Kaspersky SD-WAN
- About Kaspersky SD-WAN
- Architecture of the solution
- Redundancy and fault tolerance
- Ensuring security
- User interface of the solution
- Authentication in Kaspersky SD-WAN
- Setting and resetting the default page
- Switching between light and dark theme
- Limiting the duration of a user session when idle
- Viewing active user sessions
- Configuring the Docker container log verbosity
- Navigating to the orchestrator API
- Changing the language of the orchestrator web interface
- Licensing of Kaspersky SD-WAN
- Managing Kaspersky SD-WAN domains
- Managing data centers
- Managing VIMs
- Managing subnets
- Viewing logs
- Service Requests
- Managing network services
- User roles and actions with network services
- Uploading a VNF or PNF package to the orchestrator
- Network service template
- Creating a network service
- Configuring network service topology components
- Editing a network service topology
- Deploying a network service
- Checking the consistency of a network service
- Redeploying a network service and its components
- Auto-Healing
- Managing VNFs and VDUs in a network service
- Viewing the network service log
- Deleting a network service
- Managing confirmation requests
- Managing users
- Creating an LDAP connection
- Editing an LDAP connection
- Changing the password of an LDAP connection
- Deleting an LDAP connection
- Creating access permissions
- Editing access permissions
- Cloning access permissions
- Removing an access permission
- Creating a user
- Editing a user
- Changing user password
- Activating or blocking a user
- Deleting a user
- Creating a user group
- Editing a user group
- Deleting a user group
- Managing tenants
- Creating a tenant
- Assigning a VIM to a tenant
- Assigning topology components to a tenant
- Assigning compute resources to a tenant
- Assigning a user to a tenant
- Assigning a user group to a tenant
- Authenticating as an administrator in the tenant's orchestrator web interface
- Editing a tenant
- Deleting a tenant
- Managing SD-WAN instances
- Creating an SD-WAN instance template
- Setting the default SD-WAN instance template
- Deleting an SD-WAN instance template
- Adding a tenant to an SD-WAN instance template
- Removing a tenant from an SD-WAN instance template
- Configuring high availability
- Choosing a transport strategy
- Adding a tenant to an SD-WAN instance
- Removing a tenant from an SD-WAN instance
- Viewing devices assigned to an SD-WAN Instance
- Deleting an SD-WAN instance
- Creating a pool of SD-WAN instances
- Adding an SD-WAN instance to a pool
- Removing an SD-WAN instance from a pool
- Deleting a pool of SD-WAN instances
- Managing CPE devices
- Composition of CPE devices
- Composition of uCPE devices
- SD-WAN managementTunnel management transport service
- Automatic configuration of CPE (ZTP) devices
- CPE device statuses and states
- Ensuring connectivity of CPE devices with SD-WAN Controllers
- Automatically updating the link cost based on maximum speed of the interface
- CPE template
- Creating a CPE device
- Specifying the address of a CPE device
- Registering a CPE device
- Activating or deactivating a CPE device
- Using a web address to activate a CPE device
- Connecting to the CPE device console
- Deleting a CPE device
- Viewing the password of a CPE device
- Restarting a CPE device
- Shutting down a CPE device
- Exporting settings and SD-WAN interfaces from a CPE device
- Exporting network interfaces from a CPE device
- Searching for CPE devices
- Automatic removal and deactivation of a CPE device
- Two-factor authentication of a CPE device
- Orchestrator certificates
- Tags
- Out-of-band management of CPE devices
- Managing CPE devices in SD-WAN controller menu
- Viewing the OpenFlow table of a CPE device
- Viewing statistics of OpenFlow interfaces
- Viewing statistics of queues on LAN interfaces
- Navigating to service interfaces on a CPE device
- Viewing the specifications of a CPE device
- Viewing the usage of a CPE device
- Changing the status of a CPE device in the SD-WAN Controller
- Changing the MAC address of a CPE device
- Terminating the TCP session between a CPE device and the SD-WAN Controller
- Scripts
- Network interfaces
- Configuring the connection of a CPE device to the SD-WAN network
- SD-WAN interfaces
- OpenFlow interfaces
- Service interfaces and UNIs
- Creating a service interface
- Creating an ACL interface
- Viewing the usage of a service interface and an ACL interface
- Deleting a service interface and an ACL interface
- Creating a UNI template
- Creating a UNI in a template
- Editing a UNI in a template
- Deleting a UNI in a template
- Deleting a UNI template
- Creating a UNI
- Editing a UNI
- Deleting a UNI
- Filtering routes
- The BGP dynamic routing protocol
- The OSPF dynamic routing protocol
- The BFD protocol
