Topology
This chapter describes how to configure the topology for a SteelHead with RiOS 9.0 and later. This chapter includes the following sections:
This chapter requires you be familiar with
QoS Configuration and Integration,
Path Selection, and the secure transport information in
Overview of Secure Transport and the
SteelCentral Controller for SteelHead Deployment Guide Version 9.0 or later.
For more information about configuring topology for QoS, see
Configuring Topology.
Introduction to the Topology Concept
A topology consists of networks and sites. Path selection, QoS, and secure transport can use a common topology that you configure once, and then the topology simplifies configuration by providing a building block that you can reuse.
The information contained in the topology definition is used by RiOS to perform certain functions like path monitoring or bandwidth calculation for QoS without requiring further input. The topology provides the SteelHead with:
• which networks it is connected to.
• which of its interfaces are used to connect to these networks.
• how much bandwidth is available.
• which networks to use to connect to a SteelHead at a remote sites.
• how much bandwidth is available to send traffic to a remote site.
Defining a Network
Within a topology, network is a label for a connection to an available WAN. In other words, it is the WAN cloud that sites use to communicate with each other. The network describes the type of transport available for traffic. Name your networks with descriptions such as Primary MPLS or Internet.
The default network is My WAN. My WAN is a private network and associated with the in-path interfaces and the primary interface of the local site. Riverbed recommends that you change the name to a more descriptive one. Because an uplink must connect to a network, Riverbed recommends that you add a management network for managing the SteelHead and connect the primary interface to the My WAN network.
If you use the primary interface to join a Microsoft Windows domain, you must create a network accordingly.
The configuration parameters of a network are as follows:
• Name - The name of your network.
• Public network - Tells the SteelHead if the network is a public or a private network. If you define your network as a public network by selecting the check box, the SteelHead assumes that the traffic sent to this network traverses a device that performs NAT. The public network option only takes effect if you also configure secure transport, which is available when configuring the SteelHead using the SCC.
You can only set the Secure option when you configure the SteelHead using the SCC.
To configure a network, choose Networking > Topology: Sites & Networks, and select Add a Network (
Figure: Add a Network).
Figure: Add a Network
Defining a Site
Within a topology the site defines the configuration parameters, which are necessary to connect the site to a network. You can also view a site as a remote office, branch office, or data center. You must define a site to use the QoS, path selection, and secure transport features. Two sites are configured by default, which have special characteristics:
Note: You configure Secure Transport using the SCC 9.0 or later.
The configuration parameters of a site are as follows:
• Site name - A descriptive name for the site.
• Subnets - IP addresses of the subnets existing within the site.
• SteelHead peers - The IP addresses of the remote SteelHeads that are reachable from the SteelHead you are configuring. The IP addresses you enter in this field are probed to determine if a path to this IP address exists and if the address is reachable. If you want to configure GRE encapsulation or secure transport, this IP address must be the in-path interface IP address of a SteelHead. If not, this IP address can be a server or routers interface.
• QoS Profiles Inbound and Outbound - A set of classes and rules to be used for QoS.
• Uplinks - Connects the site to a network. A site can have a single or multiple uplinks to the same network and can connect to multiple networks. You can use multiple uplinks to the same network for redundancy. You must specify, per uplink, the bandwidth available for uploading and downloading data. The values of the configured bandwidth are used by RiOS to calculate the bandwidth available for traffic for inbound and outbound QoS configurations. In combination with the bandwidth configuration of the local sites uplink, the SteelHead can calculate the oversubscription factor in case the sum of the bandwidths of the remote sites to a network is greater than the bandwidth of the local site to the same network.
This configuration is a simplification compared to RiOS versions prior to 9.0 because the oversubscription factor is automatically computed and applied to the sites with the initial configuration of sites and when a new site is added.
Consider the following:
– The bandwidth configured for the uplinks in the sites is also used to calculate the bandwidth for class tree for QoS.
– If you do not specify a bandwidth for an uplink, the link speed of the in-path interface is used by default.
To configure a site, choose Networking > Topology: Sites & Networks, and select Add a Site (
Figure: Edit Uplinks on a Local Site).
Figure: Add a Site
Configuring the Local Site
The local site is the physical location of the SteelHead you are connected to and which you are actively configuring. Local sites have special characteristics. In contrast to a configuration of a SteelHead using the SCC, configuring a SteelHead using the SteelHead Management Console is configuring a single appliance. This means that the SteelHead to configure is the point of view to the topology. For example, you connect to the data center and configure on the data center SteelHead all the remote sites. Then you connect to a remote site, which now becomes the local site, and the data center becomes a remote site. Next, you need to configure gateways for your new local site, which you did not have to do when it was a remote site.
Note: Keep in mind that the point of view to the topology changes when connecting to the next SteelHead to configure.
In the local site, you configure the uplink bandwidth for uploading and downloading data and with the IP address of the gateway to the network the uplink connects to. If you do not have gateway configured, the default gateway of the in-path interface is used.
In some deployment scenarios, the default gateway of the in-path interface points to the LAN side of the SteelHead. When you configure path selection, Riverbed recommends that the gateway to a network points to the WAN side of the SteelHead to avoid packet ricochet.
You also configure the probe settings for path selection in the uplink of the local site.
To configure uplinks for the local site, choose Networking > Topology: Sites & Networks, select Edit a Site from an existing local site, and scroll down to Uplinks (
Figure: Edit Uplinks on a Local Site).
Figure: Edit Uplinks on a Local Site
The primary interface of the local site also connects to the My WAN network by default. If you are using the primary interface for the SteelHead management, or to integrate with a Windows domain, you might need to configure a separate network to connect the primary interface.
Configuring the Default Site
The default site catches traffic that is not destined to a configured site, such as traffic to the internet or traffic that does not match any of the subnets configured within any of the site definitions.
The default site does not have an uplink configured by default. Without a configured uplink, the interface physical bandwidth is used for traffic the default site catches.
If you are using QoS on the SteelHead, Riverbed highly recommends that you configure an uplink for the default site and assign an appropriate bandwidth to it.
To configure uplinks for the default site, choose Networking > Topology: Sites & Networks, select Edit a Site, and select Add New Uplink.