Business Support

Controlling traffic flow with CenturyLink SD-WAN (voice traffic example)

This voice traffic flow using CenturyLink® SD-WAN use case shows the steps you need to take to complete a rule for a voice traffic flow based on network service level agreement (SLA) parameters such as latency, jitter, and packet loss on the WAN connectivity of your branch location. These three steps need to be done to make a complete configuration: SLA profiles, forwarding profiles, policies and rules:
 

  1. SLA profiles—sets up the network performance parameters that monitor the performance of access circuits and WAN link of your related branch locations. An access circuit or WAN link is selected based on the threshold values specified in the SLA profile.

  2. Forwarding profiles—defines the properties of WAN circuits to be selected for traffic. It defines properties such as the load balancing method for traffic, priority of circuits, circuit type (broadband or MPLS), circuit media, and other associated attributes. Forwarding profiles are associated with SLA profiles to determine the selection of WAN circuits in a given order of priority.

  3.  Policies and rules—you can configure traffic based on matching criteria such as the traffic source address, destination address, source zone, and specific IP packet header information.

Note: The CenturyLink engineer may have already defined some standard SLA profiles and forwarding profiles. In this case, you will see them and can add a new rule that refers to those profiles.

Creating a voice traffic SLA profile

The configuration is made on a branch template and not on an individual appliance. Read an overview to compare the Director Context and Appliance Context.

Step 1—configuring SD-WAN SLA profiles

A service level agreement (SLA) defines the network performance parameters between your organization and CenturyLink and includes packet delay, packet loss, and jitter profiles. 

  1. Log in to the SD-WAN portal.
  1. In the Director Context, click on the Config Templates tab, select a template.

  2. In the Services tab (shown with a gear icon), select SDWAN > SLA Profiles.

  3. From the Organization list, select an entity.

  4. Click the + sign to add an SLA profile. 
  1. Fill in the fields to create the SLA profile. In this use case, we describe how to fill in the fields and show options for completing the profile. These selections may not be specific to your situation, they are selected for this specific example. You can also select the checkbox to turn on default options.

    1. In the Name field, type a name for the SLA profile. This is the only required field. We named ours VoiceSLAProfile.

    2. In the Description field, describe the SLA profile.

    3. In the Tags field, type words to describe the item so it will appear in a search.

    4. In the Packet Delay-variation (jitter) field, type the acceptable packet delay (in milliseconds).

    5. In the Circuit Transmit Utilization field, type the number of circuit transmit use (in percentage).

    6. In the Circuit Receive Utilization field, type the number of circuit receive use (in percentage).

    7. In the Maximum Packet Loss field, type the acceptable packet loss (in percentage). We typed 2.

    8. In the Maximum Forward Packet Loss field, type the acceptable packet loss (in a percentage).

    9. In the Maximum Reverse Packet Loss field, type the acceptable packet loss (in a percentage).

    10. In the Maximum Latency field, type the acceptable latency (in milliseconds). We typed 100.

    11. In the MOS Score field, type a value for the MOS score.


  2. Click OK.

Step 2—configuring SD-WAN forwarding profiles

A forwarding profile determines the traffic path based on realtime SLA performance of traffic. A forwarding profile defines the properties such as load balancing method, priority of circuits, circuit type, circuit media, and others to be selected for traffic.
 

  1. In the Director Context, click the Config Templates tab, then select a template.

  2. In the Services tab (shown with a gear icon), select SDWAN > Forwarding Profiles.

  3. From the Organization list, select an entity.

  4. Click the + sign to add a forwarding profile.
  1. Fill in the fields to create the SLA profile. In this use case we describe how to fill in the fields for adding a forwarding profile. These selections may not be specific to your situation, they are selected for this voice forwarding use case.

    1. In the Name field, type a name for the profile. We named ours VoiceForwardingProfile.

    2. In the Description field, type a description for the forwarding profile.

    3. In the Tags field, type words to describe the item so it will appear in a search.

    4. From the SLA Profile list, select the SLA profile. This matches the name we created in the previous step, VoiceSLAProfile.

    5. From the Encryption list, select the encryption mode. We selected Optional.

    6. From the Connection Selection Method list, select the mode to balance traffic. We selected Weighted Round Robin.

    7. In the Recompute Timer field, type the switching time (in seconds) between circuits when the current circuit does not meet the SLA threshold values. We typed 300.

    8. From the SLA Violation Action list, select the action to be taken if the traffic does not meet the SLA thresholds. We selected forward.

    9. From the Load Balancing Option list, select a load balancing option. We selected Per Flow.

    10. In the Replication section:

      1. Select the Mode checkbox for replication. Since our example is a voice forwarding profile, the box is checked.

      2. In the Replication factor field, type a replication factor. In our example, we typed 2 so the packets are replicated twice, for each of our WAN circuits.

      3. In the Start When list, select when the SLA is violated. We selected SLA Violated.

      4. Select the Stop When checkbox to stop replication. We stop replication when circuit use gets too high, so we don’t overload the circuits.

