The role of SD-WAN templates before and during deployment
SD-WAN deployments require knowledge of network design and trust in software to take over some network maintenance duties. This is where SD-WAN templates come into play.
Software-defined WAN technology has various benefits for organizations with branch offices, and the switch to remote work hasn't drastically changed how organizations can benefit from SD-WAN.
SD-WAN templates that include configurations for branch offices give organizations the option to extend their planned SD-WAN deployments to employee homes, as remote workforces remain prevalent. Organizations without SD-WAN templates may consider them to standardize and streamline deployment, according to authors Jason Gooley and Dustin Schuemann, especially as networks and IT technologies become more software-defined.
In the book Cisco Software-Defined Wide Area Networks: Designing, Deploying and Securing Your Next Generation WAN with Cisco SD-WAN by Gooley, Shuemann, Dana Yanch and John Curran, the authors explore not only what readers need to know for Cisco's certifications, but real-world information for SD-WAN templates and deployment.
Editor's note: The following interview was edited for length and clarity.
What's the status of SD-WAN in 2020, and where do you see it going in the new year?
Jason Gooley: The hazards of COVID-19 and everybody working remotely have definitely put a strain on what we would call the 'typical WAN.' However, we see more folks starting to deploy remote devices that can be SD-WAN-enabled. So, the process is essentially moving to the house for all these different folks.
Dustin Schuemann: With things like zero-trust networking and SASE [Secure Access Service Edge], we see more integration with SD-WAN and cloud services. We see more continued integration, providing security around all that, as well as improving and monitoring the user experience for those applications.
There's fundamentally not much of a difference between a remote branch and a teleworker scenario. … Taking what we can do with an enterprise SD-WAN solution around security and pushing that down to the branch or remote teleworker is beneficial, so it's going to continue.
What common questions do you get about SD-WAN?
Gooley: I get questions around certifications, around what technologies to learn in order to do software-defined WAN. It's becoming a separate lane. Some folks already have experience with BGP [Border Gateway Protocol] and routing protocols; it's still valid and good, but you also get new people coming into IT starting off with software-defined networking as their base of what networking is.
Schuemann: You don't necessarily need to know the knobs of BGP to make this work. You need to understand design. Design hasn't changed. The fundamental concepts still exist with SD-WAN. There have been a lot of questions around that because people sometimes assume, with SD-WAN, it's just a couple clicks of a button and I have a large, magical WAN. But that's not always the case.
When I get into [proofs of concept], customers come in with their traditional WAN that has heavy routing. … You can do that with SD-WAN, but you might not necessarily need to if business requirements don't call for it. So, design skills are still important and seem to be getting lost a little bit with SD-WAN.
Spend time planning things out [before you deploy]. Plan how you want to build your templates, how you want that workflow to look, how you want your sites mapped out. … Having a proper site design ahead of time makes things easier down the road.
What roles do SD-WAN templates play in configuration and deployment?
Schuemann: If we look at how we traditionally configure routers, we would log on to them, type out the commands, then grab another router and do the exact same thing. But IP addresses, hostnames and routing configurations might be slightly different. That can be a pain when you look at large sites or even a network with 10 routers. How do you maintain those configurations and make sure they're standardized?
This is where templates come into play. Let's say we have an OSPF [Open Shortest Path First] configuration, and it's mostly standardized, but there are slight differences. This allows us to build a base template. Then, we can build variables into there, so when this configuration gets pushed to this device, let's set these [different] variables. Maybe router IDs or things like that are unique. So, you build your configuration once, push it down and change only relevant pieces. This means there's less time troubleshooting issues if you push a wrong configuration.
If you push a template down and it breaks your connectivity to the network, these templates automatically roll back to a known-good configuration. There's some disaster recovery. Ultimately, it allows you to streamline configurations and reduce the time to provision networks.
Gooley: If you use something that gives you variables and won't allow you to have duplicate IP addresses, hostnames, router IDs or whatever, it's less likely you'll copy and paste the same configuration on a second switch and forget to change a field because it's set up in a way that won't let you do that unless you change something. There are inherent fail-safes in some of the software that will help lower human error and risk but also make it much faster and more streamlined.
What should teams consider when choosing or building SD-WAN templates?
Schuemann: When you start building this out and you're building a template for every little thing, you end up with what we call 'template sprawl,' where you've got hundreds upon hundreds of templates to do every little thing because that's what we're conditioned to do. But, every time I do a deployment [or] talk to a customer, we make that list smaller because we start leveraging these variables.
So, look for opportunities to leverage variables where initially you may not use variables … you may shrink your template list from 100 to 50. I've been part of deployments where a site with 500 locations [uses] two templates of one type because we've been able to leverage variables.
Gooley: SD-WAN is such a disrupter. It is such a change from the norm of what we've been doing that, for a lot of customers, this is their opportunity to rearchitect their entire WAN.
In that comes thinking about an IP address assignment and how to construct and design that whole IP space, as well as naming conventions. A lot of customers still do not have standardization techniques for the versions of software on their devices.
It's very interesting to see where we're going with network design -- let alone software innovations. Even hardware is capable of things we were never able to do before. … That's why it's so beneficial to start looking at software-defined x, whatever it may be.