Support

Support for business applications

Kaspersky SD-WAN

Tunnels, segments, and paths

Kaspersky SD-WAN
Нет результатов
Online Help
FAQ Forum Contact support Recovery tools

Tunnels, segments, and paths

April 17, 2024

ID 250984

Save as PDF

Connections between CPE devices are established using tunnels. Tunnels are unidirectional, so when establishing a connection between two devices or between a device and the control plane, both an inbound tunnel and an outbound tunnel must be created. Tunnels established between CPE devices are combined into a topology.

The concept of a tunnel is closely related to the concept of a link because in the case of SD-WAN, links are formed inside tunnels. The tunnel interface directly connects to a port of the virtual switch on a CPE device on both sides, thereby forming a link. Thus, in Kaspersky SD-WAN, tunnels are a means of forming links.

The set of tunnels connecting two CPEs is a segment. Traffic can be distributed over multiple tunnels at the source CPE device at the beginning of the segment and relayed to the destination CPE device at the end of the segment.

The routes along which traffic can be transmitted within one segment are called paths. The following types of paths are supported:

  • Auto-SPF (Shortest-Path Forwarding) is a path that is automatically calculated by the SD-WAN Controller. Paths of this type cannot be created or deleted, and their settings cannot be edited.
  • Manual-TE (Traffic Engineering) is a manually created path. To create this type of path, you need to specify the tunnels which the path traverses from the CPE device at the beginning of the segment to the device at the end of the segment.
  • Auto-TE is a path automatically calculated by the SD-WAN Controller, taking into account the constraints that you specify when creating transport services. As constraints you may use the values of monitoring indicators on the tunnels, for example, the indicator of the utilization level of a tunnel.

One segment can contain from 2 to 16 paths, and when transmitting traffic, the best path with the lowest value of the cost parameter is selected by default. If the best path is not available for traffic transmission for technical reasons, another path with the closest value of the cost parameter is selected.

In this Help section

Redundancy of links between CPE devices

Configuring paths

Creating a Manual-TE path

Editing a Manual-TE path

Deleting a hop from a Manual-TE path

Deleting a Manual-TE path

Specifying the cost of a tunnel

Enabling Dampening

Enabling Forward Error Correction

Determining the effective MTU in a tunnel

Package fragmentation

Traffic encryption

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.