kev ruaj ntseg ntawm xws exchanges thiab xyuas kom meej zoo scalability ntawm cov tshuaj mus txog kaum tawm txhiab ntawm cov khoom siv nyob rau tib lub network.

    Tag nrho cov kev sib txuas lus (controller-to-controller, controller-router) kuj raug tiv thaiv raws li DTLS/TLS. Routers tau nruab nrog daim ntawv pov thawj kev nyab xeeb thaum lub sijhawm tsim khoom nrog qhov muaj peev xwm hloov / txuas ntxiv. Ob qhov kev lees paub tseeb yog ua tiav los ntawm qhov yuav tsum tau ua thiab ua tiav ib txhij ntawm ob qho xwm txheej rau router / maub los ua haujlwm hauv SD-WAN network:

    • Daim ntawv pov thawj kev ruaj ntseg siv tau
    • Qhia meej thiab nco ntsoov suav nrog los ntawm tus thawj coj ntawm txhua qhov khoom hauv "dawb" daim ntawv teev cov khoom siv tau tso cai.

Puas yuav Cisco SD-WAN txiav tawm ceg ntawm DMVPN zaum?

Kev ua haujlwm sib txawv ntawm SD-WAN thiab DMVPN / PfR

Tsiv mus rau kev sib tham txog kev ua haujlwm sib txawv, nws yuav tsum tau muab sau tseg tias ntau ntawm lawv yog kev txuas ntxiv ntawm cov vaj tsev - nws tsis yog ib qho zais cia tias thaum tsim cov qauv kev daws teeb meem, cov neeg tsim khoom pib los ntawm cov peev txheej uas lawv xav tau thaum kawg. Cia peb saib qhov sib txawv tseem ceeb ntawm ob lub thev naus laus zis.

AppQ (Application Quality) - ua haujlwm los xyuas kom meej qhov zoo ntawm kev sib kis ntawm kev lag luam daim ntawv thov kev khiav tsheb

Lub luag haujlwm tseem ceeb ntawm cov thev naus laus zis tau txiav txim siab yog txhawm rau txhim kho cov neeg siv kev paub ntau li ntau tau thaum siv kev lag luam-kev siv tseem ceeb hauv kev sib faib network. Qhov no yog ib qho tseem ceeb tshwj xeeb tshaj yog nyob rau hauv tej yam kev mob uas ib feem ntawm lub infrastructure tsis tswj los ntawm IT los yog tsis txawm guaranteed ua tiav cov ntaub ntawv hloov.

DVPN tsis yog nws tus kheej muab cov txheej txheem zoo li no. Qhov zoo tshaj plaws uas yuav ua tau nyob rau hauv ib tug classic DMVPN network yog los faib cov tsheb khiav tawm los ntawm daim ntawv thov thiab muab qhov tseem ceeb rau nws thaum kis mus rau WAN channel. Qhov kev xaiv ntawm DMVPN qhov yog txiav txim siab hauv qhov no tsuas yog los ntawm nws qhov muaj thiab qhov tshwm sim ntawm kev ua haujlwm ntawm cov txheej txheem routing. Nyob rau tib lub sijhawm, qhov kawg-rau-kawg xeev ntawm txoj kev / qhov thiab nws qhov ua tau ib nrab degradation tsis suav nrog hauv cov ntsiab lus ntawm cov kev ntsuas tseem ceeb uas tseem ceeb rau kev siv network - ncua, ncua kev hloov pauv (jitter) thiab poob (% ). Hauv qhov no, ncaj qha piv cov classic DMVPN nrog SD-WAN hais txog kev daws teeb meem AppQ poob txhua lub ntsiab lus - DMVPN tsis tuaj yeem daws qhov teeb meem no. Thaum koj ntxiv Cisco Performance Routing (PfR) thev naus laus zis rau hauv cov ntsiab lus no, qhov xwm txheej hloov pauv thiab kev sib piv nrog Cisco SD-WAN ua rau muaj txiaj ntsig ntau dua.

