Path Labels¶
Overview¶
Path labels offer a powerful way to organize networks and tunnels in flexiWAN. With it, users can define unique underlay networks capabilities:
Assign an interface to an underlay network type so operations such as tunnel creation or policies defined with labels (logical name) and not with interfaces (specific per device)
Have a granular control on how tunnels are created. With Path Labels it’s possible to create multiple tunnels using a given interface and specify the exact underlay network connectivity
Use application based routing through Path Selection, to configure outgoing traffic categories such as public services or applications per specified interfaces.
This is depicted in the example below. In the next image the Green and Blue labels represent two separate underlay networks, where each can represent an ISP or any logical underlay network.
Each physical WAN interface can be assigned to an underlay network by assigning one or more Path Labels to it. WAN Interfaces can have a single Path Label or multiple ones. It’s also possible not to assign any Path Label to an interface, however multiple more advanced features such as Path Seleciton rely on Path Labels as well. With Path Labels and Path Selection functionality, one can configure traffic routing across internet breakout interfaces or a specific tunnels.
There are two Path Label types:
Tunnel - used for establishing tunnels between multiple devices. Tunnels can be established between same Path Label assigned on multiple devices.
DIA - Direct Internet Access, used for local internet breakout traffic. DIA labels are used togehter with Path Selection, our application based routing functionality. In this case traffic can be routed through the specific DIA interface.
With the introduction of Path Labels, tunnels functionality is greatly enhanced. When creating tunnels one can select specific or all Path Labels. For example, one can label interfaces per:
Link type, e.g. “Coax”, “Fiber” or LTE
Per ISP, such as ISP1 and ISP2
any other type of labeling, such as “blue” or “green” labels.
flexiWAN can establish tunnels between two or more devices even without Path Lables, however when using Path Lables users can have much more control over which interfaces are used for tunnels. Interfaces without path labels are considered part of an unlabeled underlay network. Tunnels can be created between unlabeled interfaces, however it is not possible to combine interfaces with Path Labels with those without.
In the upcoming flexiWAN versions, we will greatly enhance the Path Labels functionality with more SD-WAN capabilities such as policies for enabling traffic classification and filtering (L3/L4 as well as L7/application). Users will be able to use Path Labels for routing, failover or load balancing by applications.
Creating Path Labels¶
To create a new underlay network, first define a new path label in the Inventory -> Path Labels menu.
Click on the “New Label” button to create a new path label.
Fill in the name and description, choose a color or even add your own color (in hex). It’s important to note the “Direct Internet access” option, which allows reserving the label strictly for internet breakout. This means that all traffic going through this path label will be using internet breakout, and will not go over a tunnel. If an interface has “Direct Internet Access” Path Label assigned to it, it will not be possible to use it for tunnels
Below is an example of how we can configure Path Labels. In this example we have added labels to differentiate between ISPs as well as connection types.
For a real-world example, let’s say there are several remote sites (stores) and a single datacenter site. We want to connect each remote site to the datacenter. Create the Path Labels as shown in the following image.
In this example, both remote sites and the datacenter site have two WAN connections, each connected to two different ISPs. After creating tunnels between the sites and datacenter, the tunnel page will show 6 tunnels.
This is just an example of the various configuration options that can be set using Path Labels.
Assigning Path Labels¶
After creating Path Labels, assign them to the device interfaces to associate them to the underlay network. Navigate to the Inventory > Devices and open Device Info. From there go to the “Interfaces” tab.
The device interfaces without any assigned Path Labels will look as the following screenshot.
In order to assign a Path Labels, select the desired label from the drop down menu. Do the same for all the interfaces you want to label and then click the “Update Interfaces” button.
For the purpose of this documentation, we have assigned separate Path Labels for each of the two WAN interfaces on this device, defining each interface with its own ISP label.
Path Labels and Tunnels¶
After creating and assigning Path Labels to the device interfaces, creating tunnels offers greater functionality. Selecting two or more devices from Inventory and creating tunnels will offer an option to select path labels.
Within the “Select path labels…” drop down menu all previously created path labels are displayed.
For the purpose of this document, we have two flexiEdge devices with two WAN interfaces each. On each device WAN1 has an ISP1 label assigned to it and WAN2 is using ISP2. We will use these devices in the next three examples.
Creating tunnels with a specific Path Label
Selecting a specific Path Label will create a full mesh tunnel for all selected devices that are assigned with the selected label. In this case we have added a single tunnel using the ISP1 label, while ISP2 Path Label and interface was not used.
Creating tunnels with “ALL” Path Labels
Selecting “ALL” will create tunnels using all Path Labels assigned to the devices interfaces. In this case, it will add two tunnels as each flexiEdge device has two WAN interfaces, with assigned Path Labels ISP1 and ISP2 respectively.
Creating tunnels without Path Labels
Creating tunnels without selecting any Path Labels is possible. In this case, the tunnels are being created for all selected devices between the unlabeled interfaces.