VMware Hands-on Labs - HOL-1940-01-NET


Lab Overview - HOL-1940-01-NET - Getting Started with VeloCloud by VMware

Lab Guidance


Note: It may take more than 90 minutes to complete this lab. You should expect to only finish 2-3 of the modules during your time.  The modules are independent of each other so you can start at the beginning of any module and proceed from there. You can use the Table of Contents to access any module of your choosing.

The Table of Contents can be accessed in the upper right-hand corner of the Lab Manual.

Explore VMware NSX SD-WAN by VeloCloud including the key components and architecture. Review options for troubleshooting and diagnostics.                                    

Lab Module List:

 Lab Captains: 

 

This lab manual can be downloaded from the Hands-on Labs Document site found here:

http://docs.hol.vmware.com

This lab may be available in other languages.  To set your language preference and have a localized manual deployed with your lab, you may utilize this document to help guide you through the process:

http://docs.hol.vmware.com/announcements/nee-default-language.pdf


 

Location of the Main Console

 

  1. The area in the RED box contains the Main Console.  The Lab Manual is on the tab to the Right of the Main Console.
  2. A particular lab may have additional consoles found on separate tabs in the upper left. You will be directed to open another specific console if needed.
  3. Your lab starts with 90 minutes on the timer.  The lab can not be saved.  All your work must be done during the lab session.  But you can click the EXTEND to increase your time.  If you are at a VMware event, you can extend your lab time twice, for up to 30 minutes.  Each click gives you an additional 15 minutes.  Outside of VMware events, you can extend your lab time up to 9 hours and 30 minutes. Each click gives you an additional hour.

 

 

Alternate Methods of Keyboard Data Entry

During this module, you will input text into the Main Console. Besides directly typing it in, there are two very helpful methods of entering data which make it easier to enter complex data.

 

 

Click and Drag Lab Manual Content Into Console Active Window

You can also click and drag text and Command Line Interface (CLI) commands directly from the Lab Manual into the active window in the Main Console.  

 

 

Accessing the Online International Keyboard

 

You can also use the Online International Keyboard found in the Main Console.

  1. Click on the Keyboard Icon found on the Windows Quick Launch Task Bar.

 

 

Click once in active console window

 

In this example, you will use the Online Keyboard to enter the "@" sign used in email addresses. The "@" sign is Shift-2 on US keyboard layouts.

  1. Click once in the active console window.
  2. Click on the Shift key.

 

 

Click on the @ key

 

  1. Click on the "@ key".

Notice the @ sign entered in the active console window.

 

 

Activation Prompt or Watermark

 

When you first start your lab, you may notice a watermark on the desktop indicating that Windows is not activated.  

One of the major benefits of virtualization is that virtual machines can be moved and run on any platform.  The Hands-on Labs utilizes this benefit and we are able to run the labs out of multiple datacenters.  However, these datacenters may not have identical processors, which triggers a Microsoft activation check through the Internet.

Rest assured, VMware and the Hands-on Labs are in full compliance with Microsoft licensing requirements.  The lab that you are using is a self-contained pod and does not have full access to the Internet, which is required for Windows to verify the activation.  Without full access to the Internet, this automated process fails and you see this watermark.

This cosmetic issue has no effect on your lab.  

 

 

Look at the lower right portion of the screen

 

Please check to see that your lab is finished all the startup routines and is ready for you to start. If you see anything other than "Ready", please wait a few minutes.  If after 5 minutes your lab has not changed to "Ready", please ask for assistance.

 

Module 1 - Overview of SD-WAN (15 minutes)

Introduction


In this module, we will talk about Software-Defined WAN and why the technology is important for modern business requirements.

This Module contains the following lessons:


Overview of SD-WAN


SD-WAN offers compelling advantages for distributed organizations  with critical branch operations, including the benefits of business  agility, improved application performance, and lower cost of bandwidth. In this module, we will try to highlight those advantages and how enterprises can benefit from them.


 

Defining Software-Defined WAN

SD‐WAN uses software and cloud‐based technologies to simplify delivery of WAN services to branch offices. Software‐based virtualization enables network abstraction that results in simplification of network operations. SD‐WAN enables IT and business managers to deploy Internet‐based connectivity (with its benefits of ubiquity, high bandwidth and low cost) easily, quickly and with quality, reliability and security.