- Creating or deleting a static IPv4 route
- The VRRP protocol
- Viewing the settings of the CPE device connection to the service provider network
- Configuring the connection of a CPE device to a Syslog server
- Configuring the connection of a CPE device to an NTP server
- Firmware
- Monitoring solution components
- Tunnels, segments, and paths
- Configuring topology
- Quality of Service (QoS)
- Transport services
- Point-to-Point (P2P) transport service
- Point-to-Multipoint (P2M) transport service
- Multipoint-to-Multipoint (M2M) transport service
- Adding a transport service in a CPE template
- Editing a transport service in a CPE template
- Deleting a transport service from a CPE template
- Scenario: Directing application traffic to a transport service
- Traffic mirroring
- Task scheduler
- Configuring the SD-WAN Controller
- Editing the SD-WAN Controller
- Restarting the SD-WAN Controller
- Downloading a backup SD-WAN Controller configuration file
- Restoring the SD-WAN Controller
- Deleting the SD-WAN Controller
- SD-WAN Controller properties
- Viewing information about SD-WAN Controller nodes
- Viewing the topology of a deployed SD-WAN instance
- Contacting Technical Support
- Appendices
- Glossary
- Control plane
- Customer Premise Equipment (CPE)
- Data plane
- DSCP values
- Graceful restart
- Orchestrator
- Physical Network Function (PNF)
- PNF package
- SD-WAN Controller
- SD-WAN Gateway
- Software-Defined Networking (SDN)
- Software-Defined Wide Area Network (SD-WAN)
- Tenant
- Universal CPE (uCPE)
- Virtual Infrastructure Manager (VIM)
- Virtual Network Function (VNF)
- Virtual Network Function Manager (VNFM)
- VNF Package
- Information about third-party code
- Trademark notices
Creating Full-Mesh and Partial-Mesh topologies
Full-Mesh and Partial-Mesh topologies are built using topology tags that you assign to CPE devices. You can only assign topology tags to standard devices. If two devices are assigned the same topology tag, a link is automatically created between them.
In a Full-Mesh topology, all devices are assigned the same topology tag.
In a Partial-Mesh topology, devices are divided into groups based on the tags assigned to them, and communication between the devices happens through transit devices, which are devices to which tags from all groups are assigned.
You can assign a topology tag to an individual CPE device or to all devices that use the CPE template. To assign topology tags, use the following instructions:
- Assigning a topology tag to an individual CPE device.
To assign a topology tag to an individual CPE device:
- In the menu, go to the Infrastructure section.
The SD-WAN infrastructure management page is displayed. By default, the Network resources tab is selected, which displays the table of SD-WAN Controllers.
- Click Management next to the SD-WAN Controller and in the drop-down list, select Configuration menu.
This opens the SD-WAN Controller configuration menu. By default, you are taken to the Controller nodes section, which displays a table of Controller nodes.
- Go to the Topology tags section.
The topology tag settings are displayed.
- In the Switch drop-down list, select the CPE device.
- Make sure that in the Role drop-down list, the CPE option is selected. The Gateway is not used to build Full-Mesh and Partial-Mesh topologies.
- If you want to build a Partial-Mesh topology, to use a device as a transit device, select the Transit CPE check box. Transit devices are necessary to connect groups of devices together and make it possible for other devices to establish links through these transit devices.
- In the Topology tags field, enter a topology tag and click the add button
. Devices with the same topology tags automatically establish direct links with each other.To build a Full-Mesh topology, assign the same topology tags to all devices.
To build a Partial-Mesh topology, assign topology tags to devices based on which group they belong to. Also assign all tags used in the topology to the transit device to make sure that all device groups are added to the topology.
The topology tag is assigned and displayed below the Topology tags field.
- In the upper part of the page, click Save.
You can also assign a topology tag in the CPE device configuration.
To assign a topology tag in the CPE device configuration:
- In the menu, go to the SD-WAN section.
By default, the CPE subsection is displayed with a table of CPE devices.
- Click the CPE device.
The settings area is displayed in the lower part of the page. You can expand the settings area to fill the entire page by clicking the expand button
. - Select the Topology tab.
The topology tag settings are displayed.
- Select the Override check box to ignore the applied CPE template and make the settings in the selected tab editable. This check box is cleared by default.
