Citrix SD-WAN platforms support upto 8 public internet connections and 32 Private MPLS connections. This article outlines WAN link configuration best practices for the Citrix SD-WAN solution.
Points to remember while configuring WAN links:
- Configure the Permitted and Physical rate as the actual WAN link bandwidth. In cases where the entire WAN link capacity is not supposed to be used by the SD-WAN appliance, change the Permitted rate accordingly.
- When you are unsure of the bandwidth and if the links are non-reliable, you can enable the Auto Learn feature. The Auto Learn feature learns the underlying link capacity only, and uses the same value in the future.
- If the underlying link is not stable and does not guarantee fixed bandwidth (for example; 4G links), use the Adaptive Bandwidth Detection feature.
- It is not recommended to enable Auto Learn and Adaptive Bandwidth Detection on the same WAN link.
- Manually configure the MCN/RCN with the Ingress/Egress physical rate for all the WAN links since it is the central point of bandwidth distribution among multiple branches.
- For increased reliability of important data center workloads/services, when auto-learn is not used, use reliable links with SLAs that does not have random variation of capacity.
If the underlying link is not stable, change the following Path settings:
Disable Instability Sensitive
- Use Diagnostic tool to check the link health/capacity.
- If SD-WAN is deployed in one-arm mode, ensure that you do not overrun the physical capacity of the underlying link.
Verifying ISP link Health
For new deployments, earlier than SD-WAN deployment and when adding new ISP link to the existing SD-WAN deployment:
Verify the link type. For example; MPLS, ADSL, 4G.
Network characteristics. For example - bandwidth, loss, latency, and jitter.
This information helps in configuring the SD-WAN network as per your requirements.
It is commonly observed that specific network traffic bypasses the Citrix SD-WAN appliances, and uses the same underlying link configured in the SD-WAN network. Because SD-WAN does not have complete visibility over link utilization, there are chances that SD-WAN oversubscribes the link leading to performance and PATH issues.
Points to consider while provisioning SD-WAN:
- By default, all branches and WAN services (Virtual Path/Internet/Intranet) receive an equal share of the bandwidth.
- Provisioning sites must be changed, when there is high disparity in terms of bandwidth requirement or availability between the connecting sites.
- When dynamic virtual paths are enabled between maximum available sites, the WAN link capacity is shared between the static virtual path to DC and the dynamic virtual paths.