Kaspersky SD-WAN
2.2
English

Contents

Managing transport services in an SD-WAN instance template

To display the table of P2M services and M2M services in an SD-WAN instance template, go to the SD-WAN → SD-WAN instance templates section, click the SD-WAN instance template, and select the Transport services tab. Information about P2M services and M2M services is displayed in the following columns of the table:

  • Name is the name of the P2M service or M2M service.
  • Type is the type of transport service:
    • P2M
    • M2M
  • Management tunnel indicates whether the P2M service or M2M service is a management service:
    • Yes
    • No
  • Mode indicates whether a DFI (Default Forwarding Interface) is used in the P2M service, to which unknown unicast traffic is sent:
    • Classic if you do not want to use DFI. Default value.
    • DFI with FIB on root and leafs if you want to use DFI on the service interface with the root role.
    • DFI with FIB on leaf if you want to use DFI on the service interface with the root role. Service interfaces with the leaf role must be created on the same CPE device. Backup service interfaces with the leaf role must be created on the same CPE device, which must be different from the CPE device on which the primary service interfaces are created.

    The value in this column is displayed only if the value in the Type column is P2M.

  • MAC age (sec.) is the time period in seconds during which entries are kept in the MAC table of the controller.
  • MAC learn mode is the action applied to a series of frames when the first frame is sent to the controller to learn the source MAC address:
    • Learn and flood means the controller remembers the MAC address of the source and checks for the presence of the destination MAC address in the MAC table. If the destination MAC address is not in the MAC table, the series of frames is sent to all service interfaces added to the M2M service, except for the service interface on which the series of frames originally arrived.
    • Learn and drop means the controller remembers the MAC address of the source and checks for the presence of the destination MAC address in the MAC table. If the destination MAC address is not in the MAC table, the series of frames is dropped.

    If the destination MAC address is present in the MAC table, the series of frames is sent to the destination service interface.

  • MAC table size is the maximum number of entries in the MAC table on the controller.
  • MAC table overload is the policy for processing new MAC addresses when the MAC table of the controller is full:
    • Flood means traffic with destination MAC addresses that have not been learned is transmitted as BUM traffic (Broadcast, unknown-unicast, and multicast). Default value.
    • Drop means that traffic with destination MAC addresses that have not been learned is dropped.

To display a list of L3 VPN services, select the L3 services tab.

In this section

Creating a P2M service or an M2M service in an SD-WAN instance template

Creating an L3 VPN service in an SD-WAN instance template

Editing a transport service in an SD-WAN instance template

Deleting a transport service in an SD-WAN instance template
Page top
[Topic 277341]

Creating a P2M service or an M2M service in an SD-WAN instance template

To create a P2M service or an M2M service in an SD-WAN instance template:

  1. In the menu, go to the SD-WAN → SD-WAN instance templates section.

    A table of SD-WAN instance templates is displayed.

  2. Click the SD-WAN instance template in which you want to create a P2M service or an M2M service.

    The settings area is displayed in the lower part of the page. You can expand the settings area to fill the entire page by clicking the expand icon . By default, the Information tab is selected, which displays the name of the SD-WAN instance template.

  3. Select the Transport services tab.

    The X2M services tab with the table of P2M services and M2M services is selected by default.

  4. Click + Transport service.
  5. This opens a window; in that window, in the Name field, enter the name of the P2M or M2M service.
  6. In the Type drop-down list, select the type of the transport service:
    • P2M If you select this option in the Mode drop-down list, select whether the P2M service uses a DFI (Default Forwarding Interface), to which unknown unicast traffic is sent:
      • Classic if you do not want to use DFI. Default value.
      • DFI with FIB on root and leafs if you want to use DFI on the service interface with the root role.
      • DFI with FIB on leaf if you want to use DFI on the service interface with the root role. Service interfaces with the leaf role must be created on the same CPE device. Backup service interfaces with the leaf role must be created on the same CPE device, which must be different from the CPE device on which the primary service interfaces are created.
    • M2M
  7. If you want to make a P2M or M2M service the management service, select the Management tunnel check box. This check box is cleared by default. Only one transport service can be the management service.
  8. In the MAC learn mode drop-down list, select the action that you want to apply to a series of frames when the first frame is sent to the controller to learn the source MAC address:
    • Learn and flood means the controller remembers the MAC address of the source and checks for the presence of the destination MAC address in the MAC table. If the destination MAC address is not in the MAC table, the series of frames is sent to all service interfaces added to the P2M service, except for the service interface on which the series of frames originally arrived. Default value.
    • Learn and drop means the controller remembers the MAC address of the source and checks for the presence of the destination MAC address in the MAC table. If the destination MAC address is not in the MAC table, the series of frames is dropped.

