Aruba Silver Peak SDWAN -6- Business Intent Overlays (BIOs)

hey folks welcome back this is Joel and in this series um we are talking about Aruba's um Silver Peak sdan solution and in this video we'll talk about business

intent overlays now you can actually go and check out the previous videos of particular series um on my channel right you'll find them uh probably bundled in a particular playlist by the time I

publish them um but that being said let's come back today's topic is business intent overl right now we've done a double click on this at the start of the series right in the introduction

but just to kind of give you a glimpse in any when you're going to have an underlay right and the underlay is generally what your uh so in this case

this is an appliance right so you are going to have the van here van side so your underlay is nothing but your 4G or Internet or ml is the various type of transports right the physical links and

the IP addresses on those links all of that constitute the underlay right uh how this particular up plans connects to the transport right what is the IP addressing is it using

static routes is it using bgp all of that is your underlay part second thing is your overlay overlay is generally your um IPC

tunnels right so most of the time most of the appliances or most of the vendors prefer to do St IPC because for security purpose so you will um technically have something like this right so you have

two appliances here you can take technically have like a IP SE tanel going from one up plance to the other right uh so that's your you know um I'll

just put an example IPC is your overlay okay now the third thing right which is again not very common but Silver Peak you will find this right is called as business intent overl just just when you

look at the word right it it might can be a mouthful but it's not something which is um very complicated right um I would say I think the people who

designed it probably named it a little inaccurately because business intent overlay is not some new type of overlay it's just um think of it as a

profile right it's just a profile for what for different type of applications and how you want your estand to handle those applications right let me give an example so something like this so you

can have technically um right so technically you can have different type of traffic right you can have real time you can have bulk apps correct you can have critical apps right now you will

have all of these different types of apps um how do you want these um you know uh once if your Appliance is able to you know kind of um classify a

particular traffic as real time real time is what voice and video right bulk is what ftpt FP critical is you know maybe something very critical for your business Office 365 and this list is not

exhaust you can add more right but profile or business intent onlyl what it does is it basically gives you a way to handle your traffic based on the

category it it tells you okay for real time which tunnels should I use should I use tunnels via the 4G or should I use the tunnels over the Internet or should

I use MLS right how do I handle traffic between two Edge connect appliances how do I handle traffic which is going from The Edge connect Appliance to the internet for the real-time traffic so

all those settings per application is defined right in a central place and that's your business intent overlay it is not an overlay by itself it's just a way to

define those settings and ultimately the traffic will be sent on this overlay itself this IPC tunnels right which will again ride on this underlay so that's all whatever you have learned about estan right till now with the other

vendors and everything is still intact it's just that these guys have a way or a or settings right of sort where you can Define how the applications are handled so that's your business intent

okay so let's clear this up all right so now coming to to come down to my uh orchestrator right you'll find

this um a few things here right I want to clarify before we head to the actual lab is um let's just try to understand this a little bit more right so if you

see here uh we've got um you know this is this is where you define your business intend overlays right and you can see on the left hand side you've got the priority you've got Priority One 1 2

3 and four right um and you can see there are different overlays for different type of applications and you can see for each of the overlay on if you horizontally look at it right you have a lot of settings what type of

interfaces to be used what type of topology to be followed right the Qs settings the security settings right and all of that uh the other important thing is you see that you'll always have two

boxes one is this one and one is this one so this box basically means that these settings are related to how the traffic has to be handled L between two Edge connect appliances right which

means say you have an appliance here you have an appliance this is in Mumbai this is in I don't know Canada right and you have some landan behind this this might be the 10 Network right and this might

be I don't know maybe um behind this you have the 1726 Network right different lands right now uh ideally what you're going to have you're going to have your

IPC tunnels or some yeah you'll have IPC tunnels over internet mpls whatever right now if these two guys have to talk to each other they have to do it over these tunnels correct so that is

addressed in this particular section right now the same use case the other use case could be this this guy who is sitting here in this land might want to also access what internet maybe

