The following sections describe the routing functionality supported in the Citrix SD-WAN network.
OSPF is a routing protocol developed for Internet Protocol (IP) networks by the Interior Gateway Protocol (IGP) group of the Internet Engineering Task Force (IETF). It includes the early version of OSI’s Intermediate System to Intermediate System (IS-IS) routing protocol.
OSPF protocol is open, which means that its specification is in the public domain (RFC 1247). OSPF is based on the Shortest Path First (SPF) algorithm called Dijkstra. It is a link-state routing protocol that calls for sending Link-State Advertisements (LSAs) to all other routers within the same hierarchical area. Information on attached interfaces, metrics used, and other variables are included in OSPF LSAs. OSPF routers accumulate link-state information, which is used by the SPF algorithm to calculate the shortest path to each node.
You can now configure Citrix SD-WAN appliances (Standard and Premium Editions) to learn routes and advertise routes using OSPF.
Citrix SD-WAN appliances do not participate as Designated Router (DR) and BDR (Backup Designated Router) on each multi-access network since the default DR priority is set to “0.”
Citrix SD-WAN appliance does not support summarization as an Area Border Router (ABR).
How To Configure OSPF
To configure OSPF:
In the Configuration Editor, navigate to Connections >View Region > View Site > [Site Name] > OSPF > Section > Basic Settings.
Click the Enable checkbox, enter an optional Router ID. If the Router ID is not specified, it is auto-selected as the lowest Virtual IP hosted in the SD-WAN network.
Click the Advertise Citrix SD-WAN Routes checkbox if you wish to advertise Citrix SD-WAN Routes, and click Apply to enable OSPF. The routes advertise or redistribute the SD-WAN virtual path routes to peer routes with whom adjacency or peering is established so that the peer routes are aware of being able to reach this network prefixes through the SD-WAN network.
Expand OSPF -> Area, and click Edit.
Enter an area ID to learn routes from and advertise to.
For sites with multiple Routing Domains, from the Virtual Interfaces panel, choose a Routing Domain from the drop-down menu as illustrated in the figure. The Routing Domain determines which Virtual Interfaces are available. If there is only one Routing Domain configured, the Routing Domain column does not appear. If Identity is not checked for a specific Virtual IP Address, the associated Virtual Interface is not available for IP services. For more information, see the Virtual IP Address Identity section.
Choose one of the available Virtual Interfaces from the Name drop-down menu. The Virtual Interface determines the Source IP Address.
Enter the Interface Cost (10 is the default).
Choose an Authentication Type from the drop-down menu.
If you chose Password or MD5 in step 8, enter the Password associated text field.
In the Hello Interval field, enter the amount of time to wait between sending Hello protocol packets to directly connected neighbors (10 seconds is the default).
In the Dead Interval field, enter the amount of time to wait to receive a Hello protocol packet before marking a router as dead (40 seconds is the default).
Click Apply to save your changes.
Stub areas are shielded from external routes and receive information about networks that belong to other areas of the same OSPF domain.
Enable the Stub Area check box.
BGP is an inter-autonomous system routing protocol. An autonomous network or group of networks is managed under a common administration and with common routing policies. BGP is used to exchange routing information for the Internet and is the protocol used between Internet Service Providers (ISPs). Customer networks deploy an Interior Gateway Protocol (IGP) such as RIP or OSPF for the exchange of routing information within their networks. Customers connect to ISPs, and ISPs use BGP to exchange customer and ISP routes. When BGP is used between Autonomous Systems (AS), the protocol is called External BGP (EBGP). If a service provider is using BGP to exchange routes within an AS, then the protocol is called Interior BGP (IBGP).
BGP is a robust and scalable routing protocol deployed on the Internet. To achieve scalability, BGP uses many route parameters called attributes to define routing policies and maintain a stable routing environment. BGP neighbors exchange full routing information when the TCP connection between neighbors is first established. When changes to the routing table are detected, the BGP routers send to their neighbors only those routes that have changed. BGP routers do not send periodic routing updates, and advertise only the optimal path to a destination network. You can configure Citrix SD-WAN appliances to learn routes and advertise routes using BGP.
How To Configure BGP
To configure BGP:
- In the Configuration Editor, navigate to Connections > View Region > View Site > [Site Name] > BGP > Basic Settings.
- Click the Enable checkbox and the Advertise Citrix SD-WAN Routes checkbox if you want to advertise Citrix SD-WAN Routes. Enter an optional Router ID, and enter the number of the Local Autonomous System to learn routes from and advertise routes to in the Local Autonomous System field. The routes advertise or redistribute the SD-WAN virtual path routes to peer routes with whom adjacency or peering is established so that the peer routes are aware of being able to reach this network prefixes through the SD-WAN network.
Click Apply to enable BGP.
- Expand Basic Settings > Neighbors and click the Add (+) icon.
If there is only one Routing Domain configured, the Routing Domain column will not appear. If Identity is not checked for a specific Virtual IP Address (see the Virtual IP Address Identity section for more details), the associated Virtual Interface is not available for IP services.
For Sites with multiple Routing Domains choose a routing domain. Routing Domain determines which Virtual Interfaces are available.
Choose a Virtual Interface from the drop-down menu. The Virtual Interface determines the Source IP Address.
Enter the IP Address of the IBGP Neighbor router in the Neighbor IP field, and Local Autonomous System number in the Neighbor AS field.
In the Hold Time (s) field, enter the Hold Time, in seconds, to wait before declaring a neighbor down (the default is 180).
In the Local Preference (s) field, enter the Local Preference value, in seconds, which is used for selection from multiple BGP routes (the default is 100).
Click the IGP Metric checkbox to enable the comparison of internal distances to calculate the best route.
Click the Multi Hop checkbox to enable multiple hops for the route.
In the Password field, enter a password for MD5 authentication of BGP sessions (authentication is not required).
Configuring Route Reflectors and Confederations for iBGP is not supported in Citrix SD-WAN network.
How To Monitor Route Statistics
Navigate to Monitor > Statistics. Select Routes from the Show drop-down menu.
All functions for applicable Routes are supported in Citrix SD-WAN network regardless of whether a Route is Dynamic or Static.
Exterior BGP (eBGP)
Citrix SD-WAN appliances connect to a switch on the LAN side and a Router on the WAN side. As SD-WAN technology starts becoming more integral to Enterprise network deployments, SD-WAN appliances replace the Routers. SD-WAN implements eBGP dynamic routing protocol to function as a dedicated routing device.
SD-WAN appliance establishes neighborship with peer routers using eBGP towards WAN side and is able to learn, advertise routes from and to peers. You can select importing and exporting eBGP learned routes on peer devices. Also, SD-WAN static, virtual path learned routes can be configured to advertise to eBGP peers.
For more information, refer to the following use cases:
- SD-WAN site Communicating with non SD-WAN site over eBGP
- Communication Between SD-WAN sites Using Virtual Path and eBGP
- Implementing OSPF in one-arm topology
- OSPF Type5 to Type1 deployment in MPLS Network
- SD-WAN and non SD-WAN (third-party) appliance OSPF deployment
- Implementing OSPF using SD-WAN network with high-availability setup