...
System Design
Working Flow
Assumption
...
IP
- Central Cloud has public IP as CIP
- Traffic Hub has public IP as HIP1 HIP2, ...
- Edge Location may have public IP in one edge node as EIP1, ... or don't have public IP (behind a gateway as EGIP1, ...)\
...
- Edge to Edge: Host to host
- Edge to Hub: Host (edge) to Site (Hub, using edge's subnet as rightsubnet)
- Hub to Hub: Host to Host
Open:
- Assume control Control plane and data plane share the same interfaces in Hub? Edge Location?
- Control plane IPSec tunnel between Central Cloud with Hub is setup during Hub registeration in Central Cloud
- Control plane IPSec tunnel between Central Cloud with Edge location (with public IP) is setup during edge location registeration in Central Cloud
- Control plane IPSec tunnel between Central Cloud with Edge location (with private IP) is setup during edge location setup (depedency to check: IPsec tunnel for Initiator to Responder requires Responder to be run first)
Environment Setup (Pre-condition)
Central Cloud (assume pubic ip is CIP)
- K8s cluster is setup (by Kud)
- Web UI, API Server, SDEWAN controller, DB service are deployed (through EMCO)
- Central SDEWAN Config Agent and CNF are deployed (through EMCO) with initial configuration (e.g. as Responder)
Edge Hub (assume public ip is HIP1, …)
- K8s cluster is setup (by Kud)
- Hub SDEWAN Config Agent and CNF are deployed (through EMCO) with initial configuration (use its public IP as left)