Ua ntej peb sib tham txog qhov sib txawv, ntawm no yog saib ceev ceev ntawm cov technologies zoo sib xws. Yog li, ob qho tib si technologies:

  • muaj ib tug mechanism uas tso cai rau koj mus dynamically ntsuam xyuas lub xeev ntawm txhua lub qhov tsim nyob rau hauv cov nqe lus ntawm tej metrics - tsawg kawg, ncua, ncua variation thiab pob ntawv poob (%)
  • siv cov txheej txheem tshwj xeeb los tsim, faib thiab siv cov cai tswj kev tsheb khiav (cov cai), suav nrog cov txiaj ntsig ntawm kev ntsuas lub xeev ntawm cov ntsuas qhov tseem ceeb.
  • cais cov ntawv thov kev khiav tsheb ntawm qib L3-L4 (DSCP) ntawm OSI qauv lossis los ntawm L7 daim ntawv thov kos npe raws li DPI cov txheej txheem tsim rau hauv router
  • Rau cov ntawv thov tseem ceeb, lawv tso cai rau koj los txiav txim siab qhov kev lees paub ntawm qhov ntsuas ntsuas, cov cai rau kev xa cov tsheb khiav los ntawm lub neej ntawd, thiab cov cai rau kev hloov tsheb rov qab thaum cov nqi pib tshaj.
  • Thaum encapsulating tsheb khiav hauv GRE / IPSec, lawv siv cov txheej txheem kev lag luam uas twb tau tsim los hloov cov cim DSCP sab hauv mus rau sab nraud GRE / IPSEC pob ntawv header, uas tso cai rau synchronizing QoS cov cai ntawm lub koom haum thiab cov neeg siv xov tooj (yog tias muaj qhov tsim nyog SLA) .

Puas yuav Cisco SD-WAN txiav tawm ceg ntawm DMVPN zaum?

SD-WAN thiab DMVPN/PfR qhov ntsuas qhov kawg-rau-kawg txawv li cas?

DMVPN/PfR

  • Ob qho tib si nquag thiab passive software sensors (Probes) yog siv los ntsuas cov qauv ntsuas kev noj qab haus huv. Active sawv daws yuav raws li cov neeg siv tsheb, passive ones emulate xws li tsheb (nyob rau hauv nws tsis muaj).
  • Tsis muaj qhov zoo-tuning ntawm timers thiab degradation detection tej yam kev mob - lub algorithm yog tsau.
  • Tsis tas li ntawd, kev ntsuas ntawm kev siv bandwidth nyob rau hauv cov kev taw qhia tawm yog muaj. Uas ntxiv ntxiv kev tswj tsheb khiav yooj yim rau DMVPN/PfR.
  • Nyob rau tib lub sijhawm, qee qhov PfR cov txheej txheem, thaum ntsuas ntsuas tau dhau los, tso siab rau cov lus qhia tawm tswv yim hauv daim ntawv tshwj xeeb TCA (Threshold Crossing Alert) cov lus uas yuav tsum tau los ntawm tus neeg txais tsheb khiav mus rau qhov chaw, uas nyob rau hauv lem xav tias lub xeev ntawm lub ntsuas raws yuav tsum muaj tsawg kawg yog txaus rau kis tau tus mob TCA cov lus. Uas feem ntau tsis yog teeb meem, tab sis pom tseeb tsis tuaj yeem lav.

SD WAN

  • Rau qhov kawg-rau-kawg ntsuam xyuas ntawm tus qauv tunnel state metrics, BFD raws tu qauv yog siv nyob rau hauv ncha hom. Hauv qhov no, kev tawm tswv yim tshwj xeeb hauv daim ntawv TCA lossis cov lus zoo sib xws tsis tas yuav tsum tau - kev cais tawm ntawm qhov tsis ua haujlwm yog tswj hwm. Nws kuj tsis tas yuav muaj cov neeg siv tsheb khiav los ntsuas lub xeev qhov av.
  • Nws muaj peev xwm ua tau zoo-tune BFD timers los tswj cov lus teb ceev thiab rhiab heev ntawm lub algorithm rau degradation ntawm kev sib txuas lus channel los ntawm ob peb feeb mus rau feeb.