88.8 so that traffic will have to be directly sent on the internet um you know leaked on the internet transport right so that is handled in this section so that's the difference between them so

you see right from the title also this says est1 traffic to internal subnets which is traffic between the two appliances so internal subnets you see this subnet and this

subnet whereas this guy handles traffic to the internet and cloud services so the settings are kind of divided categorized it in that manner right just

for ease of access right now just for understanding purpose let's actually open this maybe open it up and just have a look right so if I open up one of these guy click on this

you can see various types of settings right so right on the top you can see the um the type of traffic see on the top you can see the type of traffic

which is matching you can see the topology on the left hand side which is going to be used these are like the various type of um settings around what interfaces you want to use right which one you want to use as primary which one

as backup right if um and then on the right hand side you have service level objectives so if these objectives are not met you can say loss of 2% is allowed uh latency of 50 millisecond is allowed right so you can Define that and

those are not met then you know that particular interface will be removed from this particular service right the interface will still be operational but it will be just removed from this particular service for you know

forwarding for this particular traffic right and then a backup interface can be used um in case right if the if if you don't have enough interfaces to service that particular overlay right below you

see you also have various settings right you can actually change settings like you know if you want High a ability sometimes for certain traffic you want High availability right you want you want to make sure that you you're not

very concerned about the quality all you are concerned about is um you know more um um availability like you don't want the link to go down then you can use these settings if you want high quality

maybe for real-time traffic right you can use um this settings so again internally what it does is it will enable certain other settings right like forward error correction it will enable

path conditioning right it will do all that boost related TCP acceleration all of that related settings are actually enabled in the background all you have to do is come and select what kind of a

bonding policy you want here based on your traffic right so that's that's the cool thing about Silver Peak right so all of these if you had to really sit and do it via CLI on a traditional uh

router you will take ages but you here you see just with a click of a button what you able to do is you can address a particular type of traffic and you can also enable certain um best practices or

best features which will really complement that particular traffic you know by just go and selecting here okay so yeah this is basically like I

said this these settings are only for traffic between two subnets um you know internal subnets whereas similar settings you are available I mean here on the uh you also have settings for um

traffic to the internet and what what do you define as traffic to the internet you can click on this pencil icon here and you'll see here it says uh see you can you can basically add here but these

are the subnets which are considered as internal subnets right so which means any traffic destined to this internal subnet will go to this first option right if that uh destination IP is not

part of that internal subnet it will use these settings that's the meaning of it right so yeah that's that's the main concept of business intend overlay now maybe one more thing we can cover here

is um what really happens when the traffic really comes in right so let's try to kind of understand that the first thing

what happens is if I have um say as the traffic comes into a box right a Silver Peak box first thing we're going to do is we're going to check U match right which bio it is going to match you see

there is a priority here so we're going to check is it going to match here match here so we're going to check is it real time is it critical apps is it bulk apps so that matching is done right once you

are um done once you're done with the matching next what happens that traffic um uh you know once you have decided that it is part of real time right now these settings will have to be used

right so first thing the next very thing you know ST1 tries to do is it tries to understand if I have to use this or this and that I can do using the uh subnets

correct I just now showed you a list of subnet so if the destination IP uh no before that actually I mean the other important thing is also checking if if there is a for that particular overlay

is there a breakout even configured right sometimes you this might not even be there right so checking for you know is there a local um you know local breakout configure that's important

right so here that you check third thing would be okay if the breakout is configured now you need to kind of differentiate um do I need to use these settings right or these settings so for

that I will be able to do that using what uh internal subnets correct I just now showed you the internal subnets all I have to do is look at the destination IP address and see if it is matching the

internal subnet if it is matching the destination internal subnet what I will have to do I will have to come to these settings right now once you come here all all I have to do is um I have I have

analyzed that it is that particular IP address um you know is part of internal subnet then you'll have to just check the routing table right on the appliance to check um if the Destin destination IP

is part of the routing table right so the routing table will clearly tell you which overlay to use right because between two appliances there might be multiple uh overlays correct and we also

see here right you can Define which interfaces you which transports you really want to give priority so based on all these settings right what will happen is finally traffic you know will be sent on those IPC tunnels towards the

destination Edge connect up plans ultimately to the actual destination now what if uh while you are here you realize that the traffic is not destined to the internal subn it is

destined to something like 88.8 right then what will you do then basically we going to use these settings not this this one whereas you're going to use the settings on the right right

and based on the settings on that the traffic will be you know sent um to um you know directly on the van interface because like I said um this is basically

traffic destined to the internet right so either it can be local breakout which is you directly send it to the internet from your own Appliance or there is an option to back haul as well back hauling

is nothing but you can back hul to a hub of sort right so you can create one particular Appliance as your Hub and you can send the traffic you know to that Hub like a maybe it's like a headquarters where you might have some

kind of firewall right so you can send the traffic to that and from that appliances local breakout traffic will exit right so that you have two options right this is a very traditional way