    11. In the Circuit Utilization field, type the circuit use (in percentage). We typed 85.
       
    12. Select the Evaluate Continuously checkbox to apply switching during traffic flow. We checked the box.

    13. Select the Enable Symmetric Forwarding checkbox to ensure traffic is sent out from the same circuit that was used for the inflow of traffic. We checked the box.

    14. Select the Enable Gradual Migration checkbox to enable gradual migration.
       
  2. Click the Circuit Priorities tab to configure circuit properties for local and remote clients.
  1. Click the + sign to define the circuit properties.
  1. Fill in the fields to create the SLA profile. In this use case we describe how to fill out the fields to add circuit priorities. These selections may not be specific to your situation; they are selected for this voice forwarding use case.

    1. From the Priority list, select the circuit priority, 1 is the default. We used the default.

    2. In the Description field, type a description for the circuit priority.

    3. In the Tag field, type words to describe the item so it will appear in a search.

    4. Click the Circuit Names tab, create a name for the local and remote clients. Click the + sign next to each heading and type the circuit name. Since this is a voice forwarding example, we picked both INET and MPLS to be Priority 1. This defaults to a load balanced flow across these two connections.

    5. Click the Circuit Types tab, select the type of circuit to be used for the local and remote clients. Click the + sign to select a circuit type from the list in each section.
  1. Click the Circuit Media tab, define the media of the circuit for the local and remote clients. Click the + sign to select a circuit type for each client from both lists. We selected a circuit media of LTE with a priority 2.
  1. Click the Avoid Connections tab to configure the links that should not be picked. These are defined for the local and remote client links. In our example, we will not avoid any connections.

    1. In the Local Circuit Names section, click the + sign to define the local circuit name to be skipped.

    2. In the Remote Circuit Names section, click the + sign to define the remote circuit name to be avoided.
  1. Click the FEC tab to apply any forward error correction.
  1. Select the Mode checkbox and fill in the parameters for FEC. In our example, we are already doing replication for the voice forwarding profile, so we will not add any forward error correction.

  2. Click OK.

Step 3—configuring SD-WAN policies and rules

A SD-WAN policy called the Default-Policy will have already been created.
 

  1. In the Director Context, click the Config Templates tab, then select a template.

  2. In the Services tab, select SDWAN > Policies > Rules.

  3. From the Organization list, select an entity.

  4. Click the + sign to add a rule.
  1. Fill in the fields to create the SLA profile. In this use case we describe how to fill out the fields to edit rules. These selections may not be specific to your situation, they are selected for this voice forwarding use case.

    1. In the Name field, type a name for the rule. We named ours Voice-Skype.

    2. In the Description field, describe the rule.
       
  2. Click the Source/Destination tab to configure source and/or destination addresses to capture traffic.
  1. Fill in the information for the addresses:

    1. In the Source Address section, click the + sign to select a source address. Source address refers to the originating address of incoming traffic and is classified by originating country, region, or IP address.

    2. Select the Source Address Negate checkbox to block traffic to the selected source addresses.

    3. In the Destination Address section, click the + sign to select a destination IP address. Destination address refers to the destination address of the traffic. Addresses are classified by countries, regions, or IP addresses. We do not have any source or destination rules to reference in our example.

  2. Click the Headers/Schedule tab to configure matching criteria based on the IP packet header information.
  1. Fill in the information to configure matching criteria:

    1. In the IP Version list, select the version of IP.

    2. In the IP Flags list, select either More Fragments or Don’t Fragment to indicate whether routers can fragment the data packets.

    3. In the DSCP field, click the + sign to add the differentiated services code point, which refers to the value or cost of the policy.

    4. In the Condition list, select the condition.

    5. In the Value field, type the value. This matches traffic based on the selected IP version, IP flag, and TTL match condition in the packet's header.

    6. In the Schedules list, specify the frequency of the action to be taken.

    7. Click + Schedule to create a new schedule.

    8. In the Services List section, click the + sign to select services to be allowed or blocked from the list. The list includes predefined and user-defined services. Service is defined based on the destination address and port. We do not have any rules based on IP headers or schedules for our example.
       
  2. Click the Applications/URL tab to select traffic based on applications and URLs. Select the applications and application groups in which to apply this rule.
  1. Click the Applications/URL tab, click the + sign to select an application from the list. The list includes predefined and user-defined applications. 
  1. Click the Enforce tab to select the forwarding profile and the action to be taken on the traffic.
  1. In the Action list, select the action to be taken on the traffic (Allow Flow or Deny Flow).

  2. In the Forwarding Profile list, select the forwarding profile to be applied on the traffic.

  3. Click OK.

The last step is to apply these changes to your branches.
 

  1. Click Commit.
  1. In the Select Template list, select the related branches to push either the new SD-WAN rule or all rules. We recommend you commit a template to just one branch to test your new rule before applying it to all the branches related to your template.
  1. In the View column, click the eye icon ( ) to preview changes.
  1. Click OK.

TAGS: