Link Search Menu Expand 做cument

SD-Branch Network Overview

Aruba SD-Branch provides flexible deployment options for the WAN and LAN. This guide will detail the default hub-and-spoke WAN topology and an L2 LAN topology, though other topologies will be mentioned. This deployment will consist of three remote sites and a single headend Data Center.

Each remote site will have redundant branch gateways providing both circuit termination and LAN default gateway. Switches at branch sites will provide L2 connectivity for the APs and other client devices. It is best practice to standardize on the same branch design for all sites to realize the full benefits of Central configuration. Multiple branch designs can be accommodated and will be addressed in the Preparing to Deploy section.

A pair of VPNCs (VPN concentrators) will be the configured to facilitate connectivity between the campus network and branch sites via IPSEC tunnels and route sharing. VPNCs will summarize the campus subnets to a single route of 10.0.X.X/13 and prevent point-to-point links from being advertised to the branches. Below is the VLAN layout and IP information that will be configured on each of the VPNC pairs.

VPNC VLANS Gateway Pool INET MPLS MicroBranch OSPF_Link_1 OSPF_Link_2
VLAN ID 4085 4094 4086 101 4001 4002
7210-VPNC-DC1-1 Gateway Pool INET MPLS MicroBranch OSPF_Link_1 OSPF_Link_2
IP Address DHCP X.X.X.X 172.17.1.26 10.8.0.2 172.18.106.22 172.18.106.30
7210-VPNC-DC1-2 Gateway Pool INET MPLS MicroBranch OSPF_Link_1 OSPF_Link_2
IP Address DHCP X.X.X.X 172.17.1.22 10.8.0.3 172.18.106.18 172.18.106.26

Each remote site will consist of two branch gateways, two switches, and three access points. Each branch site will be assigned a /21 subnet from the superset address space of 10.14.X.X/16. Within the 10.14.X.X/16 address space, two subnets will be reserved. 10.14.255.X/24 will be reserved for the branch gateway pool, and 10.14.254.X/24 for Microbranch system IP’s. The VPNCs will advertise a summary network of 10.14.X.X/16. Branch switches at each site will have nine VLANs. Their default gateways is a virtual IP shared between the branch gateways at each site. The other three VLANs (Gateway pool, INET, MPLS) will only exist on the Branch gateways. Switches and access points will receive an IP address on the MGMT VLAN.

BGW VLANS Gateway Pool INET MPLS MGMT EMPLOYEE IPTV CAMERA Guest REJECT_QUARANTINE
VLAN ID 4085 4094 4086 100 101 102 103 104 105
Switching VLANs MGMT EMPLOYEE IPTV CAMERA Guest REJECT_QUARANTINE
VLAN ID 100 101 102 103 104 105
RS-01 Gateway Pool INET MPLS MGMT EMPLOYEE IPTV CAMERA Guest REJECT_QUARANTINE
Subnet 10.14.255.X/24 DHCP 172.17.1.X/30 10.14.0.0/24 10.14.1.0/24 10.14.2.0/24 10.14.3.0/24 10.14.4.0/24 10.14.5.0/24
RS-02 Gateway Pool INET MPLS MGMT EMPLOYEE IPTV CAMERA Guest REJECT_QUARANTINE
Subnet 10.14.255.X/24 DHCP 172.17.1.X/30 10.14.8.0/24 10.14.9.0/24 10.14.10.0/24 10.14.11.0/24 10.14.12.0/24 10.14.13.0/24
RS-03 Gateway Pool INET MPLS MGMT EMPLOYEE IPTV CAMERA Guest REJECT_QUARANTINE
Subnet 10.14.255.X/24 DHCP 172.17.1.X/30 10.14.16.0/24 10.14.17.0/24 10.14.18.0/24 10.14.3.0/24 10.14.19.0/24 10.14.20.0/24

Network_Overview

Back to top

© Copyright 2021 Hewlett Packard Enterprise Development LP. The information contained herein is subject to change without notice. The only warranties for Hewlett Packard Enterprise products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. Aruba Networks and the Aruba logo are registered trademarks of Aruba Networks, Inc. Third-party trademarks mentioned are the property of their respective owners. To view the end-user software agreement, go toAruba EULA.

Baidu