SD-WAN Benefits

SD‐WAN provides a wide range of benefits for distributed organizations, including:

  1. Business agility. Rapid deployment of WAN services (such as bandwidth and firewall) to distributed branch operations without the need to send IT personnel on‐site. Bandwidth can be easily added (with additional circuits) or reduced as business requirements evolve.
  2. Internet economics. Internet connectivity (including cable, DSL and ethernet) is widely available, quick to deploy, and a fraction of the cost of equivalent MPLS circuits. SD‐WAN provides the benefits of reliable, secure WAN service at Internet price points.
  3. Optimized cloud architecture. SD‐WAN eliminates the backhaul penalties of traditional MPLS networks and leverages the Internet to provide secure, high‐ performance connections from the branch to cloud. With SD‐WAN, remote users will see significant improvements in their experience when using the cloud/SaaS‐based applications.

SD‐WAN Considerations

If you’re an IT or business manager, consider the following criteria when evaluating SD‐WAN deployments:

  1. Ease of adoption and management. A key benefit of SD‐WAN is that it makes deploying WAN services at the branch fast and simple. SD‐WAN solutions must be straightforward to deploy, and they leverage centralized provisioning to eliminate the need for trained personnel to visit remote sites.
  2. Ability to migrate to hybrid WAN. The majority of distributed organizations already have MPLS deployed to the branch offices. Organizations should be able to seamlessly deploy SD‐WAN solutions (Internet circuits) without changing the existing MPLS network. Those organizations can over time, migrate traffic growth toward cost‐effective Internet bandwidth.
  3. Automation – traffic steering. SD‐WAN gives organizations the ability to prioritize traffic. The key is providing managers with easy‐to‐use tools for setting priorities and with features that automatically changes traffic flows according to current network conditions.

 

 

Common business use cases for SD-WAN

Businesses need to be close to their customers at the branches and to support the organization’s growth. Enterprises grow by adding more branches to serve customers where they are, and every branch is growing bigger to be the hub of multiple services for the customers. Both types of growth require enterprises to be agile, to expand current network infrastructure and be able to provision more services per branch. SD‐WAN solutions include features to eliminate the bottlenecks of hardware‐based static architectures:

 

 

 

SD-WAN Features

In a nutshell, SD‐WAN

More information on the above topics will be discussed later in the coming modules. You can also refer to the whitepapers and reports section on the VeloCloud website.

 

 

What SD-WAN is not

SD‐WAN is a comprehensive solution comprised of many components. It does not include traditional WAN optimization.

 

 

NSX SD-WAN by VeloCloud At-a-Glance

 

NSX SD-WAN by VeloCloud enables enterprises to securely support application growth, network agility, and simplified branch implementations. At the same time NSX SD-WAN delivers high-performance, reliable branch access to cloud services, private data centers, and SaaS-based enterprise applications. SD-WAN technology is ideal for customers looking for flexibility in network connectivity options that can augment MPLS. SD-WAN can provide a cost-effective, agile, and scalable fabric for the digital era, and improve overall TCO for branch connectivity.

 

 

 

The VMware Advantage

 

Why is VMware® well positioned to deliver on this new way of networking and security behind the idea of an enterprise cloud network?  

6 years ago, VMware® set out to redefine networking in the data center. As a result, VMware has become the leading provider of Network Virtualization/SDN to the enterprise.

While VMware® had solved our customer needs as it's related to data center networking, many of our customers were looking to gain the same controls and capabilities in the public cloud.

NSX SD-WAN by VeloCloud targets Enterprises in every vertical industry with an initial focus on retail, manufacturing, healthcare, and services companies with 15 or more branch locations. NSX SD-WAN also tightly integrates with Service Provider network by placing SD-WAN components in SP network. The key advantage to SP (Service Provider) is the Multi-Tenancy aspect of the solution along with last mile protection for the user traffic. NSX SD-WAN by VeloCloud offers an easy to deploy solution which is provisioned through a cloud-based configuration and monitoring portal. NSX SD-WAN by VeloCloud is delivered through a combination of distributed gateways located in the cloud which are connected to edge devices located in each branch office.

NSX SD-WAN by VeloCloud offers the unique ability for Enterprises to keep their existing WAN. NSX SD-WAN by VeloCloud interoperates with the existing WAN while providing the ability for the Enterprise to add additional, reliable capacity via other links such as one or more Internet, cellular, private  or other links. NSX SD-WAN by VeloCloud provides a smooth migration strategy allowing Enterprises to begin with a small number of users (as low as a single user or more) with the ability to scale to hundreds of thousands of users at their own pace.

