SDWAN Solutions and Education??
-
Curious if anyone has their own SDWAN that they have implemented and hoping to ascertain if I have a correct understanding of what SDWAN actually is...
We have a large multi site private network that that is for the most part connected via microwave..
We are adding cell modems at various locations for SDWAN. This includes some small routers.
My SWAG is that the SDWAN routers create a VPN between our local network to the vendors "hub site" and then from there more connectivity to our primary headquarters.. If our primary network connectivity to a site goes down then we redirect over the cell modem through the VPN.. (I believe I am fairly close here..) If this is the case I am not to sure why we don't simply have our own "hub site(s)" but I digress..
-
Have you looked into strict source routing protocol? Cisco use to have ways to only allow approved routers within the traffic. Pretty cool right? Is sdwan a white box setup?
-
@chpalmer It’s not encrypted like a VPN…more like your subnet is routed to you over either or both ISPs.
https://en.m.wikipedia.org/wiki/SD-WAN
-
communicating over the Internet using overlay tunnels which are encrypted when destined for internal organization locations.
So basically something like a VPN..?? But I get it. Thanks Steve!
Truthfully that is basically what I had in my mind.
-
@chpalmer I looked into it awhile back 2.4/2.5 days...there was a Linux Foundation class on https://edx.org around the same time that I took where they focus on Openstack...kind of fun.There wasn't a specific router...everything was virtual software driven/software defined networking...I had audited (free) the class. Then, I wanted to add it to Proxmox...then things got put on hold...Proxmox machine in storage. It seems that this class is available: https://www.edx.org/learn/cloud-computing/the-linux-foundation-introduction-to-openstack?index=product&queryID=4cdeb5f3688bbe17b70cca8b73162315&position=1&linked_from=autocomplete&c=autocomplete
They even included pfSense in the course...
-
It can be encrypted. SDWAN has always seemed pretty flexibly defined IMO.
For example Tailscale/Headscale or Tinc would be considered SDWAN by some.