Skip to main content

SD-WAN architecture

So to deal with the challenges described in the previous chapter while also allowing for simplified and centralized management we could introduce an additional SD-WAN layer like this

SDWAN-03.png

As you can see, nothing changes in our topology and we are still using redundant Edge devices, links and carriers. What we are doing though is introducing a few more devices (you can think of them as controllers) to help us to lower the complexity of our network.

Each of those devices has it's own function briefly described as follows:

  • Data plane controller - is basically responsible for the encrypted data transit in our network. It's looking after the traffic paths (routing protocols) running through the IPsec tunnels between the endpoints.
  • Control plane controller - is making sure that SD-WAN network is converged and endpoints can reach each other (think of route propagation here)
  • Management plane controller - is basically a GUI/API interface allowing for centralized management
  • Orchestration plane controller - is responsible for device onboarding and authentication
Back to top