The SD-WAN Gateway runs on a standard hypervisor (KVM or VMware ESXi).
Minimum Server Requirements
To run the hypervisor:
- 10 Intel CPU's at 2.0 Ghz or higher. The CPU must support the AES-NI, SSSE3, SSE4, and RDTSC instruction sets.
- 20+ GB (16 GB is required for SD-WAN Gateway VM memory)
- 100 GB magnetic or SSD based, persistent disk volume
- 2 x 1 Gbps (or higher) network interface. The physical NIC card supported are Intel 82599/82599ES and Intel X710/XL710 chipsets (for SR-IOV support).
Recommended Server Specifications
| NIC Chipset | Hardware | Specification |
|---|---|---|
| Intel 82599/82599ES | HP DL380G9 | http://www.hp.com/hpinfo/newsroom/press_kits/2014/ComputeEra/HP_ProLiantDL380_DataSheet.pdf |
| Intel X710/XL710 | Dell PowerEdge R640 | https://www.dell.com/en-us/work/shop/povw/poweredge-r640
|
| Intel X710/XL710 | Supermicro SYS-6018U-TRTP+ | https://www.supermicro.com/en/products/system/1U/6018/SYS-6018U-TRTP_.cfm
|
Recommended NIC Specifications
| Hardware Manufacturer | Firmware Version | Host Driver for Ubuntu 16.04 | Host Driver for ESXi 6.7 |
|---|---|---|---|
| Dual Port Intel Corporation Ethernet Controller XL710 for 40GbE QSFP+ | 6.80 | 2.7.11 | 1.7.17 |
| Dual Port Intel Corporation Ethernet Controller X710 for 10GbE SFP+ | 6.80 | 2.7.11 | 1.7.17 |
| Quad Port Intel Corporation Ethernet Controller X710 for 10GbE SFP+ | 6.80 | 2.7.11 | 1.7.17 |
Supported Hypervisor Versions
| Hypervisor | Supported Versions |
|---|---|
| VMware |
|
| KVM |
|
SD-WAN Gateway Virtual Hardware Specification
For VMware, the OVA already specifies the minimum virtual hardware specification. For KVM, an example XML file will be provided. The minimum virtual hardware specifications are:
- 8 vCPUs
Important: All 8 vCPU cores should be mapped to the same socket with the Cores per Socket parameter set to 8.
- Minimum of one vNICs:
- The First vNIC is the public (outside) interface, which must be an untagged interface.
- The Second vNIC is optional and acts as the private (inside) interface that can support VLAN tagging dot1q and Q-in-Q. This interface typically faces the PE router or L3 switch.
Important: Currently, Partner Gateway VLAN tagging is not supported on SR-IOV interfaces. To support VLAN tagging, use VMXNET3 on ESXi environment or use Linux Bridge with VLAN filtering on KVM.
- Optional vNIC (if a separate management/OAM interface is required).
- 32 GB of virtual disk
Firewall/NAT Requirements
- The firewall needs to allow outbound traffic from the SD-WAN Gateway to TCP/443 (for communication with SD-WAN Orchestrator).
- The firewall needs to allow inbound traffic from the Internet to UDP/2426 (VCMP), UDP/4500, and UDP/500. If NAT is not used, then the firewall needs to also allow IP/50 (ESP).
- If NAT is used, the above ports must be translated to an externally reachable IP address. Both the 1:1 NAT and port translations are supported.
Git Repository with Templates and Samples
The following Git repository contains templates and samples.
git clone https://bitbucket.org/velocloud/deployment.git
Use of DPDK on VMware SD-WAN Gateways
To improve packet throughput performance, VMware SD-WAN Gateways take advantage of Data Plane Development Kit (DPDK) technology. DPDK is a set of data plane libraries and drivers provided by Intel for offloading TCP packet processing from the operating system kernel to processes running in user space and results in higher packet throughput. For more details, see https://www.dpdk.org/.
On VMware hosted Gateways and Partner Gateways, DPDK is used on interfaces that manage data plane traffic and is not used on interfaces reserved for management plane traffic. For example, on a typical VMware hosted Gateway, eth0 is used for management plane traffic and would not use DPDK. In contrast, eth1, eth2, and eth3 are used for data plane traffic and use DPDK.