- In the Switch drop-down list, select the CPE device.
- Make sure that in the Role drop-down list, the CPE option is selected. The Gateway is not used to build Full-Mesh and Partial-Mesh topologies.
- If you want to build a Partial-Mesh topology, to use a device as a transit device, select the Transit CPE check box. Transit devices are necessary to connect groups of devices together and make it possible for other devices to establish links through these transit devices.
- In the Topology tags field, enter a topology tag and click the add button . Devices with the same topology tags automatically establish direct links with each other.
To build a Full-Mesh topology, assign the same topology tags to all devices.
To build a Partial-Mesh topology, assign topology tags to devices based on which group they belong to. Also assign all tags used in the topology to the transit device to make sure that all device groups are added to the topology.
The topology tag is assigned and displayed below the Topology tags field.
- In the upper part of the settings area, click Save to save the configuration of the CPE device.
- In the menu, go to the Infrastructure section.
- Assigning a topology tag to all devices that use the CPE template.
To assign a topology tag to all devices that use the CPE template:
- In the menu, go to the SD-WAN → CPE templates subsection.
A table of CPE templates is displayed.
- Click the CPE template.
The settings area is displayed in the lower part of the page. You can expand the settings area to fill the entire page by clicking the expand button
. - Select the Topology tab.
The topology tag settings are displayed.
- Make sure that in the Role drop-down list, the CPE option is selected. The Gateway is not used to build Full-Mesh and Partial-Mesh topologies.
- If you want to build a Partial-Mesh topology, to use a device as a transit device, select the Transit CPE check box. Transit devices are necessary to connect groups of devices together and make it possible for other devices to establish links through these transit devices.
- In the Topology tags field, enter a topology tag and click the add button . Devices with the same topology tags automatically establish direct links with each other.
To build a Full-Mesh topology, assign the same topology tags to all devices.
To build a Partial-Mesh topology, assign topology tags to devices based on which group they belong to. Also assign all tags used in the topology to the transit device to make sure that all device groups are added to the topology.
The topology tag is assigned and displayed below the Topology tags field.
- In the upper part of the settings area, click Save to save the configuration of the CPE template.
- In the menu, go to the SD-WAN → CPE templates subsection.
If necessary, you can remove a topology tag from an individual CPE device or from all devices that use the CPE template. To remove topology tags, use the following instructions:
- Removing a topology tag from an individual CPE device.
To remove a topology tag from an individual CPE device:
- In the menu, go to the Infrastructure section.
The SD-WAN infrastructure management page is displayed. By default, the Network resources tab is selected, which displays the table of SD-WAN Controllers.
- Click Management next to the SD-WAN Controller and in the drop-down list, select Configuration menu.
This opens the SD-WAN Controller configuration menu. By default, you are taken to the Controller nodes section, which displays a table of Controller nodes.
- Go to the Topology tags section.
The topology tag settings are displayed.
- In the Switch drop-down list, select the CPE device.
- Click the delete button
next to the topology tag.The topology tag is removed and is no longer displayed.
- In the upper part of the page, click Save.
You can also remove a topology tag in the CPE device configuration.
To remove a topology tag in the CPE device configuration:
- In the menu, go to the SD-WAN section.
By default, the CPE subsection is displayed with a table of CPE devices.
- Click the CPE device.
The settings area is displayed in the lower part of the page. You can expand the settings area to fill the entire page by clicking the expand button
. - Select the Topology tab.
The topology tag settings are displayed.
- Select the Override check box to ignore the applied CPE template and make the settings in the selected tab editable. This check box is cleared by default.
- Click the delete button next to the topology tag.
The topology tag is removed and is no longer displayed.
- In the upper part of the settings area, click Save to save the configuration of the CPE device.
- In the menu, go to the Infrastructure section.
- Removing a topology tag from all devices that use the CPE template.
To remove a topology tag from all devices that use the CPE template:
- In the menu, go to the SD-WAN → CPE templates subsection.
A table of CPE templates is displayed.
- Click the CPE template.
The settings area is displayed in the lower part of the page. You can expand the settings area to fill the entire page by clicking the expand button
. - Select the Topology tab.
The topology tag settings are displayed.
- Click the delete button next to the topology tag.
The topology tag is removed and is no longer displayed.
- In the upper part of the settings area, click Save to save the configuration of the CPE template.
- In the menu, go to the SD-WAN → CPE templates subsection.