Configuring Uplinks

Uplinks connect Branch Gateways to underlay networks. By default, both wired and cellular uplinks are set as active links with load balancing enabled on Branch Gateways. Branch Gateways support a total of five uplinks which include four wired uplinks and one cellular uplink.

Uplink Load Balancing

An uplink can be configured as an active uplink or as standby. The uplink load balancing feature supports both active and standby uplinks, for example, traffic can be load balanced across two wired uplinks, while the backup cellular uplink remains idle and is used when a wired link fails. When a Branch Gateway has multiple active uplinks, uplink load balancing can modify the Internet Key Exchange (IKE Internet Key Exchange. IKE is a key management protocol used with IPsec protocol to establish a secure communication channel. IKE provides additional feature, flexibility, and ease of configuration for IPsec standard.) parameters for the Branch Gateway to create multiple IPsec Internet Protocol security. IPsec is a protocol suite for secure IP communications that authenticates and encrypts each IP packet in a communication session. tunnels, one on each uplink. When multiple uplinks and IPsec tunnels are up, the layer 3 traffic can be load-balanced across these uplinks using internal routing ACLs Access Control List. ACL is a common way of restricting certain types of traffic on a physical port. and next hop lists.

WAN Bandwidth Optimization

Data compression reduces the size of data frames that are transmitted over a network link. This in turn reduces the time required to transmit the frame across the network. IP payload compression is one of the key features of the WAN Wide Area Network. WAN is a telecommunications network or computer network that extends over a large geographical distance. bandwidth optimization solution, which consists of the following elements:

IP Payload Compression

WAN optimization through IP payload compression is not supported on 7205 Branch Gateway.

Branch Gateways can send traffic to destinations other than the corporate headquarters on the same link; therefore payload compression is enabled on the IPsec tunnel between the Branch Gateway and VPNC. Dynamic compression is used for the IP payload to achieve a high compression ratio. However, compression is not applied to data, for example, an embedded image file that may already be in a compressed format.

Configuring Uplink Interfaces on Branch Gateways

For information about how to configure uplink interfaces on Branch Gateways, see Configuring Uplink Interfaces on Branch Gateways.

Source NAT VLAN

One popular type of WAN configuration across Internet Service Providers (ISP Internet Service Provider. An ISP is an organization that provides services for accessing and using the Internet.) implementing broadband services is IPoE. When using this technology, the ISP deliver an IP payload over an Ethernet Ethernet is a network protocol for data transmission over LAN.-based access network without using Asynchronous Transfer Mode (ATM). IPoE encapsulates IP datagrams in Ethernet frames using RFC Request For Comments. RFC is a commonly used format for the Internet standards documentss. 894 encapsulation.

When this is the case, Branch Gateways share a private network (and often a private IP address assigned through DHCP Dynamic Host Configuration Protocol. A network protocol that enables a server to automatically assign an IP address to an IP-enabled device from a defined range of numbers configured for a given network.  in that subnet Subnet is the logical division of an IP network.) with the ISP router. This subnet is fundamentally used for control-plane communications, like DHCP or routing protocols. Network traffic, however, is sourced from an alternative public interface assigned by the ISP. This interface is advertised to the ISP router by running dynamic routing protocol between the actual physical uplink IP of the Branch Gateway and the ISP router.

Figure 1  Source NAT VLAN

The alternative interface used to source all unicast communications (with the exception of routing protocols) is defined by configuring a VLAN Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. interface, which is set to Force operational status UP, and by adding VLAN to an uplink configuration as a Source NAT Network Address Translation. NAT is a method of remapping one IP address space into another by modifying network address information in Internet Protocol (IP) datagram packet headers while they are in transit across a traffic routing device. VLAN.

Tunnel Bandwidth Negotiation

The Gateways at the tunnel endpoints, perform tunnel bandwidth negotiation with each other, to ensure that the Gateways at the tunnel endpoints exchange their respective WAN speed and maximum bandwidth threshold values with each other. This is done to ensure that one Gateway does not send more traffic than the other Gateway can ingest.