whereas breakout is a local breakout if you if you are using local breakout technically what people also do is they use zscaler and such kind of uh s providers right U to kind of make sure

that their traffic is getting inspected right so you you have all those features as well I'll not get too deeper into that now but this is a general flow of how what happens when the traffic comes into the box how the matching is done

right um are we going to use policies on the right or policies on the left right and uh if you are using policies on the left we check the routing table then everything is good we decide which

tunnels we have to use and based on the settings as well here we are going to finally send it on the IPC tunnels if the traffic is deded to the internet we obviously uh have to use the policies on

the right here right um and either you can do locally breakout or you can um send the traffic um you know again using the IPC tels but send it to the remote

maybe H connect up plans which is in the headquarters right send it over there and once that guy receives the traffic he might send it to a firewall right and

from there you can send it to the internet right so that's the whole flow and you'll probably understand more of this as we get into the lab part part but that's that's the overall idea of

what we'll be doing in this particular video we'll basically try to explore this various bios try to configure them explore them uh send some traffic and see what's really happening behind the

scene okay all right so let's start by um you know modifying some of the BIOS here right so we looking at the real time bio here so let's click on that

guy and you can see um if you look at uh this section right there are lot of things happening here but let's probably look at this section over here to begin with right available interfaces you can technically just drag and drop this way

right um you know you can add the interfaces from the available section to your primary or backup in our case as you see we don't have uh in our topology if you remember we don't have more than

one MLS I'm going to put it back here because we we don't really have more than one MLS or more than one internet right so these as you see here these are inet 2 and MLS 2 interfaces

um what else so you can also see on the right hand side right you have service level objective so this basically is um think of it as what we did with that application ofare routing right in Cisco

as well you can Define like for example I can say a loss of 2% a latency of say 100 milliseconds right u a Jitter of zero so I can Define some service level

objectives this way right um and I can say that you know if these service level objectives are not met right then you can um you know change the uh interface

right which will be used for or you can change the transport which will be used for uh sending the data I mean the transport will not be directly used obviously there will be IPC tunnels on

these transports but the understanding is that um you know IPC is just a logical Tunnel right um and what is really going to influence these three

parameters loss latency jiter is the actual physical transport so um this particular setting basically make sure that um you know if if these uh service

level objectives are not met um you know the plans can use the um interfaces mentioned here in this order right either mpls if MLS doesn't give you

enough SLO then use inet right if these both are not available then kind of use the backup interface correct uh there are other few options here as well as you see here um you know there's another

interesting option let me see if my pen is working once right so uh there's another interesting option which is um as you see here something called as peer unavailable

right um and what does that actually mean is um let me use the topology one sec right so what does that pure um

unavailable option actually means is so say for example You've Got U one UPL here and the other Appliance here and you have some kind of Transport right right maybe MLS or Internet whatever you

have IPC tunnels between these guys like this correct now um there is always a possibility that you know maybe the appliance is not working right maybe

this Appliance is down right so in that case what happens to the traffic right which is coming from here how do you send where do you send the traffic to right so that time what you can do is ideally because this is the traffic

which is originating from here and destined it's a internal traffic right it's destined to um you know subnet which is behind the suppliance but the suppliance is down or maybe the transport is on some there could be some

various reasons right uh because of which the tunnels are down so in that case what do you do you have to obviously pass through this traffic right when I say pass through you have to kind of send this traffic um you know

on the van interface now there are two many options actually one popular option is um best route right you can use the best route on the particular plans right there there will be a routing table and

based on routing table which is the best route which is matching you can send the traffic on that van interface second option is you can pin the traffic on a particular van interface you can say hey if this situation occurs send the

traffic on only MLS the reason why you can do this is because uh remember MLS is a much more secure or secure network than say internet all right or the

internet transport um so you there is an expectation that this Ms network will be relatively more safer I mean though technically it's not completely safe because you know the service provider is

there in the middle and they can obviously look through your packets but compared to internet it is at least little less it is more secure right so the idea is that you you can in such

scenarios in this worst case scenarios you have the option to decide how your traffic needs to be handled and that is the whole idea of that particular um you

know um feature right coming back that's what we have so you see here in fact in this case you can see there's best route Right Use the best route as per the

routing table or use in our case we'll use MLS one right and the other I think rational here is also that uh if you think of it right your Ms network is

generally fully routed correct so you will have connectivity as well right so that MLS Network um you know will have connectivity to the destination subnet which you want to reach to right so

