Hi, Linda The reason I brought up the Gap was because they described their network in a Packet Pusher’s episode ([1]).
And the solution for them was some vendor’s SD-WAN solution. As far as I can tell, each vendor’s SD-WAN solution is proprietary and non-interoperable with other vendors’ SD-WAN solution. That vendor (Viptela, since then merged with Cisco) uses BGP on a large scale to pass configuration information between CPE devices and data center devices, and an SD-WAN controller to manage it all. Other vendors use other technology to learn protected domains, and as I mentioned, there was an attempt to standardize something in IPsecME a few years ago, but that failed. The draft we were discussing has no way to transfer domain information from the CPEs to the controller or to other CPEs, so I assume that it does not fit this use case. At least not in its current form. Yoav [1] http://packetpushers.net/podcast/podcasts/show-274-packet-pushers-live-viptela-three-real-world-sd-wan-deployments-sponsored/ <http://packetpushers.net/podcast/podcasts/show-274-packet-pushers-live-viptela-three-real-world-sd-wan-deployments-sponsored/> > On 7 Sep 2017, at 22:33, Linda Dunbar <[email protected]> wrote: > > Yoav, > > At yesterday’s I2NSF Interim meeting, you described an example of Gap having > thousands of locations and most of them are in a mall where public network is > available. You said that typically the VPN gateway placed in the store has no > knowledge of the global network topology, nor does it know where the > controller is located. > > Today, many vendors’ remote CPEs support ONUG’s SD-WAN “Zero-touch > deployment” requirement, where the remote CPEs devices can be connected to > its controller via barcode scan/email/etc. > > Does it solve the problem? > > Thanks, > Linda
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ I2nsf mailing list [email protected] https://www.ietf.org/mailman/listinfo/i2nsf