The following challenges are addressed:

  1. Security
  2. Mobile device proliferation (BBYOD: beyond bring your own device)
  3. SaaS adoption by rogue users, shadow IT and sanctioned IT
  4. Broadband Internet growth compared to traditional leased line (scale and geography)
  5. Application demands by business operations (revenue and competitive)

 

 

Conclusion


This concludes our first chapter on the Overview of SD-WAN. In this module, you learned about SD-WAN and the business benefits it can help provide your company. In the next modules, we will focus more on NSX SD-WAN by VeloCloud.


 

You've finished Module 1

Congratulations on completing  Module 1.

If you are looking for additional information on NSX SD-WAN by VeloCloud, try one of these:

Proceed to any module below which interests you most.

 

 

How to End Lab

 

To end your lab click on the END button.  

 

Module 2 - Key Components and Architecture (15 minutes)

Introduction to NSX-SD WAN by VeloCloud


NSX SD-WAN is the first solution to provide all three elements needed to achieve an enterprise grade, Cloud-Delivered SD-WAN:

This Module contains the following lessons:


VMware NSX SD-WAN by VeloCloud Key components and Architecture


In this lesson, we will introduce the NSX-SD WAN Solution in more detail. We will discuss the value, components and architecture of the solution of adopting NSX SD-WAN by VeloCloud solution:

VMware NSX SD-WAN by VeloCloud is the only SD-WAN solution supporting data plane services in the cloud, in addition to on-premise deployments; enabling policy-based access to cloud and data center applications. NSX SD-WAN leverages the economics of the cloud to offer a SaaS like subscription price model to ease adoption and pay as you grow.

 


 

VMware NSX SD-WAN by VeloCloud Advantages

 

NSX SD-WAN solution is a logical overlay network:

The first benefit is SIMPLIFYING the management of WAN's (Wide Area Networking) especially as IT wants the flexibility to use multiple circuits all while simplifying configuration and ongoing management. This starts with deployment also known as  zero-touch branch deployments.

The second unique benefit of our approach is to assure the performance of critical applications.

Finally, we support the migration of apps to the cloud.

 

 

Architecture Overview

NSX SD-WAN is a comprehensive platform for Enterprises and Service Providers.

 

 

Enterprise Deployment

 

In an Enterprise deployment model with branch edges creating overlay tunnels to gateway and hub devices. Simplified and secure VPN tunnels are established from branch to gateway and from branch to hub devices. Also supported are dynamic branch to branch links.

 

 

Service Provider Deployment

 

NSX SD-WAN supports tight integration with Service Provider network topologies. Gateways are usually found in Service Provider MPLS networks supporting multi tenancy.

 

 

Component Overview

 

The NSX SD-WAN solution has three main components:

Edge (VCE) - highlight location flexibility (cloud, dc, branch), form factor flexibility 

Orchestrator (VCO) - Virtual, Multi-tenant, highlight simplicity and no CLI, enables fast ramp of IT teams, less need for skilled resources, monitoring and troubleshooting are key, API Integration (eg AT&T leverages APIs)

Gateway (VCG) - Virtual, Multi-tenant with functions on data plane and control plane, VCG has global presence with partnerships with major service providers. Supports both cloud and on-premise model.

 

 

NSX SD-WAN Edge

 

The NSX SD-WAN Edge is deployed on-premises and optimizes traffic between customer branch, data center and/or cloud locations.

The NSX SD-WAN Edge is a compact, thin edge device that is zero-touch provisioned from the cloud for secure, optimized connectivity to applications and data. The NSX SD-WAN Edge is also available as a VNF (virtual network function) for instantiation on a virtual CPE platform. The NSX SD-WAN Edge with Dynamic Multi-Path Optimization (DMPO) and Deep Application Recognition (DAR) aggregates multiple links (e.g. Private, Cable, DSL, 4GLTE) and steers traffic over the optimal links in a dynamic fashion. These edges can be instantiated from AWS/Azure cloud.

 

 

NSX SD-WAN Orchestrator

 

The NSX SD-WAN Orchestrator is the centralized management portal that is used for configuration, monitoring, testing and troubleshooting the NSX SD-WAN. The cloud based NSX SD-WAN Orchestrator is used to provision network-wide business policy, enable services insertion, perform real-time monitoring and analyze application performance.