that's the other rational LEL so yeah this is just an interesting feature this is like a more of a you know very failover or a very fall back kind of a scenario where you really don't have a don't have a Ed connect up plans on the

other side or it could also be during migrations right if you're doing if you're migrating from some other uh topology to Silver Peak right you might have migrated only one side of your

network which is you might have added only one Edge connector plant and on the other side you don't have anything yet so in that case you can use this feature while doing the migration right so that

until the until you're able to install the HED connect up plant on the other side you can start sending the traffic on or Ms Network and once the appliance is coming on the other side the tunnels

will be built and you know your uh this particular uh these particular sections or the the IP SE tunnels will take over right so yeah that's another interesting

feature as well the other thing here is maybe this one right um so you can see um you have an option to say when to use

the uh backup right either you can say when your primary down then start using backup in my case what I'll do is I'll change this to not meeting service levels which means if these service

levels are not met right by my primary transports then I will use the backup in fact there is actually another option even to add secondary if you want right in my case we have not added any secondary but technically you can just

go and add secondary uh this way as well so yeah you have uh again it's it's all done sequentially right if the primary is not working secondary will take over if secondary is not meeting your

requirements then the backup will take over okay so but yeah you have an option to change that as well when do you want to switch do you want to switch when it is completely down or do you want to

switch when the slos are not me right and what is this group one represent this is another interesting thing you need to understand is this is relating to you see cross connect they're mentioning cross connect so what you can

do is you can create a group right um you know it can be any group group one group two whatever and you can attach the same group on the other interface where you want the cross connect be formed right so you can see there is

inet there is LT so between these two guys there is cross connect what is cross connect something like this right let me say so this is an app plance this is an app plance and on either of the

side you have internet MLS uh LT or also internet MLS LT ideally what you will have is you'll have tunnels formed between MLS you'll have tunnels formed

between internet tunnels form this is default but if you do something like this like cross connect because you see this guy and this this guy inet one and LT are cross connect so ideally inet

will try to form tunnels with with LT as well this way right so this is another interesting feature um you know you you can Define because uh if you this obviously adds more redundancy right

ideally initially you had just three tunnels now say you have more than three tunnels so if even if you know maybe this guy is down right you'll be you'll have two more tunnels to reach to the other side via the Internet and LD right

so that's that's another interesting feature which is the cross again not very new it is there in all other ST1 vendors as well but this is how you do it over here all right so let's move now all of

this is fine let's go to the Internet side of the house right and in the internet side of the house you can see again you have see inet 1 inet 2 I'm going to move the inet 2 because I don't

want it and uh you can see primary is inet and the backup I'm using as LT over here right because the understanding this is for internet and cloud services right assuming that your Ms does doesn't have a internet breakout this would be a

typical scenario where you use only the internet you're not using MLS um and LT would be the backup okay here also you can Define your thresholds right this these thresholds are different from what

we ear defined right you can change this to two this to 100 milliseconds and Jitter maybe I'm not going to configure so again you know when these thresholds are not met you can see here add backup

if no uh links meet performance thresholds correct and you can see here also there's threshold based failover you use the next preferred policy if no link so if none of both of these links

are not me meeting this one right then we are going to use the preferred policy here you see this is the preferred policy you can see the preferred policy is break out locally or you can back call via the O which means if there's a

hub configured then traffic will be sent to the hub right and from there it will um break out so that's the idea behind that um so in fact if you look at this

topology right in our topology we have this SP2 which does doesn't have it just has MLS doesn't have the internet and LT correct so in that case technically what

is going to happen is uh this condition is not going to be met they don't have the internet and LT so in that case breakout through locally is not possible so we are going to be using back call Via overlay for that particular

Appliance so you see how policy how how doing this configuration is really uh impacting your bio right so that's mainly that and maybe okay these are things I did not cover right so you have

option to even Define topologies right you can change the topology here we using a full mes topology and Below you see link boarding policy this is interesting again right so here we

defined what are the in what are the links we are going to use right for this particular type of traffic which is real time but here this is where you can do the actual you know uh policy of sort

right so here you can see we are using High availability policy here which means uh you know it is it is going to use use best quality path right it use only one of the tunnel right one of the

tunnel which is meeting the uh requirements but let's say if your requirement is more throughput right if compare this with this guy right if your requirement is more throughput maybe for

bulk applications right you want more throughput then you can see it is going to do load balancing so if you have tunnels via MLS and via internet they going to do load balancing it think of it as a port channel of sort traffic

