You can deploy the VMware SD-WAN HA on VMware ESXi using the supported topologies.
While deploying HA on VMware ESXi, consider the following limitations:
ESXi vSwitch Caveats
- The upstream failures are not propagated by the vSwitch that is directly connected to a virtual SD-WAN VNF. For example, if a physical adapter goes down, the VMware Edges see the link up and do not failover.
- vSwitches do not allow the ability to configure specific VLANs on a port group. If more than one VLAN is required, then VLAN 4095 must be configured. This allows all VLANs on the port group.
Note: This is not applicable to br-HA Link, which does not require VLANs.
- The virtual Edge, when working as HA, changes its original assigned MAC Address. In order to allow the virtual Edge to receive frames with a MAC Address that is different from the one originally assigned, set the MAC address changes option on the virtual switch to Accept.
- To allow the virtual Edge to receive traffic in the br-HA Link with multiple destination MAC Addresses, change the security settings on the port group/virtual switch to allow it to run in Promiscuous mode.
Limitations of VMware SD-WAN High Availability
- There is no generic way of failure detection that will work on all the hardware, virtual, and uCPE platforms.
You can enable the Loss of Signal (LoS) detection to determine the HA Failover. For more information, see HA LoS Detection on Routed Interfaces.
VMware SD-WAN supports the following topologies while deploying HA on VMware ESXi:
Topology 1: Legacy HA with WAN linksThe following image illustrates a topology with legacy HA along with WAN links that have been uplinked using a single physical adapter and one routed LAN or trunked LAN through single physical adapter.
Topology 2: Enhanced HA with WAN LinksThe following topology shows enhanced HA with three WAN links.
Topology 3: Enhanced HA with SubinterfacesThe following image shows Enhanced HA with subinterfaces on the WAN interfaces with VLAN ID as 4095 on port group.