During the tunnel bandwidth negotiation, the tunnel endpoints inform each other about the maximum bandwidth they can ingest based on the value configured in the Speed field and the percentage configured in the Tunnel max bandwidth threshold field of the Gateway uplink configuration. For more information, see Configuring an MPLS, Metro-Ethernet, or an INET Uplink.

The VPNC assigns a bandwidth contract with the tunnel to control the tunnel traffic based on traffic priority. Traffic in the high priority queue is handled first, followed by the low priority queue. Therefore, the management-plane traffic or the traffic marked as high in any session-based policy takes precedence over the rest of the traffic.

The following figure illustrates a scenario where the Gateways at both ends of a tunnel negotiate the bandwidth each other can ingest.

Figure 2  Tunnel Bandwidth Negotiation

 

Configuring an MPLS, Metro-Ethernet, or an INET Uplink

To configure an MPLS Multiprotocol Label Switching. The MPLS protocol speeds up and shapes network traffic flows. , or a Metro-Ethernet, or an INET uplink, select the uplink type from the drop-down list, and enter details for the parameters provided in the following table:

Table 1: MPLS, Metro-Ethernet, or an INET Uplink Configuration Parameters

Parameter

Description

Link Name

Specify the name of the uplink.

Interface VLAN ID

Specify the VLAN ID that you want to assign to the uplink.

Operation state

Use this check box to disable or re-enable the uplink. By default, uplinks are enabled.

Use only as backup link

By default, all uplinks operate as active uplinks. If you want to use the uplink in the standby mode, select this check box.

Bandwidth Percentage

Use this field to configure bandwidth percentage for uplink utilization. This field is available only for the Uplink utilization load balancing mode.

Source NAT VLAN

You can select a VLAN, which is set to Force operational status UP, to perform source NAT Source NAT changes the source address of the packets passing through the router. Source NAT is typically used when an internal (private) host initiates a session to an external (public) host. on all IP unicast packets exiting from an uplink.

For more information on configuring Force operational status UP, see Configuring Other Parameters for VLAN.

Speed

You can configure a custom value for uplink speed to optimize performance. The allowed range of values is 1–10000 Mbps Megabits per second. If not set, the WAN uplink speed defaults to auto-negotiated port speed for INET, MPLS, and Metro-Ethernet. Based on the speed and bandwidth threshold allowed for an uplink, Branch Gateways assign session traffic.

Weight

For Round Robin and Session Count load balancing modes, you can define a value for Weight within a range of 1–100.

By default, this is set to 10. In an active-active uplink scenario, an uplink with a higher weight is assigned more session traffic than an uplink with a lower weight.

Tunnel max bandwidth threshold

To limit the amount of traffic transmitted from an Aruba gateway, configure the maximum transmit rate based on the WAN uplink bandwidth. For example, if the bandwidth of a WAN uplink is 15 Mbps and you want to limit the traffic transmission to 1.5 Mbps, you must configure the maximum bandwidth threshold as 10%. To apply the tunnel limits, a tunnel renegotiation followed by a tunnel flap is triggered on the Branch Gateway.

NOTE: The maximum bandwidth threshold is applied on the VPNCs during the next tunnel rekey.

Configuring an LTE Uplink

To configure an LTE Long Term Evolution. LTE is a 4G wireless communication standard that provides high-speed wireless communication for mobile phones and data terminals. See 4G. uplink, select LTE from the drop-down list, and enter details for the parameters provided in the following table:

Table 2: LTE Uplink Configuration Parameters

Parameter

Description

Link Name

Specify the name of the uplink.

Connection type

Specify one of the following connection types:

By default, USB is selected.

NOTE: For a 9004-LTE Branch Gateway, the default connection type is Internal.