will be sent across both the tunnels like this um so uh so that's that's that's that's how you can select uh different types of and you can also Define custom if you want but you can

see that's the main difference right if you want High through part and high efficiency they going to do load balancing if you want High availability and high quality they going to do best quality part which means only one of the

tunnel is going to be used okay perfect let me just put this back here all right so now I can I've done all the settings here for the real time this thing I'm going to hit this okay

button so that's how you can save right we can go on to the next Sky which is um let's go to uh the critical apps

okay and critical apps uh what we can do here is we could even Define what a critical app is for us right I think I did not talk about that in the real time but you see there is an option here

called overlay uh ACL right so I'm going to hit the pencil icon here and let's see these are the applications which have been defined as of now correct you

can see a bunch of applications here WebEx sales force and slack workday right so and you can add obviously an application I'm going to say let's see

yeah so I think I'll add an application I'm going to say add a rule right and that rule get added here I'm going to click on this match everything uh pencil

icon right right and here you can see uh there is uh what is um you know there's something called as more options I'm going to click on that guy so you you have again options to select like if you

want a particular application you can click and you can start writing the application like tftp or something like that right you can add you can add a particular application if you need what I'll do is I think I I mainly want to

look at the sips traffic if I'm not wrong that is the I can use port number for it right and the port number probably is 445 right so I'm going to define a particular

um application with that right so I'm going to hit the save button over here okay so you see Port 45 is showing up here right so I'm going to save it over

here in the associate um uh I'm going to hit the save over here as well okay so uh this is mainly for the SMB right samb protocol CS protocol that's the port num I'm going to use

that right so there you go so we have basically created one more uh type of rule here which is 445 right now all the traffic for 445 will be um you know kind

of matched with the critical traffic okay and what else do we have here so you see um the Boost part we did not talk about that you can enable the Boost at the overlay level I'm going to enable

it for this guy right there you go I've enabled the Boost and remember we have configured the Boost at the device level right on the deployment profile like how much amount of boost but um you know you

can you have to then enable it at the uh particular or bio right for that application do you want boost or not right so that U you know we can use the boost for the traffic which is flowing

through it okay so um that's that's the other piece right I'm going to probably there's nothing much to be done here rest all is fine MLS internet is selected this one I will go back to

maybe saying uh yeah if they're not meeting the criteria then use this right um I will not Define any um you know anything over here that that's fine because I've already showed you how to

do it clearly see here the link boing policy has changed to high quality for this one right um Here Also let's remove this we don't want this guy rest all looks fine I'm going to hit the okay

button so that's about the critical apps right I mean once you figure out for one of the bio right the rest everything is pretty straightforward so we can click on bulk apps

now right and we can do um similar steps here as well one sec or just to remain consistent let's actually do it right so that um

you know let's actually go back to the critical apps right and let's make sure that all the settings are very similar to the real time you know when I say real time some of the Baseline settings

right like this one let's change this to two and maybe 100 milliseconds right pable option let's change this to use

mls1 Okay so that's pretty straightforward right uh what else did we do we I think we went onto the breakout section and here also we added

the values earlier let's do that and uh we have removed the that's fine and let's also enable this okay so I think that takes care of things okay so that's

fine similarly let's for the bulk apps right even for the bulk apps let's do um okay so you see there are quite a lot of these things let's remove the MLS 2 inet 2

let's just keep these four guys let's change this to not meeting slas let's change this to two and 100 right change

the um you know um per unable to mprs one perfect so this is fine and uh whereas on this guy we might have to again change this to two and

100 okay let's remove this guy so that's mainly it now coming to the internal subes do we want any other things to be done here okay for this one let's also explore how do we change the topology

right so here you see there is a topology called mesh we will change it to HUB and spoke for this one right which means remember keep keep a mental note we also need to create a hub later

which we will do but for now let's just change some topology over here so you understand the Hub in Spoke topology right pretty straightforward it is like the traffic will be sent to a

centralized Hub right whereas mesh is nothing but you know you have assumption is that every EDC Appliance is able to reach the other up PL directly over IPC tunnel whereas here what will happen is

the traffic will be first tunnel to a hub and from The Hub the traffic will be sent to the destination uh Hub so yeah the good thing about all of this is how the routing is happening under the hood all of that is kind of um uh you don't

have to worry about it right all the related route policies and all of that is going to be taken care by Silver Peak right all you have to Define is per application how do you want it to be handled right and internally things are

