Cisco SD-WAN offers a centralized policy (network-wide scope) and a localized policy (single-device scope). There are two localized policy types:
- Localized data policy
- Localized control policy
The localized data policy affects the data plane. You can influence the flow and data going in and out of an interface (queues).
The localized control plane affects the control plane. Therefore, you can manipulate routing decisions. In this lesson, I’ll explain how to configure a localized control policy so you can influence the BGP local preference.
In a nutshell, this is what we have to configure:
In a nutshell, here’s what we have to do:
- We create a prefix list that matches the traffic we want to influence.
- We create a localized policy that includes a route policy.
- We create a route policy where we configure two items:
- Match condition: the prefix list.
- Action: we set a local preference value.
- We add the localized policy to a device template and push it to the vEdge router.
- We add the route policy to the BGP feature template and push it to the vEdge router.
Let’s get started!
This is the topology we’ll use:
This is the exact same topology that I used in the Cisco SD-WAN BGP configuration lesson. We are going to create a localized control policy to change the local preference for a prefix we receive from SW1. I use Cisco SD-WAN version 19.3.0.
Want to take a look for yourself? Here you will find the startup configuration of each device.
system host-name vEdge1 system-ip 172.16.1.1 site-id 2 sp-organization-name nwl-lab-sdwan organization-name nwl-lab-sdwan vbond 10.1.0.2 ! omp no shutdown graceful-restart advertise connected advertise static ! vpn 0 interface ge0/0 ip address 10.65.91.1/24 tunnel-interface encapsulation ipsec color biz-internet allow-service all ! no shutdown ! interface ge0/1 ip address 10.65.92.1/24 tunnel-interface encapsulation ipsec color public-internet allow-service all ! no shutdown ! ip route 10.1.0.0/24 10.65.91.100 ! vpn 10 router bgp 1 neighbor 10.2.1.101 no shutdown remote-as 1 ! interface ge0/3 ip address 10.2.1.1/24 no shutdown ! omp advertise connected ! ! vpn 512 interface eth0 shutdown
hostname SW1 ! ip cef ! interface Loopback0 ip address 184.108.40.206 255.255.255.255 ! interface GigabitEthernet0/0 no switchport ip address 10.2.1.101 255.255.255.0 ! router bgp 1 bgp log-neighbor-changes network 220.127.116.11 mask 255.255.255.255 neighbor 10.2.1.1 remote-as 1 ! end
hostname SW2 ! ip cef ! interface Loopback0 ip address 18.104.22.168 255.255.255.255 ! interface GigabitEthernet0/1 no switchport ip address 10.2.2.102 255.255.255.0 ! router ospf 1 network 10.2.2.0 0.0.0.255 area 1 network 22.214.171.124 0.0.0.0 area 1 ! end
Localized Control Policy
Let’s start with the policy. Go to Configuration > Policies > Localized Policy and click on Add Policy.
First, we’ll create a new prefix list:
This prefix list matches the loopback0 interface of SW1. Click on Add, and it will show up in the overview:
Click Next until you reach the Route Policy overview. Click on Add Route Policy and then Create New:
The route policy screen looks similar to the access control list. Enter a name and description, then click on + Sequence Type and + Sequence Rule:
Click on Match, select Address, and select the prefix list we created:
Now click on Actions, Local Preference, set a value (it doesn’t matter what you pick in this example), and click on Save Match And Actions:
Make sure the overview looks OK to you, then click on Save Route Policy:
We now have a route policy we can use. Click on Next:
In the final screen, give the localized policy a name and click on Save Policy:
Our localized policy is now ready: