From the course: Implementing Cisco Software-Defined Wan (SD-WAN) for your Enterprise and Cloud

Overlay Management Protocol (OMP) - Cisco Tutorial

From the course: Implementing Cisco Software-Defined Wan (SD-WAN) for your Enterprise and Cloud

Start my 1-month free trial Buy for my team

Overlay Management Protocol (OMP)

- [Narrator] In this lesson I want to talk about the routing protocol that we use to advertise network prefixes across the LAN. Now one of the great things about the solution is that we created our own routing protocol that provides flexibility in the advertisement of network prefixes and the ability to modify traffic flows easily. The routing protocol I'm talking about is overlay management protocol or OMP for short. Now OMP is based upon TCP and will run between the vEdge routers and the vSmart controllers. In fact, as I draw on this screen, we are running a connection between the Edge device two and vSmart two and three. While we can actually have a totally different connection between Edge device one and vSmart one and vSmart two. The routes will still propagate from Edge one to Edge two because what we'll end up doing is we'll end up forming a full mesh between all of our vSmart controllers. This allows for us to have a large solution scale as what's indicated on the slide. In fact, we have some customers that have well over 10,000 nodes deployed, and you couldn't get that far if you didn't have the capability to have large solutions scale, and we also are able to lower the control plane complexity in this architecture. Now, just as a friendly reminder, because we're connecting to our vSmarts, this is something that will be established across VPN0. So now that I've kind of described what this architecture looks like, I have to ask, "Do you notice any similarities to this in another floating protocol or technology? If you had said BGP, then you would be correct because in essence, the vSmarts are like route reflectors, and that means that the Edge devices are going to be more like route reflector clients. And so I've always kind of thought of route reflectors as being pretty dumb because most of the policies and processing is going to happen on your route reflector clients, that is not the case with the solution. There's a reason why they're called vSmarts, and that is because all the intelligence is going to reside in them. So there are smart route reflectors. Now, just like BGP has multiple address families, we have multiple address families too. So let's dive a little bit further into what those might be. And so let's talk about the first type of route, the TLOC routes. Now the TLOC routes is the method of advertising those TLOC entries. Remember the TLOC entry was a way of identifying what the encapsulating IP address was, what the actual color was, and what the system IP was. So each router will have a TLOC entry for every color. So in this case, we have two TLOC entries. And so those entries will become TLOC routes. Now, the TLOC routes will also include other information such as what is the site that that TLOC route is coming from? Let's also talk about what are we using for the form of authentication. Another useful piece of information is what is the public IP or the private IP? And that is information that we have collected from the vBond, but we're now responsible for advertising that towards the vSmarts. We'll also include things like, what is the BFD status, and then we'll also have other things like a tag. Now a tag is a tag is a tag, but it's basically used for classifying traffic. And then we have other things like preference, and preference is going to be using for route manipulation. And just because I said that this was based off of BGP, weight does not tie into BGB weight, weight will actually be used later on when we talk about things like load balancing. And so that kind of gives you a brief summary of what the information is we'll have in the TLOC routes. So the next route that we'll talk about is OMP routes. Now, OMP routes quite simply are going to be the network prefixes on the service side that we need to advertise to other Edge devices. So, a OMP route will consist of things like a TLOC, a site ID, a label, and a VPN ID. The VPN ID is important because that is what is going to help us keep that segmentation. Now, in addition to that, other characteristics of things that we'll keep is a tag. Now a tag is a tag is a tag, and the preference is going to be used for route manipulation, but then we'll contain other things like where did this route come from? The originator system IP, the origin protocol, and the origin metric. Now, one of the things I like to ask network engineers is why do you think we actually have a TLOC in there? Why is that relevant? Well, the way that I kind of best explain this is if I tell you to go onto a device and type in, show IP route, what is the output that you'll get in there? You'll get a network route such as 172.16.0.0, and you'll see a subnet mask of 255.255.255.0. And then there's that third component. That third component is typically the next hop, not the outbound interface that you get with serial interfaces, but it's the next hop IP address. And in essence, that is what the TLOC is, is the next hop. How do we know where to send that packet? Okay, so that is what the OMP route looks like. Now the next thing is network service routes. And network service routes is a way for us to advertise a service such as firewall or IPS/IDS or load balancer. We're going to advertise that to a vSmart controller. And this is then going to allow us to place a policy. So for example, we can later insert a couple of devices like R1 and R2. And we can say, "Great, all traffic, we want to flow between them, not an issue." But we can come back and say, "We're going to put a policy that says that if you're going to go to a specific network segment or specific host within R2, we want to flow through a firewall located at a centralized site or off branch or maybe in a colo location. So we can actually take advantage of this network service route, which was the firewall service that's been advertised to OMP and forward traffic through that. And again, we can do that on a destination basis or we can even go as far as doing it into based off of a specific application. This is a key differentiator. And in essence, this is one of the key functions that will actually allow us to do things like service chaining, which is very good and powerful for influencing your policy, right? So we'll do service chaining using network service routes. And so these three classes of routes are what we're going to use predominantly within the OMP. Thank you.

Contents