[Part-2] Cisco SDWAN Planes
{ Orchestration - Control - Data - Management } Planes
![[Part-2] Cisco SDWAN Planes](https://cdn.hashnode.com/res/hashnode/image/upload/v1687619112436/0336a884-3d71-4650-ad5f-c6a292c9cb93.png?w=1600&h=840&fit=crop&crop=entropy&auto=compress,format&format=webp)
Introduction
To ensure the efficient operation and management of a Cisco SD-WAN infrastructure, it is important to understand the four fundamental planes: the orchestration plane, the control plane, the data plane, and the management plane. Each plane has a distinct role in facilitating network functionality, security, and administration. Let's delve into these planes and explore their significance in the context of Cisco SD-WAN.
Orchestrator Plane (vBond)
The vBond Orchestrator acts as a central entity that facilitates the establishment of secure connections between the edge routers and Cisco vSmart Controllers. It serves as a trusted intermediary and plays a crucial role in the authentication and authorization of these network elements.
When an edge router or vSmart Controller joins the SD-WAN network, it establishes a secure connection with the vBond Orchestrator. This connection is used for authentication purposes and to exchange control plane information. The vBond Orchestrator verifies the identity of the joining device and ensures that only authorized devices are allowed to participate in the SD-WAN network.
NAT-Traversal Orchestrator: In scenarios where an edge router or vSmart Controller is located behind a NAT device, the vBond Orchestrator also serves as a NAT-traversal orchestrator. NAT devices are commonly used to conserve public IP addresses and enable multiple devices within a private network to share a single public IP address.
Control Plane (vSmart)
The control plane in Cisco SD-WAN is responsible for establishing and maintaining logical connectivity and intelligence across the network. It encompasses the control plane protocols and functions that enable the exchange of routing information and the orchestration of data traffic flow. The primary components involved in the control plane are the Cisco vSmart Controllers and the control plane protocols they utilize, such as Overlay Management Protocol (OMP) and Border Gateway Protocol (BGP).
The Cisco vSmart Controllers act as the centralized control plane orchestrators. They distribute control plane information to the edge routers (Cisco IOS XE SD-WAN or Cisco vEdge devices) using OMP, ensuring that each router has the necessary information to make intelligent routing decisions. The control plane establishes the logical connections and instructs the data plane on how to forward traffic across the network.
Data Plane (vEdges/cEdges)
The data plane, also known as the forwarding plane, is responsible for the actual transmission of data traffic across the network. It handles the encapsulation, forwarding, and decapsulation of packets as they traverse from one site to another. In Cisco SD-WAN, the data plane functions are performed by the edge routers (Cisco IOS XE SD-WAN or Cisco vEdge devices).
The data plane receives instructions from the control plane, which dictate how traffic should be forwarded. It encapsulates the data packets with the appropriate overlay headers and sends them to the next hop based on the routing decisions made by the edge routers. At the receiving end, the data plane decapsulates the packets, extracts the original payload, and forwards it to the destination.
Management Plane (vManage)
The management plane in Cisco SD-WAN is responsible for the overall administration, configuration, and monitoring of the network. It encompasses the tools and protocols that enable network administrators to manage and control the SD-WAN infrastructure. The primary component of the management plane is the Cisco vManage.
Read more: Cisco SDWAN vManage Controllers & Cluster
Cisco vManage serves as the centralized network management system, providing a graphical user interface (GUI) through which administrators can configure and monitor the entire SD-WAN infrastructure. It facilitates tasks such as device onboarding, policy creation, performance monitoring, and troubleshooting. The management plane ensures that the network is efficiently managed and operated to meet the organization's requirements.
Conclusion
In Cisco SD-WAN, the control plane, data plane, and management plane work together to create a robust and efficient network infrastructure.
The control plane establishes logical connectivity and instructs the data plane on how to forward traffic.
The data plane handles the encapsulation, forwarding, and decapsulation of packets, ensuring seamless transmission.
The management plane provides administrators with tools and interfaces to manage, configure, and monitor the SD-WAN network effectively.
The orchestration plane act as security guys who accepts or rejects devices to join SDWAN fabric.
Understanding these planes is crucial for designing, implementing, and maintaining a successful Cisco SD-WAN deployment.
Get the Cisco SD-WAN Zero-to-One ebook
