SD-WAN

 View Only
last person joined: 9 days ago 

Ask questions and share experiences with SD-WAN and Session Smart Router (formerly 128T).
  • 1.  Feature Friday Secure Vector Routing (SVR) Part One

     
    Posted 07-11-2022 12:39

     Ah July. For me in the Northeast, that means beach weather, backyards BBQs, and the 4th of July.

    As many of you know the 4th of July, America's Independence Day, traditionally calls for fireworks. Well, for today's Feature Friday, I wanted to discuss with you the feature that creates the most fireworks in the routing world: Secure Vector Routing (SVR) (sorry, couldn't help it).

    Secure Vector Routing (SVR) Overview

    Secure Vector Routing is a protocol that two Session Smart Routers (SSRs) use when they are sending traffic back and forth to each other. The best part of SVR is that it provides Security (through encryption, authentication, and NAT) without adding additional headers to packets, unlike tunnel-based protocols, such as GRE and IPsec. 

    Secure Vector Routing enables security without additional headers through a metadata exchange between two SSRs. This is basically like a secret message that is passed between SSRs sharing information such as:

    • Original Source and Destination IP addresses and Ports
    • Tenant (user access group)
    • Service (destination of traffic)
    • Path conditions
    • And more

    We'll get into this more next week. But to learn more about the metadata exchange now, check out this article

    There are many benefits to using SVR over a tunnel-based protocol, but just to name a few:

    • Tunnel add overhead and bandwidth consumption
    • Tunnels sometimes require fragmentation, which is inefficient on the router and is not compatible with all firewalls
    • Tunnels limit scale as there is a limit to the number of tunnels a router can support
    • Tunnels have security concerns as they are bi-directional flows. This means that if one side of a tunnel is compromised, the other is susceptible as well.

     

    To learn more about the downfalls of tunnel-based protocols and why we avoid them, take a look at these resources:

      

    Well, that's it for now. We're keeping it short this week as next week we will dive into SVR part two: Packet Walkthrough. In the meantime, let us know what's on your mind!

    • Have you had negative experiences with tunnel-based architectures?
    • Do you have examples of how SVR has improved your network?
    • Where is the best place to see Fireworks on the 4th of July?  (I'll travel)

    Looking forward to hearing from you and I can't wait to dig in to the Packet Walkthrough next week!

    #FeatureFridays #SVR #SecureVectorRouting #metadata #tunnels​​​​​​​​​

    ------------------------------
    Justin Melloni
    ------------------------------


  • 2.  RE: Feature Friday Secure Vector Routing (SVR) Part One

    Posted 07-15-2022 17:40

    Huge shot out to @Justin for pulling together these #FeatureFridays posts.   If you find them interesting/helpful/validating and want Justin to keep publishing #FeatureFridays posts, please let Justin know by clicking the "Recommend" button at the top of each post.


    Also in the spirit of community and shared learning, Justin asks questions at the bottom of each post.  If you have experience with the feature Justin mentions, reply and share your practices and perspectives.   

    One of Justin's question ☝️ was "Where is the best place to see Fireworks on the 4th of July?"  I am from a town (Mandan) in North Dakota where they allow you to shoot off fireworks (if there are not drought conditions.) There are huge fireworks going off for hours all around you. Wonderful if you like fireworks, but not so great for those with PTSD or pets.



    ------------------------------
    Jodi Meier
    ------------------------------



  • 3.  RE: Feature Friday Secure Vector Routing (SVR) Part One

     
    Posted 07-21-2022 16:12
    SVR is so powerful and beneficial! I love that it provides security and also helps with bandwidth savings.
    There are so many cool things that happen during the metadata exchange between two Session Smart Routers, and I'm really looking forward to seeing you dive deeper into that in the next Feature Friday!

    ------------------------------
    Jenna Ramos
    Documentation and Training Specialist
    ------------------------------