    Puas yuav Cisco SD-WAN txiav tawm ceg ntawm DMVPN zaum?

  • Thaum lub sijhawm sau ntawv, tsuas muaj ib qho kev sib tham BFD hauv txhua qhov. Qhov no muaj peev xwm tsim tsawg granularity nyob rau hauv tunnel state tsom xam. Hauv kev muaj tiag, qhov no tsuas yog tuaj yeem dhau los ua qhov txwv yog tias koj siv WAN kev sib txuas raws li MPLS L2 / L3 VPN nrog kev pom zoo QoS SLA - yog tias DSCP kos npe ntawm BFD tsheb (tom qab encapsulation hauv IPSec / GRE) cuam tshuam qhov tseem ceeb ntawm kab hauv tus neeg teb xov tooj lub network, tom qab ntawd qhov no yuav cuam tshuam rau qhov raug thiab ceev ntawm kev degradation kom paub meej rau kev khiav tsheb tsawg. Nyob rau tib lub sijhawm, nws tuaj yeem hloov pauv lub npe BFD daim ntawv lo kom txo tau qhov kev pheej hmoo ntawm cov xwm txheej zoo li no. Nyob rau yav tom ntej versions ntawm Cisco SD-WAN software, ntau zoo-tuned BFD teeb tsa yuav tsum, nrog rau lub peev xwm los tso ntau BFD zaug nyob rau hauv tib lub qhov nrog DSCP tus nqi (rau ntau daim ntawv thov).
  • BFD tseem tso cai rau koj los kwv yees qhov siab tshaj plaws pob ntawv loj uas tuaj yeem kis tau los ntawm ib qho chaw tshwj xeeb yam tsis muaj kev tawg. Qhov no tso cai rau SD-WAN dynamically kho tsis xws li MTU thiab TCP MSS Kho kom zoo tshaj plaws ntawm cov muaj bandwidth ntawm txhua qhov txuas.
  • Hauv SD-WAN, qhov kev xaiv ntawm QoS synchronization los ntawm cov tswv lag luam hauv xov tooj kuj tseem muaj, tsis yog raws li L3 DSCP thaj chaw, tab sis kuj yog raws li L2 CoS qhov tseem ceeb, uas tuaj yeem ua tiav hauv ceg network los ntawm cov cuab yeej tshwj xeeb - piv txwv li, IP xov tooj

Lub peev xwm, cov txheej txheem ntawm kev txhais thiab siv AppQ txoj cai txawv li cas?

DMVPN/PfR Txoj Cai:

  • Txhais nyob rau hauv nruab nrab ceg router(s) ntawm CLI hais kom ua kab los yog CLI configuration templates. Tsim CLI templates yuav tsum tau npaj thiab paub txog txoj cai syntax.

    Puas yuav Cisco SD-WAN txiav tawm ceg ntawm DMVPN zaum?

  • Txhais tau thoob ntiaj teb tsis muaj qhov ua tau ntawm tus kheej teeb tsa / hloov pauv mus rau qhov yuav tsum tau muaj ntawm ib tus neeg lub network ntu.
  • Kev sib cuam tshuam txoj cai tsim tsis muaj nyob rau hauv graphical interface.
  • Taug qab cov kev hloov pauv, qub txeeg qub teg, thiab tsim ntau cov qauv ntawm cov cai rau kev hloov pauv ceev tsis tau muab.
  • Distributed txiav mus rau routers ntawm tej thaj chaw deb ceg. Hauv qhov no, tib txoj kev sib txuas lus yog siv los xa cov neeg siv cov ntaub ntawv. Yog tias tsis muaj kev sib txuas lus ntawm cov chaw nruab nrab thiab cov chaw taws teeb, kev faib tawm / hloov cov cai yog tsis yooj yim sua.
  • Lawv siv rau ntawm txhua lub router thiab, yog tias tsim nyog, hloov kho cov txiaj ntsig ntawm cov txheej txheem routing raws tu qauv, muaj qhov tseem ceeb dua.
  • Rau cov xwm txheej uas txhua ceg WAN txuas tau ntsib kev poob tsheb loj, tsis muaj kev them nyiaj mechanisms.

