Skip to main content

Introduction to Nova SD-WAN 2.0

SD-WAN, Software Defined Wide Area Network, applies SDN (Software Defined Network) technology to wide area network management scenarios. This technology is used to connect enterprise networks, data centers, Internet applications and cloud applications across a wide geographical range. Compared with traditional WAN networking, SD-WAN has the ability to visualize business orchestration, network application awareness, and dynamic multi-path automatic adjustment and optimization.

Nova SD-WAN 2.0 is a new-generation SD-WAN product independently developed by Nanling. Compared with the first-generation product, it has the following advantages:

  • Flexible networking mode: backbone mode and HS mode can be turned on at the same time, supporting network regional division and inter-regional networking;
  • End-to-end path monitoring: In backbone mode, the link quality monitoring between NSE and NSE is end-to-end, not NSE to NSG;
  • Monitoring of overlay tunnels: It can monitor each overlay tunnel of NSE, including the device to which the tunnel is established, the path of the tunnel, and the traffic of the tunnel, allowing users to clearly know where the traffic comes from and where it goes.

image004

Glossary

  • NSE

    • Description: The SD-WAN user-side edge gateway, also called Edge, refers to the SD-WAN network access device placed on the user side.
    • Purpose: Acts as the "gateway" from a "user site" to a peer site or the backbone network. If a user has multiple branches connected to SD-WAN, each site requires at least 1 NSE. For important sites such as data centers and headquarters, it is recommended to deploy 2 NSEs, one master and one backup.

  • NSG

    • Description: The SD-WAN edge gateway, which has three roles: the "NSE gateway" is the access gateway for NSEs to access SD-WAN, the "remote access gateway" is the access gateway for mobile clients to access SD-WAN, and the "acceleration gateway" is the Internet outbound gateway for path optimization.
    • Purpose: Used to provide NSE access, remote user access, and backbone network interconnection. It is typically deployed in a virtualized environment.

  • NSC

    • Description: NSC is the core component of the SD-WAN system and the brain of the entire platform, managing all SD-WAN components.
    • Purpose: NSE/NSG device authorization, registration, control management, batch processing, monitoring, and status display.

  • POP

    • Description: Short for the access point covered by the SD-WAN backbone network, it refers to the node where the SD-WAN backbone network provides user access. The more POPs are distributed, the stronger the network access capability.
    • Purpose: Used to provide users with network access. Multiple NSGs and their supporting network equipment are usually deployed in a POP.

  • HA

    • Description: High availability means deploying 2 NSEs at the same important site to form a master-backup model.
    • Purpose: To ensure high network reliability. In HA mode, the master NSE provides network forwarding; when the master NSE fails, the backup NSE takes over its functions, so normal network communication is not affected.

  • Localloop / Last Mile

    • Description: The local line / last-mile line refers to the link between the "user site" and the SD-WAN backbone network NSG. This link is usually used to connect the NSE and the NSG.
    • Purpose: Serves as the network link for NSE-NSG interconnection.

  • 5-tuple

    • Description: The collective name for the five elements: source IP address, source port, destination IP address, destination port, and transport-layer protocol.
    • Purpose: Used to define network traffic.

  • Topology Type

    • Description: Backbone mode and HS mode. Backbone mode refers to the NSE connecting to the NSG through the Nova backbone network; HS mode refers to Hub & Spoke mode, in which NSEs are connected point-to-point through dedicated lines or the Internet.
    • Purpose: The topology for NSE networking. In addition to the two basic topologies above, Nova SD-WAN 2.0 also supports hybrid networking of the two.

  • Transport Group (Transport)

    • Description: Based on different transmission carriers, backbone mode and HS mode are divided into four types of Transport: Nova Private (backbone-mode dedicated line), Nova Public (backbone-mode Internet), HS Private (HS-mode dedicated line), and HS Public (HS-mode Internet).
    • Purpose: Transport defines the forwarding method of the NSE and is an important component of the path-selection mechanism.

  • Underlay / Overlay

    • Description: Underlay and Overlay are relative terms. Generally, the Underlay can be understood as the underlying physical bearer network, such as a network cable in a data center or a physical dedicated line or the Internet between sites. The Overlay can be understood as the upper-layer logical network running on top of the physical network, such as tunnels (GRE, IPsec, etc.). However, if a tunnel runs on top of another tunnel, the outer tunnel can also be called an Underlay.
    • Purpose: SD-WAN uses Underlay and Overlay technologies to carry and isolate user data, achieving end-to-end connectivity and multi-tenant isolation.

  • e2e

    • Description: An end-to-end tunnel established between two NSEs on an existing path is called e2e.
    • Purpose: The e2e tunnel is used to carry specified application traffic and is an important component of the path-selection mechanism.

  • PFR

    • Description: Performance Routing. It performs route forwarding based on path quality: if a path meets the threshold, it is selected for forwarding; if not, it is not selected; if multiple paths meet the threshold at the same time, the load is shared.
    • Purpose: A forwarding mechanism that determines path quality based on network quality.

  • VRF

    • Description: Virtual Routing and Forwarding; some vendors also call it a segment.
    • Purpose: An important component for isolating traffic within a tenant.

  • Tenant

    • Description: A tenant is equivalent to an organization or a customer.
    • Purpose: The unit of data isolation between users.

  • Site

    • Description: A site represents a branch of the user, and a site can be associated with up to 2 NSEs.
    • Purpose: The access-side configuration unit. SD-WAN 2.0 takes the site as the perspective and no longer configures from the NSE perspective; the site configuration is automatically applied to the NSE.

Compare the functional advantages of traditional private networks

Function ComparisonSDWANMPLS VPNMSTP/SDH
Network topologymeshmeshstar
Networking modeLayer 3Layer 3Layer 2
Use dedicated line access for the last mile
The last mile uses Internet access such as ADSL and 4G
Last mile communication encryption
User site HA backup
Support end-to-end QOS division of the link
Support end-to-end network monitoring of the site
Support traffic statistics and analysis
Support multi-link load balancing
Support dynamic multi-link optimization adjustment
Support link optimization and anti-packet loss function
Support NSE to automatically select the optimal node for access
Support application identification
Support cloud platform batch management of user NSE
1. Configure firewall policy
2. Configure QOS policy
3. Configure IP address, routing, DNS, DHCP
4. Configure HA
5. Add, delete, check and modify user NSE site