going to work for you okay so so yeah that's pretty straightforward here what else so all of this looks good um coming to this guy this is also fine so I'm going to hit

the okay button similar let's come to the last one which is the default so if the bulk applications right um by the way we probably did not see what bulk

applications are let's click on once again the bulk apps we can actually look at the match ACL right and we can actually click here and you can see if you put on this guy

right you can click on the penc pencil icon you can see these are the various application consider as bul apps you can obviously add more but you can see it's SFTP GitHub Dropbox and all of that is

considered as bu caps by default perfect so I'm going to cancel that and go back to the default overlay all the traffic which doesn't match any of the above three right will obviously

match the last guy which is I think maybe things like um if you don't have any specific rules for Ping and tet and all of that right so all of that might match here okay

all right so here also let's do the minimal stuff let's remove the uh let's probably change the order here as well right so we going to use um uh what

we'll do so here we will change this to 2% and 100 milliseconds and uh all of this is fine uh MPL sign it to okay so this is good we can change the pr option

to mls1 correct so this is good um what else let's go back here let's remove this guy change this also to the similar

values which we had earlier okay all right so anything else we want to do here um I think that's pretty straightforward right so we can also

enable maybe boost over here right the Boost is enabled correct um that's good looks all good um I think we are good to

kind of deploy correct let me check all right so that's predominantly that right so what we can do now is once we have saved the changes which we have done here you can see it clearly shows

in the boxes what are the changes which we have done right um so that's pretty cool as well what's this plus button uh okay so you can see you can see excuse me more details here as well

uh what we have done is um you know remember the Boost part we have enabled boost as well for all the all these three overlays whereas for the first one we have not enabled because boost really doesn't make sense for you know

real-time traffic right that's the General understanding uh but yeah so these are all the changes right now you want to deploy these changes all you have to do is save and apply to overlays remember all the uh overlays are present

on all the five appliances but we don't have UPS yet make sure this overlay has Appliance okay that's fine but uh uh we can still hit the save button here and once you do

that on the top you know the configuration will start getting pushed you can see over here the configuration is getting to be pushed

so let's wait for probably that to be done and with that the configuration has gone in right remember we still have one more step to be done which is configuring one of the applian as the

Hub right because we used Hub and spoke topology over here correct for bulk caps which one do we select let's look at our topology let's probably select sp1 Sr Hub because it has connectivity to all

the three transports right so let's probably pick that guy as our Hub which is going to be uh ec1 EC

V1 right so so especially for EC V2 right which doesn't have all the transports it will be able to back all the traffic to uh the sp1 right the uh

the Silver Peak one my bad okay so how do we do that uh all we have to do is probably go to configuration right uh overl and you find a section called hubs over

here okay so there you go um okay so here you can see uh we can select a particular up plans as Hub okay and U you have an option to create as a

StubHub but I think I'll just use a read advertise routes right I'm going to hit the add Hub button confirm right so you can see some configurations is going through now

click on this guy the top here there you go so maybe let's remove the sech okay

there go some configuration is happening correct uh because we have now selected our sp1 as the Hub and let's wait for this to finish all right so the orchestration is

finished I'm going to close this one and maybe we can just refresh this guy and there you go you can see sp1 is appearing as Hub and you can see it's hub for these many overlays correct

which is realtime critical bulk caps and default overlay right which is pretty cool right so uh that's another thing right when you create a hub uh it

becomes uh I mean it is going to be an hub for all the overlays but at the same time um in these overlays right real time critical

apps and even the default overlay we have not configure The Hub and spoke as a topology so in that case ec1 will um sorry the sp1 will not be used as the Hub but when you create a hub it's

generally um going to act as a hub for all overlays right uh but in our specific scenario we have used only bulk caps to use the Hub so only that guy will be sending the traffic to the hub

and from Hub it will be sending all the way uh to the other spokes okay I think there's option to even go to maybe monitoring and look at the

topology here and uh we should probably see let's see if this loads sometimes it doesn't okay there you go so we have um

so you can see this is uh probably showing let's Zoom maybe out I guess sorry let's zoom in cuz this is showing the world map remember our devices are

in London and there you go so this is where our devices are right so now if I probably try to zoom in a little bit there you go so this is how it shows

this is basically for all overlays what I'll do is I will change uh this two let's look at only real time right so real time okay did it change maybe not

let's change to bulk caps okay for bulk app you see okay so for let's compare right if you go to real time you can see it's full mesh so you can see all the three guys are connected right so this two is representing nothing but there

