(Cisco) SD-WAN Architecture Explained
Above is a Cisco 7604 router which has had the privilege to be the provider edge for many ISPs across the globe. Before the advent of Cisco ASRs, Cisco 7000 series routers have kept the internet running for past 15 to 20 years and essentially these routers possess the same architecture as that of access point in your home. It consists of 3 components:
- Control Plane Module
- I/O Module
- Switch Fabric
I/O Module and Control Plane Module are both pluggable modules in this case and are interconnected to each other. Switch Fabric is the physical connection that actually connects these two pluggable modules.
The control packets and data packets both travel on the network built by connecting the I/O modules of different IP devices with cables. A control packet could be any protocol packet, say OSPF Hello packets or BGP updates whereas the data packets contain the actual payload data sent across communicating devices. These control packets are then pushed on to control plane for the creation of RIB which is further optimized to create a precise view of the network to build a FIB. FIB is then programmed back in to I/O Module. I/O Module refers this FIB and decides what should be the next hop of the packet. During the course of this cycle, Switch Fabric is responsible for all the communication between Control Plane Module & I/O Module.
So, how did SD-WAN come into being from this architecture? Spoiler alert: It’s the same Cisco 7600 series router but distributed between Cloud and Branch sites.
SD-WAN splits the 3 components (I/O module, Control Plane module and Switch Fabric) to build a network. I/O modules are called Edges, Control Plane is called Controller and Switch Fabric is our beloved Internet. The biggest advantage of single device solution was a lossless Switch Fabric but internet has evolved and certainly is a much reliable entity in 21st century. The pros of Distributed SD-WAN architecture outweigh the cons by a huge scale.
Moving on to the (Cisco) architecture itself, we have our I/Os called vEdges. These can reside anywhere — Branch, DC, Colo or even Cloud. The Switch Fabric is agnostic to underlay we use. One can leverage the underlay of their choice; MPLS, Internet, 4G, it doesn’t really matter unless the control plane and I/Os can communicate with each other. vSmart and vManage make our control plane module. vSmarts are our controllers while vManage is a powerful NMS which allows you to manage your network.
The Edges reside anywhere on the internet, controllers usually reside within a private network. To make this work and actually let Edges and Controllers know where they reside we need one additional component called Orchestrator to establish the connectivity between the Controllers and I/Os during the implementation.
I leave you with an interesting fact of this distributed SD-WAN architecture: Once the connectivity is established between the SD-WAN components, the data plane is more or less independent of control plane.
