VMware allows the Enterprise users to define and configure a Non SD-WAN Destination instance to establish a secure IPsec tunnel to a Non SD-WAN Destination through an SD-WAN Gateway.
The Orchestrator selects the nearest Gateway for the Non SD-WAN Destination with its configured IP address, using geolocation service.
You can configure Non SD-WAN Destination via Gateway only at the Profile Level and cannot override at the SD-WAN Edge level.
ECMP
To optimize the utilization of the aggregated bandwidth across the ingress interfaces of non-SDWAN sites, VMware SD-WAN solution incorporates active-active mode support in its gateways.
This can be achieved by enabling the establishment of multiple IPsec tunnels in active-active mode towards non-SDWAN sites. This configuration allows load balancing of network traffic across tunnels optimizing the flow of distribution.
To implement active-active mode with multiple IPsec tunnels towards non-SDWAN sites, the following three steps are required:
- Set up tunnels connecting to Non-SDWAN sites with tunnel mode as Active-Active.
- Choose the preferred load balancing algorithm.
- Configure BGP or Static site subnet routes directing traffic to these sites.
Procedure
What to do next
- Associate your Non SD-WAN Destination to a Profile. For more information, see:
- Configure a Business Policy. For more information, see Configure Business Policies.
Note: Configuring Business Policy is not mandatory for this feature.