EMAIL SUPPORT
dclessons@dclessons.comLOCATION
AFViptela Specific Port Terminology
Viptela Specific Port Terminology
Port 12346 is the default base port that all Viptela devices uses for its connection that handle control and traffic in overlay network.
Port Offset:
Let’s suppose, if multiple Viptela devices are installed behind single NAT, so it is necessary to configure different port number for each device so that NAT can properly identify each individual device and its connection. This can be achieved by port offset from its base value port 12346.
Let’s say, if any device is configured with port offset value 1, then the device will use 12347 port for connection. The Port offset value range from 0 to 19 and default offset value is 0.
Note: for NAT device that can differentiate among devices and its connection behind NAT, then in this case you don’t have to configure port offset.
Port Hopping:
It is a process or method through which devices can try or use different ports when they are trying to establish connection with each other if connection attempt to first port fails. And if this happens, the port value is incremented and connection is again re-attempted with new port.
This process, rotates through a total of five base port.
Now let’s say that port offset is not configured then the device will use default port 12346 and pot hopping is done among following ports 12346, 12366, 12386, 12406, 12426 and then return to original port 12346.
Now let’s say that port offset is configured then the initial port value is used and next port is incremented by 20.
For example, port offset value is 3, then initial port is 12349, and its subsequntial port would be 12369, 12389, 12409, 12429 and returning port would be 12349.
vEdge router uses port hopping when it tries to make connection with vManage, vBond and vSmart.
vSmart and vManage are normally installed behind NAT device, so port hopping is not needed. vBond always uses to other Viptela devices using port 12346 and they never use port hopping.
Below dig best describe how port hopping works well if device uses 12346 and connection is not succeed with in certain time, router will hop to next base port.
Why Port Hopping is used:
When vBond orchestrator crashes, the vManage may lose or close all its control connection. Then vManage NMS use port hopping to establish connection to vSmart controller on different port.
All control sessions on all vSmart controllers go down, and BFD sessions on the vEdge routers remain up. When any one of the vSmart controllers comes back up, the BFD sessions on the routers go down and then come back up because the vEdge routers have already port hopped to a different port in an attempt to reconnect to the vSmart controllers
Port used by vEdge Routers:
Base port 12346 is used by vEdge router to establish DTLS connections and the same port is used by vEdge router for IPSEC connection and BFD sessions to other vEdge router in the overlay network. And if the port offset is used or configured, then the port offset rule and port hopping rule will be used.
LEAVE A COMMENT
Please login here to comment.