Service Chaining - Order of Operation

Service Chaining - Order of Operation

The Cisco SD-WAN Edge devices advertise the services available in their networks to the vSmart controller by using the OMP for service route advertisement. This advertisement is a service route and it provides all the information required by the Cisco SD-WAN Edge devices to route the traffic to the service.

The OMP service route contains these Subsequent Address Family Identifier (SAFI) attributes:

• VPN ID (vpn-id): Identifies the VPN that the service belongs to.

• Service ID (svc-id): Identifies the advertised service:

  1. FW, for firewall (maps to svc-id 1)

  2. IDS, for Intrusion Detection System (maps to svc-id 2)

  3. IDP, for Identity Providers (maps to svc-id 3)

  4. netsvc1, netsvc2, netsvc3, and netsvc4 are reserved for custom services (they map to svc-id 4, 5, 6, and 7, respectively)

• Label: For traffic that must traverse a service, the Cisco vSmart controller replaces the label in the OMP route with the service label to direct the traffic to that service.

• Originator ID (originator-id): The IP address of the Cisco SD-WAN device that is advertising the service.

• TLOC: The transport location address of the Cisco SD-WAN device that is hosting the service.

• Path ID (path-id): An identifier of the OMP path.

Cisco SD-WAN Edge devices advertise services to the vSmart controllers through OMP as service routes. The vSmart controllers record the service routes in the OMP routing database per VPN.

The policy on the vSmart Controller changes the next hop for the OMP routes to the service landing point. You can reroute the traffic to the service by using control or data policies.

With control policies, the vSmart controller essentially changes the next hop for a certain route and it impacts all traffic towards a certain destination. In such a scenario, it is the vSmart that enforces the policy and steers certain traffic to a service chain.