SD-WAN Txoj Cai:

  • Txhais nyob rau hauv vManage GUI los ntawm kev sib tham sib template wizard.
  • Txhawb kev tsim ntau txoj cai, luam tawm, sib txuas, hloov ntawm cov cai hauv lub sijhawm.
  • Txhawb tus kheej txoj cai teeb tsa rau cov ntu sib txawv (txoj haujlwm)
  • Lawv raug faib siv ib qho teeb liab channel ntawm tus maub los thiab router thiab / lossis vSmart - tsis ncaj qha nyob ntawm cov ntaub ntawv-dav hlau txuas ntawm routers. Qhov no, tau kawg, yuav tsum muaj kev sib txuas IP ntawm router nws tus kheej thiab cov tswj hwm.

    Puas yuav Cisco SD-WAN txiav tawm ceg ntawm DMVPN zaum?

  • Rau cov xwm txheej thaum tag nrho cov ceg ntoo uas muaj nyob hauv ib ceg tau ntsib cov ntaub ntawv tseem ceeb poob dhau qhov kev lees paub rau cov ntawv thov tseem ceeb, nws muaj peev xwm siv cov txheej txheem ntxiv uas ua rau kom muaj kev ntseeg tau ntawm kev sib kis:
    • FEC (Forward yuam kev kho) - siv qhov tshwj xeeb redundant coding algorithm. Thaum xa cov tsheb tseem ceeb hla cov channel nrog feem pua ​​​​ntawm kev poob, FEC tuaj yeem ua haujlwm tau txais thiab tso cai, yog tias tsim nyog, los kho qhov poob ntawm cov ntaub ntawv. Qhov no me ntsis nce kev siv kis tau tus mob bandwidth, tab sis ho txhim kho kev ntseeg tau.

      Puas yuav Cisco SD-WAN txiav tawm ceg ntawm DMVPN zaum?

    • Duplication ntawm cov ntaub ntawv ntws - Ntxiv rau FEC, txoj cai tuaj yeem muab rau kev tsis siv neeg sib tw ntawm kev khiav tsheb ntawm cov ntawv thov xaiv thaum muaj kev poob qis dua uas tsis tuaj yeem them los ntawm FEC. Nyob rau hauv rooj plaub no, cov ntaub ntawv xaiv yuav raug xa mus los ntawm tag nrho cov tunnels mus rau lub txais ceg nrog tom qab de-duplication (tso tseg ntxiv cov ntawv luam ntawm pob ntawv). Lub tshuab ua kom muaj txiaj ntsig zoo rau kev siv channel, tab sis kuj tseem ua kom muaj kev ntseeg tau ntawm kev sib kis.

Cisco SD-WAN muaj peev xwm, tsis muaj cov analogues ncaj qha hauv DMVPN / PfR

Lub architecture ntawm Cisco SD-WAN kev daws teeb meem hauv qee kis tso cai rau koj kom tau txais cov peev txheej uas nyuaj heev rau kev siv hauv DMVPN / PfR, los yog ua tsis tau raws li qhov xav tau ntawm cov nqi zog, lossis ua tsis tau tiav. Cia peb saib qhov nthuav tshaj plaws ntawm lawv:

Traffic-Engineering (TE)

TE suav nrog cov txheej txheem uas tso cai rau tsheb khiav tawm ntawm txoj hauv kev uas tsim los ntawm cov txheej txheem routing. TE feem ntau yog siv los xyuas kom meej muaj cov kev pabcuam hauv lub network, los ntawm kev muaj peev xwm sai thiab / lossis ua haujlwm hloov tsheb tseem ceeb mus rau lwm txoj hauv kev (disjoint) kis tau tus mob, txhawm rau ua kom muaj kev pabcuam zoo dua lossis nrawm dua thaum muaj kev tsis ua haujlwm. ntawm txoj kev loj.