are two Appliance at this site that's the meaning of it okay so that being said uh okay so the zooming part is not that great on

here right so let's see okay that just went full screen my bad but you you get the picture right when we selected um you know bulk caps you see this particular line went away

right from this guy because it's a um let's see if I can zoom in a little bit yeah there you go right so because I uh selected bu caps and uh London is acting as a hub for me you can see

traffic is going to go from here to the hub and then to the other up plch okay that's that's a great way to check if uh uh you know for for your particular

overlay do you have a correct topology all right so let's now try to do some P right to look at the flows if certain things are working fine correct so first

thing is let's actually go to our topology here and remember we have a Berlin PC so we'll go on to this Berlin PC and try to Ping this internet host right which is 11. 1.11 ideally what

should happen ideally we should have I've forgotten which is the primary secondary here I think it is maybe sp4 is the primary as for the vrp uh but yeah one of the appliance will pick up

the traffic and then U you know because this traffic is not internal traffic it is internet or cloud-based traffic right so it will use pass through correct and

if I'm not wrong I've used uh I've made sure I'm using internet as my pass through right I made internet uh as the primary and LT as the secondary so I think that is going to happen so the

traffic will be sent via pass through where the internet transport right so let's check if that is going to happen so I'm going to go on to the Berlin PC so this is the bur in PC right I've open

opened it and I'm going to Ping 11.1.1 11 let's maybe send a little more number of pings maybe like 10,000 pings okay so while that is happening what I

can do is I can go to monitoring under bandwidth you'll find a section called flows active and recent flows click on that and once that happens right you can

actually look at the flow so what I'm going to do here is I'm going to do 11.1 1.1 right right and then we'll hit the apply

button and there you go so we have um so this one right the first two Flows In fact let's select only the active ones sorry I selected this so let's select only the active ones and hit the apply

there you go right so we got only the active flows now which is going through and we can click on this detail button and you can see the information over here right you can see which overlay it is matching the default

overlay it is matching because why it is a ping traffic I see MP traffic right so it is matching the default overlay default bio right and which

overlay it is actually using which IPC tannel you can see it is using pass through it's not using IPC using using the pass through it is using the inet one right so that's what it is using and

uh you can see information red routing right it shows that I'm using 108.1 as the next top which is which one if you look at my topology from sp4 108.1 is

this sky right which is the inet which is perfect okay so that's the expected value and it is using that one right you can see the re uh this thing what is

that uh I think what else should we look at here yeah I think that's predominantly um the yeah you can see the TX reason why which one you can see

the primary it's not using the backup it using the primary because the in interface is up and running right so that's that's one way to kind of verify you know uh you can go to this flows Tab

and you can put whatever IP you want you can send some traffic and you can kind of look at the traffic which is um you know which is active right the active flows from each of your plant you can

look up here and see is it really following the right policy which you have configured all right so the next one is we'll try to use uh the Cs traffic right

so remember we created Port 445 right the um we kind of created Port 445 to match the critical traffic so we we'll try to uh check if that is going to work

so what's our game plan here we'll use um so we'll use the Paris PC right and we'll use the internet host and we'll try to basically send uh some SI traffic

right uh 445 traffic we'll send from this particular client ideally what should happen I think out of SP2 and sp3 this guy is mostly the master right or

uh VP master so traffic should hit the guy and again this is pass through traffic pass through traffic ideally should use internet right but um this

guy is not connected to Internet correct you might ask this is connected only to Ms but remember we have also configured uh the sharing option right H connect high avability so this guy is ideally

getting the internet and 4G through this guy correct through some virtual tunnel so remember we have set that up so ideally it should go like this traffic should go like this it should go like this so this is my expectation right in

this way this is the path traffic should follow so let's see if this this is really going to work as per our policy right so let's go back let's go to um

let's go to Paris PC right and on the Paris PC uh what we'll do is we'll probably come here and we'll select um uh the 11.1.1 right so this is the

internet PC right and what I'll also do here is let's actually go here to monitoring uh bandwidth and let's go to the active flows

all right so that's fine I've put 11. 1.

