About the interaction of the CPE device and the controller
After the CPE device is registered, management sessions are established between its SD-WAN interfaces of the WAN type and the TCP ports of controller nodes. One of the management sessions is the primary session, and the others are in standby mode. The main management session is used to transmit tasks related to managing the virtual switch of the CPE device, such as modifying path settings. If the primary management session is terminated, a new primary management session is chosen randomly from previously established management sessions.
Management sessions are established by matching OpenFlow port numbers referenced by SD-WAN interfaces of the WAN type to TCP port numbers of the controller nodes, based on their order. For example, in the figure below, the CPE device has four SD-WAN interfaces that reference OpenFlow ports 4800, 4801, 4802, and 4803. The controller nodes have TCP ports 6653, 6654, 6655, 6656. In this case, management sessions are established as follows:
- SD-WAN 4800 → 6653
- SD-WAN 4801 → 6654
- SD-WAN 4802 → 6655
- SD-WAN 4803 → 6656
Management sessions between a CPE device and three controller nodes
Management sessions can be configured while configuring the connection of the CPE device to the orchestrator and controller. For example, you can select an SD-WAN interface of the WAN type to prioritize it for the purposes of establishing the primary management session; you can also enable or disable encryption for management sessions.
You can change the IP addresses and TCP port numbers of the controller nodes while configuring the controller nodes of an SD-WAN instance. This automatically changes the IP addresses and TCP port numbers of controller nodes on all CPE devices that are added to the SD-WAN instance. If SD-WAN interfaces of the WAN type of the CPE device are connected to different networks, for example, the internet and a private MPLS network, you can change the IP addresses and TCP port numbers of controller nodes on individual SD-WAN interfaces of the WAN type when you create or edit SD-WAN interfaces of the WAN type. The IP addresses and TCP port numbers specified on the SD-WAN interface of the WAN type take precedence over the IP addresses and TCP port numbers specified when configuring the controller nodes of the SD-WAN instance.
To display the table of CPE devices with information about management sessions, go to the Infrastructure menu section, click Management → Configuration menu next to the controller, and go to the Switches section. Information about management sessions is displayed in the following table columns:
- Name is the name of the CPE device.
- ID is the sequence number of the CPE device. The CPE device with the lowest sequence number was the first to connect to the controller.
- Status is the status of the CPE device in relation to the controller:
- Active means the CPE device can be used to relay traffic.
- Inactive means the CPE device cannot be used to relay traffic.
- Connection is the status of the CPE device connection to the controller:
- Connected means management sessions are established between the CPE device and the controller nodes.
- Disconnected means no management sessions are established between the CPE device and the controller nodes.
- MAC is the MAC address of the CPE device.
- Interface are SD-WAN interfaces of the WAN type from which management sessions are established.
- Primary session is the SD-WAN interface of the WAN type from which the primary management session is established:
- Yes
- No
- IP is the IP address which the SD-WAN interface of the WAN type used to establish the management session.
- Port is the TCP port which the SD-WAN interface of the WAN type used to establish the management session.
- Created is the date and time when the CPE device was registered.
- Location is the address of the CPE device location.
- Latency (ms.) is the latency in milliseconds of the management session.
- Description is a brief description of the CPE device.