Qhov nyuaj ntawm kev siv TE yog nyob rau hauv qhov xav tau los suav thiab khaws cia (kuaj xyuas) lwm txoj hauv kev ua ntej. Hauv MPLS tes hauj lwm ntawm cov neeg siv xov tooj, qhov teeb meem no tau daws los ntawm kev siv thev naus laus zis xws li MPLS Traffic-Engineering nrog kev txuas ntxiv ntawm IGP raws tu qauv thiab RSVP raws tu qauv. Tsis tas li ntawd tsis ntev los no, Segment Routing thev naus laus zis, uas yog qhov zoo dua rau kev teeb tsa hauv nruab nrab thiab kev ua haujlwm, tau dhau los ua neeg nyiam. Nyob rau hauv classic WAN tes hauj lwm, cov thev naus laus zis no feem ntau tsis sawv cev lossis raug txo qis rau kev siv hop-los-hop mechanisms xws li Txoj Cai-Based Routing (PBR), uas muaj peev xwm ntawm kev khiav tsheb khiav, tab sis siv qhov no ntawm txhua lub router sib cais - tsis noj. mus rau hauv tus account tag nrho lub xeev ntawm lub network los yog PBR tshwm sim nyob rau hauv lub yav dhau los los yog cov kauj ruam tom ntej. Qhov tshwm sim ntawm kev siv cov kev xaiv TE no yog kev poob siab - MPLS TE, vim qhov nyuaj ntawm kev teeb tsa thiab kev ua haujlwm, yog siv, raws li txoj cai, tsuas yog nyob rau hauv qhov tseem ceeb tshaj plaws ntawm lub network (core), thiab PBR yog siv rau ntawm tus kheej routers tsis muaj. muaj peev xwm los tsim ib txoj cai PBR koom ua ke rau tag nrho lub network. Pom tseeb, qhov no kuj siv tau rau DMVPN-based networks.

Puas yuav Cisco SD-WAN txiav tawm ceg ntawm DMVPN zaum?

SD-WAN nyob rau hauv no hais txog muaj ib tug ntau elegant kev daws teeb meem uas tsis tsuas yog yooj yim rau configure, tab sis kuj scales zoo dua. Qhov no yog qhov tshwm sim ntawm kev tswj-dav dav hlau thiab txoj cai-plane architectures siv. Kev ua raws txoj cai-dav dav hlau hauv SD-WAN tso cai rau koj los txiav txim siab TE txoj cai - dab tsi kev tsheb khiav yog txaus siab? rau qhov twg VPNs? Los ntawm cov nodes/tunnels twg yog qhov tsim nyog lossis, hloov pauv, txwv tsis pub tsim txoj hauv kev? Nyob rau hauv lem, lub centralization ntawm kev tswj-dav dav hlau tswj raws li vSmart controllers tso cai rau koj mus hloov kho routing tau yam tsis muaj resorting rau qhov chaw ntawm ib tug neeg li - routers twb pom tsuas yog cov tshwm sim ntawm lub logic uas tau tsim nyob rau hauv vManage interface thiab pauv mus rau kev siv. vSmart.