11 so I'm what I'm going to do now is I'll just come to the uh users right and let's go and um and I think in the downloads folder there will be some

folder here right so I'm going to just copy this one right come back here come back to 11 do so I'm using SI right so I'm going to I'm basically inside the

11.1 11 do 11.1.1 11 um PC right inside that maybe let me go into I don't know maybe like desktop right and I'm going to paste uh this particular file right

I'm going to say copy and replace that's fine so it's already a file with that name okay so this is going through is it really going through let's have a look here okay so I think it is going through

it's copying right you can see there okay there you go it's copying so I can quickly come here and um you know refresh this guy or apply this guy

maybe there's a IP address for sure please enter IP subnet okay that was a issue here so let's hit the

apply and there you go we have 10 do 99201 that's the Paris you can see IP address you can see sifts traffic it's getting it's even uh it's even able to

figure that out right and you can see in the port here it is 445 okay and let's look at the details for this particular flow you can see as per our expectation it is using pass through inet though it

doesn't have a internet transport it is using the transport from the sharing right you can see that here in the van routing you can see this gibberish kind

of an IP address 169 254 remember when we did Edge connect High availability these were the IP addresses we saw right 169 subnet so it's clearly using the

inet from the uh sp3 okay and it is correctly getting ad uh categorized as critical apps uh the traffic is going bya pass through inet expected right so

that's that kind of confirms that what we are doing is working right whatever policies we have put in is working all right maybe one last thing which we can have a look here before we

wind this session is if you go back here right let me close the flows part in the monitoring there are many other uh cool features which might be of interest to

you right uh for example um um if you go to monitor ing right we looked at topology alarms and all we have already checked out before there's also reporting which you can create some

reports but uh maybe the other interesting things are things around trending right so even if you probably put Trends here you're going to get quite a lot of Trends right um for

example let's maybe look at uh I think there should be something called tunnel Trends right I think is this one or maybe let's just go from here right monitoring tunnel and Trend right so

here you can select couple of appliances and it will show you uh like what kind of a what kind on the various you can see here these are the various overlays right so for default traffic for real

time for critical for bul app so each of them it is kind of showing you remember we sent some traffic earlier so that's why I believe it is showing this one a peak over here right and then it has gone down so you can see some Trends on

your van transfer not only van right you can see it on the Lan as well and also gives you a ratio right so uh that's pretty uh pretty cool right so all the

trending part then um I mean you can similarly see trends for all the other parameters as well like dscp Qs and all of that um there's also a very

interesting live view right so live view is it just gives you the live uh view like for example here from sp1 going to SP2 the there are various tunnels right so these are the various overlays and

for each of the overlays you have various tunnels and you can clearly see here that uh you know you can probably click on one of these skyp right you can click on one of the live

view and it will start giving you the live view right it will tell you if there are some tunnels you can see from sp1 going to SP2 you have for bulk caps right you've got um this is like the

over overall health of sord whereas here you can see inet to inet mpls to Ms and LT to LT right so for all of that you're getting up and green in color which

means all the three tunnels are meeting what the slas the slos right if one of these tunnels has some loss latency then it will start showing us that not meeting or if it is down it will show

you the colors right so these are all like very useful tools for your uh troubleshooting purpose all right so with that I think we can close out the whole uh session on business intent

overlay right uh just to recap what we did was we spent the first few minutes understanding um everything we needed to know about business intent overlays correct um we kind of spend few minutes

there and then after that what we did was we started configuring various business in overl by by default you get these four right you can create more as well and you'll get some settings by

default but you can Tinker them based on your necessity right you can change the topologies change the interfaces uh the transports which will be used right from uh you can give primary backups right

you can Define that preference on the inter and then you can also enable boost uh right and few other settings um whereas um on the the internet side as well you can select you want to do local

breakout or you want to back hul traffic uh things like that and um uh you can again select the backup interfaces over there right so we did a bit of settings here and then just to verify we sent

some flows right we looked at how we can use monitoring for that right you can go to monitoring you can go to bandwidth and then you can look at active flows here right so as you're sending the traffic you can look at what's really

happening uh further you can actually um you know use some other monitoring tools like tunnels Trends and you can look use the live view right to kind of understand um you know how the tunnels

are really performing right you can actually further drill down and look at the underlay and stuff like that right so I would suggest you to kind of check that out there's so many features here would would take me a lot of time to go

through each of them so would suggest you to kind of check it out uh silver pick really makes it pretty simple to kind of um use most of these right you just need to click and select and Fiddle

with it and you'll be able to figure things out it's that simple you don't really need a lot of configurations and all of that to kind of get started right so with that um we kind of wind up this

particular video on bios and hope we are going to come back with a few more videos on the Silver Peak in future okay cool thanks a lot for watching guys have a good one bye