Routing

The Routing section provides the following options:

  • Routing Policies
  • Routing Domains
  • Import Route Profiles
  • Export Route Profiles
  • Intermediate Node

Routing

Routing policies

Routing policies help to enable traffic steering. Based on the selection (Application routes and IP Routes) you can use different ways to steer traffic.

Routing policy

Click + Application Route to create application route.

  • Custom Application Match Criteria:

    • Application: Choose one application from the list.
    • Routing Domain: Select a routing domain.
  • Scope: You can scope the application route at the global level or site and group specific level.

  • Traffic Steering;

    • Delivery Service: Choose one delivery service from the list.
    • Cost: Reflects the relative priority of each route. Lower the cost, higher the priority.

Application route

If new application route gets added, then the route cost must be in the following range:

  • Custom application: 1–20
  • Application: 21–40
  • Application group: 41–60

Office 365 optimization

The Office 365 Optimization features adhere to the Microsoft Office 365 Network Connectivity Principles, to optimize Office 365. Office 365 is provided as a service through several service endpoints (front doors) located globally.

To achieve optimal user experience for Office 365 traffic, Microsoft recommends redirecting Office365 traffic directly to the Internet from branch environments and avoiding practices such as backhauling to a central proxy. This is because Office 365 traffic such as Outlook, Word are sensitive to latency and backhauling traffic introduces additional latency resulting in poor user experience. Citrix SD-WAN allows you to configure policies to break out Office 365 traffic to the Internet. For more information, see Office 365 Optimization.

In SD-WAN Orchestrator, by-default every network have the office 365 rule under Application Group. To navigate, go to Network Configuration > Routing > Routing Policies > Application Routes.

O365

You cannot delete the rule but can rearrange the settings as required.

O365 detail

Click the office 365 rule to view the default settings such as Match Type, Application Group, Delivery Service, and so on. You cannot modify these default settings.

Office 365 endpoints are a set of network addresses and subnets. Endpoints are segregated into the following three categories:

  • Optimize - These endpoints provide connectivity to every Office 365 service and feature, and are very sensitive to availability, performance, and latency. It represents over 75% of Office 365 bandwidth, connections, and volume of data. All the Optimize endpoints are hosted in Microsoft data centers. Service requests to these endpoints must breakout from the branch to the Internet and must not go through the data center.

  • Allow - These endpoints provide connectivity to specific Office 365 services and features only, and are not so sensitive to network performance and latency. The representation of Office 365 bandwidth and connection count is also significantly lower. These endpoints are hosted in Microsoft data centers. Service requests to these endpoints might breakout from the branch to the Internet or might go through the data center.

  • Default - These endpoints provide Office 365 services that do not require any optimization, and can be treated as normal Internet traffic. Some of these endpoints may not be hosted in Microsoft data centers. The traffic in this category is not susceptible to variations in latency. Therefore, direct breaking out of this type of traffic does not cause any performance improvement when compared to Internet breakout. In addition, the traffic in this category may not always be Office 365 traffic, hence it is recommended to disable this option when enabling Office 365 breakout in your network.

NOTE

By-default, the Optimize, Allow, and Default options are disabled. You cannot delete these settings but can enable as needed.

IP Routes

Go to IP Routes tab and click + IP Route to IP Route policy to steer traffic.

IP route

  • IP Protocol Match Criteria:

    • Destination Network: Add the destination network that helps to forward the packets.
    • Use IP Group: You can add a destination network or enable the Use IP Group check box to select any IP group from the drop-down list.
    • Routing Domain: Select a routing domain from the drop-down list.
  • Scope: You can scope the IP route at the global level or site and group specific level.

  • Traffic Steering;

    • Delivery Service: Choose one delivery service from the drop-down list.
    • Cost: Reflects the relative priority of each route. Lower the cost, higher the priority.

If new IP route gets added, then the route cost must be in 1-20 range.

Click Verify Config to validate any audit error.

Routing domains

Routing Domains are used for segregate traffic through VLAN. Once the routing domains are created, you can reference them at the global level (for Intranet services) or interface level.

To match routes from a specific routing domain, choose one of the configured Routing Domains from the list.

Network segmentation routing domains

Click Verify Config to validate any audit error.

Import route profiles

You can configure Filters to fine-tune how route-learning takes place.

Import filter rules are rules that have to be meet before importing dynamic routes into the SD-WAN route database. By default, no routes are imported.

Import route profiles

Add an Import Filter Profile with the Import Profile Name, Profile Availability, and Import Filters along with the following fields:

  • Protocol - Select the protocol from the list.
  • Routing Domain - To match routes from a specific routing domain, choose one of the configured Routing Domains from the list.
  • Source Router - Enter the IP address and netmask of configured network object that describes the route’s network.
  • Destination IP - Enter the destination IP address.
  • Prefix - To match routes by prefix, choose a match predicate from the list and enter a Route prefix in the adjacent field.
  • Next Hop - Enter the next hop destination.
  • Route Tag - Fill the route tag.
  • Cost - The method (predicate) and the SD-WAN Route Cost that are used to narrow the selection of routes exported.

 Import route profile details

Click Verify Config to validate any audit error.

Export route profiles

Define the rules that have to meet when advertising SD-WAN routes over dynamic routing protocols. By default, all routes are advertised to peers.

Export route profile

Click Verify Config to validate any audit error.

Intermediate node

You can configure a site to route via intermediate node for transferring data. You can also restore and save the site-intermediate node virtual path cost.

Intermediate nodes are used to route data to non-adjacent nodes. For example, if three computers are connected in series A-B-C, then a data from A to C can be routed via B.

We can specify the intermediate node and the sites to be routed via the intermediate node in SD-WAN orchestrator.

Intermediate node

Click Verify Config to validate any audit error.

To add an Intermediate Routing Node, Click + Intermediate Routing Node, select a node from the drop-down list, provide site-intermediate node virtual path cost, and select the Region and the corresponding sites.

Intermediate routing node

Review and save your configuration.

Intermediate routing node review save