Kev pabcuam-chaining

Tsim cov kev pabcuam chains yog ib qho haujlwm hnyav dua hauv kev ua haujlwm qub tshaj li qhov twb tau piav txog Traffic-Engineering mechanism. Tseeb, nyob rau hauv cov ntaub ntawv no, nws yog tsim nyog tsis tsuas yog los tsim ib tug tshwj xeeb txoj kev rau ib tug tshwj xeeb network daim ntawv thov, tab sis kuj yuav xyuas kom meej lub peev xwm tshem tawm cov tsheb khiav los ntawm lub network ntawm tej (los yog tag nrho) nodes ntawm SD-WAN network rau kev ua los ntawm ib daim ntawv thov tshwj xeeb lossis kev pabcuam (Firewall, Ntsuas, Caching, Tshuaj xyuas tsheb, thiab lwm yam). Nyob rau tib lub sijhawm, nws yuav tsum muaj peev xwm tswj hwm lub xeev ntawm cov kev pabcuam sab nraud no txhawm rau tiv thaiv cov xwm txheej dub, thiab cov txheej txheem tseem xav tau uas tso cai rau cov kev pabcuam sab nraud ntawm tib hom yuav tsum tau muab tso rau hauv qhov chaw sib txawv. nrog lub peev xwm ntawm lub network kom tau xaiv qhov kev pabcuam zoo tshaj plaws rau kev ua haujlwm ntawm ib ceg. Nyob rau hauv rooj plaub ntawm Cisco SD-WAN, qhov no yog qhov yooj yim heev rau kev ua tiav los ntawm kev tsim ib txoj cai hauv nruab nrab uas tsim nyog uas "glues" txhua yam ntawm cov phiaj xwm kev pabcuam rau hauv ib qho tag nrho thiab hloov pauv cov ntaub ntawv-dav hlau thiab tswj-dav hlau logic tsuas yog qhov twg. thiab thaum tsim nyog.

Puas yuav Cisco SD-WAN txiav tawm ceg ntawm DMVPN zaum?

Lub peev xwm los tsim geo-tshaj kev ua haujlwm ntawm kev khiav tsheb ntawm cov kev xaiv ntawm cov ntawv thov nyob rau hauv ib ntu ntawm kev tshwj xeeb (tab sis tsis cuam tshuam nrog SD-WAN network nws tus kheej) cov cuab yeej yog kab tias qhov tseeb tshaj plaws ua qauv qhia ntawm qhov zoo ntawm Cisco SD-WAN tshaj classic. technologies thiab txawm tias qee qhov lwm txoj kev daws teeb meem SD -WAN los ntawm lwm cov tuam txhab.

Qhov tshwm sim yog dab tsi?

Obviously, ob qho tib si DMVPN (nrog lossis tsis muaj Kev Routing) thiab Cisco SD-WAN kawg daws cov teeb meem zoo sib xws nyob rau hauv kev sib raug zoo rau kev faib WAN network ntawm lub koom haum. Nyob rau tib lub sijhawm, qhov tseem ceeb ntawm kev tsim vaj tsev thiab kev ua haujlwm sib txawv hauv Cisco SD-WAN thev naus laus zis ua rau cov txheej txheem los daws cov teeb meem no. mus rau lwm qib zoo. Txhawm rau xaus, peb tuaj yeem nco qab qhov sib txawv tseem ceeb ntawm SD-WAN thiab DMVPN / PfR thev naus laus zis:

