Information About Cisco SD-WAN Controller Route Filtering by TLOC Color
Minimum releases: Cisco IOS XE Catalyst SD-WAN Release 17.11.1a, Cisco Catalyst SD-WAN Control Components Release 20.11.1
Using route filtering, Cisco SD-WAN Controllers can reduce the number of routes that they advertise to routers in the network, to exclude routes that are not relevant to a particular device. The filtering is based on the colors of TLOCs on each device: For each individual router, the Cisco SD-WAN Controller advertises only routes that are compatible with one or more of the router's TLOCs.
Benefits
Advertising fewer routes offers the following benefits:
-
Avoids reaching the send path limit:
Cisco SD-WAN Controller route filtering by TLOC color helps to avoid reaching the send path limit for routers in the network. For example, the send path limit might be set to 32, but Cisco SD-WAN Controllers might have more than 32 routes for a particular prefix to advertise to a device. Filtering out irrelevant routes helps to avoid reaching the limit.
-
Prioritizes relevant routes:
If the send path limit is set to a low value, X, and if there are many routes to advertise, a Cisco SD-WAN Controller might advertise X irrelevant routes to a device, reaching the send path limit before advertising any relevant routes. This could result in a routing failure. Advertising only relevant routes prevents this possible failure.
Default Behavior
Cisco SD-WAN Controller route filtering by TLOC color is disabled by default.
Logic
Cisco SD-WAN Controllers apply the following logic when determining whether routes are compatible:
-
A TLOC with a public color can resolve a path to a route for a TLOC with a public color on a peer device.
-
A TLOC of a particular color can resolve a path to a route for a TLOC of the same color on a peer device.
-
A TLOC with a public color cannot resolve a path with a TLOC in a private color set.
Public colors include default, biz-internet, public-internet, lte, 3g, red, green, blue, gold, silver, bronze, custom1, custom2, and so on. Private colors include mpls, metro-ethernet, private1, private2, and so on. For information about private and public TLOC colors, see Unicast Overlay Routing in the Cisco SD-WAN Routing Configuration Guide, Cisco IOS XE Release 17.x.
For example, if a router has only TLOCs with private colors, Cisco SD-WAN Controllers do not advertise public routes to the device. Similarly, if a router has only TLOCs with public colors, Cisco SD-WAN Controllers do not advertise private routes to the device. The following illustration provides a more detailed example:
If you change the color assignment of a TLOC, the device updates the Cisco SD-WAN Controllers, enabling them to adjust the Cisco SD-WAN Controller route filtering by TLOC color accordingly.
Override
You can override the default logic if necessary and do one of the following:
-
Configure two TLOC colors to be compatible even if they are incompatible by default.
-
Configure two TLOC colors to be incompatible even if they are compatible by default.
This may be helpful in specific unconventional scenarios. See the tloc-color-compatibility command in Override Default TLOC Color Compatibility for Cisco SD-WAN Controller Route Filtering by TLOC Color Using a CLI Template.
The following illustration shows an example of route filtering by TLOC color, with two overrides:
-
Configure green and gold to be incompatible.
-
Configure mpls and private1 to be compatible.
Updating Cisco SD-WAN Controller of Changes
Routers in the network update Cisco SD-WAN Controllers when the status of their TLOCs changes. This may include reconfiguring a TLOC to a different color.
To account for temporary unavailability of a TLOC due to flapping, there is a dampening interval to delay reporting changes of TLOC status. By default, it is 60 seconds, but it can be configured to a value from 60 to 1200 seconds. For information, see Configure the Update Interval for Route Filtering by TLOC Color Using a CLI Template.
Feedback