Interface VLAN ID

The VLAN ID assignment is not configurable for 4G Fourth Generation of Wireless Mobile Telecommunications Technology. See LTE. LTE USB and Internal uplinks. By default, VLAN ID 4095 is assigned to the 4G LTE USB and Internal uplinks.

Low frequency probe

This is a global configuration for all LTE connections. Use this check box to enable less-frequent health check probing on the LTE uplink. LTE uplinks normally have lower bandwidth compared to wired uplinks, therefore you may want to enable less frequent probing on the LTE uplinks. When Low frequency probe is enabled, health check probes are sent every 15 seconds with a burst size of 2 packets for all LTE uplink interfaces configured on the Branch Gateway.

Use only as backup link

By default, all uplinks operate as active uplinks. If you want to use the uplink in the standby mode, select this check box.

Bandwidth Percentage

Use this field to configure bandwidth percentage for uplink utilization. This field is available only for the Uplink utilization load balancing mode.

Speed

You can configure a custom value for uplink speed to optimize performance. The allowed range of values is 1–10000 Mbps. If not set, the WAN uplink speed defaults to100 Mbps for LTE. Based on the speed and bandwidth threshold allowed for an uplink, Branch Gateways assign session traffic.

Weight

For Round Robin and Session Count load balancing modes, you can define a value for Weight within a range of 1–100. By default, this is set to 10. In an active-active uplink scenario, an uplink with a higher weight is assigned more session traffic than an uplink with a lower weight.

If you have selected Internal as the Connection Type, enter details for the following parameters:

Active SIM slot

Select SIM Subscriber Identity Module. SIM is an integrated circuit that is intended to securely store the International Mobile Subscriber Identity (IMSI) number and its related key, which are used for identifying and authenticating subscribers on mobile telephony devices. 1 or SIM 2 as the active uplink.

Access point name (APN)

Enter the name of the Access Point to which the uplink connects.

Public land mobile network (PLMN)

A PLMN Public Land Mobile Network. PLMS is a network established and operated by an administration or by a Recognized Operating Agency for the specific purpose of providing land mobile telecommunications services to the public. ID is a six digit ID which is a combination of Mobile Country Code and Mobile Network Code. Each service provider has their own PLMN code. This field allows you to restrict roaming. Select Auto or Manual for the PLMN mode. If you have selected Manual, enter the PLMN ID in the text box. By default, PLMN is on Auto mode.

Mode

Select one of the following network modes:

  • Auto—This mode keeps both 3G Third Generation of Wireless Mobile Telecommunications Technology. See W-CDMA. and 4G LTE options open and switches based on availability.
  • 4G LTE—Connects to the 4G LTE cellular network and takes the default frequency band Band refers to a specified range of frequencies of electromagnetic radiation..
  • 3G—Connects to the 3G cellular network and takes the default frequency band.
  • Custom—If you want to select one of the supported frequency bands for 3G and 4G LTE, select Custom. The following fields are displayed:
    • 3g band selection—Select the desired 3G band from the drop-down list.
    • 4g LTE band selection—Select the desired 4G LTE band from the drop-down list.

    NOTE: The frequency bands are specific to the internal modem and not the SIM. You will experience an interim disruption in the cellular connectivity when a frequency band is configured. The connection is established only if the frequency band is supported in your region.

Data Usage Tracking

Turn on the toggle switch to start tracking your data usage. If this field is enabled, the options to configure data usage limit and the Billing cycle are displayed.

Data usage alert limit

Enter the data limit in megabytes (Range – 1 to 65535 MB) to be used per month. Configure an alert in the Alerts & Events page for the alert to be generated when the data usage crosses the specified limit.

Monthly Billing start date

Select the day of the month on which the billing cycle begins.

Click Save Settings after configuring all the parameters.

Configuring Uplink Interfaces on VPNCs

For information about how to configure uplink interfaces on VPNCs, see Configuring Uplink Interfaces for VPNCs

Viewing Uplink Configuration

To view the current configurations of an uplink, use the show uplink command. For more information about the command, see The CLI Bank.