Cisco SD-WAN Overview

With the acquisition of Viptela by Cisco in 2017 I’ve spent quite a bit of time learning about their platform and the various components that comprise their SD-WAN solution. Below is a brief overview of the solution elements and their roles in creating an SD-WAN network.

vBond – Orchestrates control and management plane. vBond provides the first point of authentication (white-list model), facilitates NAT traversal, and distributes a list of vSmarts & vManage to all vEdge routers.

vSmart – vSmart coordinates fabric discovery, distributes control plane information between vEdges, disseminates date plane data plane and application-aware routing policies to the vEdge routers, implements control plane policies (including service chaining, multi-topology, and multi-hop), dramatically reduces control plane complexity.

vEdge – vEdge is a full-featured WAN router supporting VRRP, OSPF, and BGP. vEdge provides a secure data plane between other vEdge routers and establishes secure control plane connections with the vSmart controller. Implements data plane and application-aware routing policies and exports information and statistics. Support for zero-touch provisioning. vEdge is available in both physical and virtual form factors.

vManage – vManage is the management plane for Cisco SD-WAN and acts as the user interface for initial configuring and ongoing maintenance activities. vManage supports multitenancy, centralized provisioning, policies and templates, troubleshooting, monitoring, and software upgrades. vManage provides a rich set of REST and NETCONF APIs.


  • Overlay Management Protocol (OMP) – Control plane protocol distributing reachability, security, and policies throughout the fabric
  • Transport Locator (TLOC) – Transport attachment point and next hop route attribute
  • Color – Control plane tag used for IPSec tunnel establishment logic
  • Site ID – Unique per-site numeric identifier used in policy application
  • System IP – Unique per-device (vEdge and controllers) IPv4 notation identifier. Also used as Router ID for BGP and OSPF
  • Organization Name – Overlay identifier common to all elements of the fabric
  • VPN (VRF) – Device-level and network-level segmentation

This is a very basic introduction to the pieces and parts of the solution. I plan to follow this up with additional content on how these pieces work together to provide a flexible architecture allowing for nearly any network topology to be created.

Cisco DNA Center Supported Hardware

I get asked many times what hardware and software versions are required to integrate with Cisco DNA Center. In addition, there are a variety of capabilities of DNA Center including network provisioning, software management, network visibility, and segment so it can make it challenging to know which network components are supported with which DNA features. Oh and don’t forget there are software version requirments 😉 Here’s a link here that provides this information.

Cisco ISR 4K Product Numbering

Here’s a secret decoder ring for the part numbers of the 4000 series of the Cisco Integrated Services Routers.

First digit = the family, all are 4

Second digit = the sub-family with 4 (highest performance), 3 (middle performance), and 2 (lowest performance)

The third digit = total number of slots, the sum of NIM and SM

The fourth digit = 1, identifying the first in that series. Allows for incrementing for the subsequent platforms in the series.

Here’s a link to the ISR 4000 model platform comparison