 

 

NSX SD-WAN Cloud Gateway

The NSX SD-WAN Gateway optimizes traffic between customer branch and data center locations and cloud (SaaS, IaaS) sites. NSX SD-WAN Gateways can also be used to extend SD-WAN connectivity from branches to legacy datacenters that do not have NSX SD-WAN Edge. The NSX SD-WAN Gateway also performs control plane as a route reflector for the SD-WAN overlay.

The NSX SD-WAN Edge can also optionally connect to the system of global NSX SDWAN Gateways to provide performance, security and visibility for cloud services (SaaS, IaaS, B2B Internet). This system of NSX SD-WAN Gateways is deployed globally at top-tier cloud data centers to provide scalable and on-demand cloud network services.

 

 

Core Features

There are seven core features that are central to the NSX SD-WAN platform.

 

 

Core Feature #1: Zero-Touch Deployment

 

 

 

Core Feature #2: Dynamic Path Selection

 

 

 

 

 

 

Core Feature #4: Cloud VPN

 

 

 

Core Feature #5: Multi-Tenancy

 

All the VMware NSX SD-WAN by Velocloud components, Orchestrator and the Gateways, are multi-tentant in nature.

 

 

Core Feature #6: Segmentation

 

Segmentation is essential for isolating different types of traffic while maintaining specific business policies, such as segmenting PCI traffic from corporate traffic and guest Internet traffic. Customers can enable the creation of separate and unique topologies and rules for each segment, and the segments are carried forward the entire network seamlessly.

 

 

Core Feature #7: Virtual Network Function

 

NSX SD-WAN core features will be discussed in greater detail in the next module.

 

Conclusion


In this module, we've taken a closer look on the overall architecture of NSX SD-WAN. We've also identified the major components along with the key features that differentiate NSX SD-WAN versus any other solution in the market.


 

You've finished Module 2

Congratulations on completing  Module 2.

If you are looking for additional information on [NSX SD-WAN by VeloCloud], try one of these:

Proceed to any module below which interests you most.

 

 

 

How to End Lab

 

To end your lab click on the END button.  

 

Module 3 - Features and Product Tour (60 minutes)

Introduction


In this module, we will take product tour and check-out some of the most useful features of NSX SD-WAN Orchestrator.


Hands-on Labs Interactive Simulation: Features and Product Tour


This part of the lab is presented as a Hands-on Labs Interactive Simulation. This will allow you to experience steps which are too time-consuming or resource intensive to do live in the lab environment. In this simulation, you can use the software interface as if you are interacting with a live environment.

  1. Click here to open the interactive simulation. It will open in a new browser window or tab.
  2. When finished, click the “Return to the lab” link to continue with this lab.

The lab continues to run in the background. If the lab goes into standby mode, you can resume it after completing the module.


Conclusion


In this module, we've taken a closer look on the overall architecture of NSX SD-WAN. We've also identified the major components along with the key features that differentiate NSX SD-WAN versus any other solution in the market.


 

You've finished Module 3

Congratulations on completing  Module 3.

If you are looking for additional information on [NSX SD-WAN by VeloCloud], try one of these:

Proceed to any module below which interests you most.

 

 

Module 4 - Advanced Topics (30 minutes)

Introduction


Zero Touch Provisioning

Zero Touch Provisioning is a feature that allows us to easily deploy and scale across hundreds of sites. This feature simplifies the entire process of edge activation.

Zero-touch provisioning of a NSX SD-WAN Edge is accomplished via the VeloCloud Orchestrator. With the Orchestrator, sites can be brought online in matter of few minutes in a true zero touch fashion. NSX SD-WAN Edges automatically authenticate, connect, and receive configuration instructions from the Orchestrator.

The Orchestrator supports both push and pull activation options for secure on-boarding. With these options, technical personnel do not have to be sent to remote customer sites for installation and activation.

This Module contains the following lessons:


Zero Touch Provisioning


In this module we will be working on two main tasks:

  1. Activation for a new Branch site.
  2. Configuring LAN side of the Edge Device.

 

Activation for a new Branch site

 

Before starting the lab, let us understand the NSX SD-WAN Zero Touch Provisioning feature

The current lab focuses on the Pull Activation process. In this Pull Activation model, the Edge device is shipped to the customer site with a factory-default image. Prior to activation, the Edge contains no configuration or credentials to connect to the enterprise network.

Two simple steps for the Activation of Edge device: (A) Provisioning & (B) Activation

Provisioning: On the Orchestrator, the Enterprise administrator (operator) creates a new Edge in the customer account. At this time, an activation key is generated which can be emailed to the person installing the device.