    If the destination MAC address is present in the MAC table, the series of frames is sent to the destination service interface.

  9. In the MAC table size field, enter the maximum number of entries in the MAC table on the controller. Range of values: 0 to 65,535. 0 means the number of records in the MAC table of the controller is not limited. Default value: 100.
  10. In the MAC age (sec.) field, enter the time period in seconds during which entries are kept in the MAC table of the controller. Range of values: 10 to 65,535. Default value: 300.
  11. In the MAC table overload drop-down list, select the policy for processing new MAC addresses when the MAC table of the controller is full:
    • Flood means traffic with destination MAC addresses that have not been learned is transmitted as BUM traffic (Broadcast, unknown-unicast, and multicast). Default value.
    • Drop means that traffic with destination MAC addresses that have not been learned is dropped.
  12. Click Create.

    A P2M service or an M2M service is created and displayed in the table.

  13. In the upper part of the settings area, click Save to save the settings of the SD-WAN instance template.
Page top
[Topic 277355]

Creating an L3 VPN service in an SD-WAN instance template

To create an L3 VPN service in an SD-WAN instance template:

  1. In the menu, go to the SD-WAN → SD-WAN instance templates section.

    A table of SD-WAN instance templates is displayed.

  2. Click the SD-WAN instance template in which you want to create an L3 VPN service.

    The settings area is displayed in the lower part of the page. You can expand the settings area to fill the entire page by clicking the expand icon . By default, the Information tab is selected, which displays the name of the SD-WAN instance template.

  3. Select the Transport services L3 services tab.

    A list of L3 VPN services is displayed.

  4. Click + Transport service.
  5. This opens a window; in that window, enter the name of the L3 VPN service.
  6. Click Create.

    The L3 VPN service is created and displayed in the table.

  7. In the upper part of the settings area, click Save to save the settings of the SD-WAN instance template.
Page top
[Topic 277359]

Editing a transport service in an SD-WAN instance template

To edit a transport service in an SD-WAN instance template:

  1. In the menu, go to the SD-WAN → SD-WAN instance templates section.

    A table of SD-WAN instance templates is displayed.

  2. Click the SD-WAN instance template in which you want to edit a transport service.

    The settings area is displayed in the lower part of the page. You can expand the settings area to fill the entire page by clicking the expand icon . By default, the Information tab is selected, which displays the name of the SD-WAN instance template.

  3. If you want to edit a P2M service or M2M service:
    1. Select the Transport services tab.

      The X2M services tab with the table of P2M services and M2M services is selected by default.

    2. Click Edit next to the P2M service or M2M service that you want to edit.
    3. This opens a window; in that window, if necessary, edit the P2M service or M2M service settings. For a description of the settings, see the instructions for creating a P2M service or M2M service in an SD-WAN instance template.
  4. If you want to edit an L3 VPN service:
    1. Select the Transport services L3 services tab.

      A list of L3 VPN services is displayed.

    2. Click Edit next to the L3 VPN service that you want to edit.
    3. This opens a window; in that window, if necessary, edit the L3 VPN service name.
  5. Click Save.

    The transport service is modified and updated in the table.

  6. In the upper part of the settings area, click Save to save the settings of the SD-WAN instance template.
Page top
[Topic 277362]

Deleting a transport service in an SD-WAN instance template

Transport services that are deleted in the SD-WAN instance template cannot be restored.

To delete a transport service in an SD-WAN instance template:

  1. In the menu, go to the SD-WAN → SD-WAN instance templates section.

    A table of SD-WAN instance templates is displayed.

  2. Click the SD-WAN instance template in which you want to delete a transport service.

    The settings area is displayed in the lower part of the page. You can expand the settings area to fill the entire page by clicking the expand icon . By default, the Information tab is selected, which displays the name of the SD-WAN instance template.

  3. If you want to delete a P2M service or M2M service:
    1. Select the Transport services tab.

      The X2M services tab with the table of P2M services and M2M services is selected by default.

    2. Click Delete next to the P2M service or M2M service that you want to delete.

    The P2M service or M2M service is deleted and no longer displayed in the table.

  4. If you want to delete an L3 VPN service:
    1. Select the Transport services L3 services tab.

      A list of L3 VPN services is displayed.

    2. Click Delete next to the L3 VPN service that you want to delete.

    The L3 VPN service is deleted and is no longer displayed in the table.

  5. In the upper part of the settings area, click Save to save the settings of the SD-WAN instance template.
Page top
[Topic 277370]