  • DMVPN / PfR feem ntau siv lub sijhawm sim thev naus laus zis los tsim kev sib tshooj VPN sib txuas thiab, hais txog cov ntaub ntawv-dav hlau, zoo ib yam li niaj hnub SD-WAN thev naus laus zis, txawm li cas los xij, muaj ntau qhov kev txwv nyob rau hauv daim ntawv ntawm qhov yuav tsum tau ua kom zoo li qub. ntawm routers thiab kev xaiv ntawm topologies yog txwv rau Hub-n-Spoke. Ntawm qhov tod tes, DMVPN / PfR muaj qee qhov kev ua haujlwm uas tseem tsis tau muaj nyob hauv SD-WAN (peb tab tom tham txog ib daim ntawv thov BFD).
  • Tsis pub dhau lub dav hlau tswj, technologies txawv hauv paus. Muab rau hauv tus account lub hauv paus kev ua haujlwm ntawm cov txheej txheem kev taw qhia, SD-WAN tso cai, tshwj xeeb, ua rau qhov tsis ua haujlwm nqaim thiab "decouple" cov txheej txheem ntawm kev xa cov neeg siv tsheb los ntawm kev sib cuam tshuam - kev tsis muaj nyob ib ntus ntawm cov tswj tsis cuam tshuam rau lub peev xwm xa cov neeg siv tsheb. . Nyob rau tib lub sijhawm, qhov tsis muaj nyob ib ntus ntawm txhua ceg (nrog rau lub hauv paus) tsis ua rau muaj kev cuam tshuam rau lub peev xwm ntawm lwm cov ceg kom cuam tshuam nrog ib leeg thiab cov tswj hwm.
  • Cov qauv tsim thiab kev siv cov cai tswj kev tsheb khiav hauv rooj plaub ntawm SD-WAN kuj tseem zoo dua li hauv DMVPN / PfR - geo-reservation yog qhov zoo dua qub, tsis muaj kev sib txuas rau Hub, muaj ntau lub sijhawm rau kev nplua. -tuning txoj cai, daim ntawv teev cov kev tswj xyuas tsheb khiav ceev kuj tseem loj dua.
  • Txoj kev daws orchestration txheej txheem kuj tseem txawv. DMVPN xav tias muaj qhov tsis paub yav dhau los uas yuav tsum tau muaj kev cuam tshuam rau hauv kev teeb tsa, uas qee qhov txwv qhov hloov pauv ntawm kev daws teeb meem thiab muaj peev xwm hloov pauv hloov pauv. Nyob rau hauv lem, SD-WAN yog raws li lub paradigm uas thaum pib ntawm kev twb kev txuas, lub router "tsis paub dab tsi" txog nws controllers, tab sis paub "leej twg koj yuav nug tau" - qhov no yog txaus tsis tsuas yog yuav tsim kev sib txuas lus nrog. cov controllers, tab sis kuj yuav cia li tsim ib tug tag nrho kev cob cog rua cov ntaub ntawv-dav hlau topology, uas yuav ces yuav flexibly configured/hloov siv txoj cai.
  • Hais txog kev tswj hwm hauv nruab nrab, kev siv hluav taws xob thiab kev saib xyuas, SD-WAN xav tias yuav dhau lub peev xwm ntawm DMVPN / PfR, uas tau hloov zuj zus los ntawm cov thev naus laus zis qub thiab vam khom ntau ntawm CLI cov kab hais kom ua thiab kev siv cov qauv-raws li NMS systems.
  • Hauv SD-WAN, piv rau DMVPN, kev ruaj ntseg yuav tsum tau mus txog qib sib txawv. Lub hauv paus ntsiab lus tseem ceeb yog xoom kev ntseeg siab, scalability thiab ob-factor authentication.

Cov lus xaus yooj yim no yuav ua rau muaj kev xav tsis ncaj ncees uas tsim lub network raws li DMVPN / PfR tau ploj tag nrho qhov cuam tshuam niaj hnub no. Qhov no yog qhov tseeb tsis muaj tseeb kiag li. Piv txwv li, nyob rau hauv rooj plaub uas lub network siv ntau cov khoom siv tsis tu ncua thiab tsis muaj txoj hauv kev los hloov nws, DMVPN tuaj yeem tso cai rau koj los muab cov khoom siv "laus" thiab "tshiab" rau hauv ib qho chaw sib faib hauv ib qho chaw nrog ntau qhov zoo tau piav qhia. saum toj no.

Ntawm qhov tod tes, nws yuav tsum nco ntsoov tias txhua qhov tam sim no Cisco cov tuam txhab routers raws li IOS XE (ISR 1000, ISR 4000, ASR 1000, CSR 1000v) niaj hnub no txhawb txhua hom kev ua haujlwm - ob qho tib si classic routing thiab DVPN thiab SD-WAN - kev xaiv yog txiav txim siab los ntawm cov kev xav tau tam sim no thiab kev nkag siab tias txhua lub sijhawm, siv cov cuab yeej siv tib yam, koj tuaj yeem pib txav mus rau kev siv thev naus laus zis ntau dua.

Tau qhov twg los: www.hab.com

Ntxiv ib saib