Activation: The person (remote admin) installing the device will receive both an activation email as well as instructions to complete the installation. Part of these instructions is to connect power and Internet links to the device. The installer next connects to a temporary wireless network the Edge emits or connects to one of the wired LAN ports and opens the activation email and clicks on the activation link. At this time, the Edge will phone home to the Orchestrator and bind itself to the correct enterprise and profile context. At this point the Edge downloads all relevant policies, updates and settings and makes these effective.

By the end of the lab, the Virtual Edge device status from the Orchestrator will show as Activated. All the WAN link information will get auto-populated with the activation process.

In this lab exercise, Virtual edge is used for activation.

VeloCloud Orchestrator (VMware NSX SD-WAN Orchestrator), also referred to as VCO in the lab

 

 

Topology

 

The following information will be used to configure the virtual edge in the lab.

With the successful activation, ISP name, IP address, interface and the bandwidth for each of the WAN links will be auto discovered. This is done by the Edge device running a WAN bandwidth test with the SD-WAN Gateway component.

 

 

Provisioning and Activating an new Branch site

In this exercise, End user will activate a Branch site. Branch site has a Virtual Edge with 2 internet links connected. Internet links have DHCP based WAN addresses. Once the edge device is activated successfully, all the WAN information is auto-discovered and pre-populated.

Read before you start

For this lab exercise, Activation process requires access to email client and server. As we dont have access to email, end user will access the Orchestrator from the client machine to access the Activation link. Client machine is connected to the LAN side of the edge device.

 

 

Configuring LAN side of the Edge device

This lab wil help you understand how to configure the edge device.

In this exercise, we will configure the LAN side for the edge device. Client machines which are part of the LAN subnet will use the Edge device to get Internet connectivity.

For this lab, you will configure the LAN subnet and also enable the Edge device to be the DHCP server for LAN subnet.

Configuration can also be performed on a unactivated edge device. When the edge device gets activated, Orchestrator will push the configuration to the edge device

With Edge device being the DHCP server for LAN subnet 192.168.6.x/24, Chicago Client machine will get the new IP address from Subnet 192.168.6.x

 

Conclusion


In this module we have successfully provisioned a new branch site using Zero Touch Provisioning and we have also configured the netwok access for the edge device and verified connectivity


 

You've finished Module 4

Congratulations on completing  Module 4.

If you are looking for additional information on [NSX SD-WAN by VeloCloud], try one of these:

Proceed to any module below which interests you most.

 

 

 

How to End Lab

 

To end your lab click on the END button.  

 

Module 5 - Troubleshooting and diagnostics (30 minutes)

Introduction


 

VMware NSX SD-WAN Orchestrator (VCO) is an essential component of the SD-WAN solution where enterprise administrators can configure, monitor and troubleshoot the entire SD-WAN Network.

 

  1. Orchestrator Monitoring includes: Site monitoring like Link statistics, Link Quality score card (QoE), Application level analytics, Business priority, Network service monitoring and more. Different type of alerts and how to check them along with events.
  2. Built in Troubleshooting Tools : included tools are ping, traceroute, list path , routing table list and many more.

QoE: Quality of Experience (QoE) rating for WAN links

The QoE screen shows the VeloCloud Quality Sore (VQS) for each of the  links and rates them on a scale from 0 through 10 on how well the links  perform to carry a certain type of traffic (Voice in the default case)

This Module contains the following lessons:


Monitoring and Troubleshooting


In this portion of the lab user will understand the Monitoring capabilities and the Built-in troubleshooting Tools available from the Orchestrator


 

NSX SD-WAN Orchestrator Monitoring

As we move forward in understanding the concept, there will be series of mini labs to be executed

 

Conclusion


In this module, we learned about some of the many Monitoring capabilities and Built-in troubleshooting tools available out of the box from the VCO.


 

You have finished Module 5

Congratulations on completing  Module 5.

If you are looking for additional information on [NSX SD-WAN by VeloCloud], try one of these:

Proceed to any module below which interests you most.

 

 

 

How to End Lab

 

To end your lab click on the END button.  

 

 

Instructions (Not to copied into actual HOL manual)

 

Conclusion

Thank you for participating in the VMware Hands-on Labs. Be sure to visit http://hol.vmware.com/ to continue your lab experience online.

Lab SKU: HOL-1940-01-NET

Version: 20181104-145841