Geographic Redundancy

Currently, an Oracle Adaptive Private Network supports the concept of a single Network Control Node (NCN), which can be deployed in a High Available (HA) configuration. This allows for local redundancy, meaning that both appliances are deployed locally. With Edge g2.3 and the new Geographic Redundancy feature, the NCN and secondary NCN will not reside at the same location; they will reside in two separate data centers or locations. Typically, the second site would be some form of a disaster recovery facility. In the event of a primary data center failure, the backup data center should be operational and the secondary Oracle appliance would act as the NCN for Oracle SD-WAN Edge. There are a number of considerations to be aware of with this design:

Oracle SD-WAN Edge supports a primary and secondary NCN
HA is supported at primary and secondary NCN sites
A secondary appliance will function as a client appliance when configured for Geographic Redundancy
The active NCN is the clock source for the Oracle SD-WAN Edge
The active NCN is the administration point for the Oracle SD-WAN Edge
The active NCN will synchronize its database with the secondary NCN
All client sites MUST have a conduit to the active and secondary NCNs
Extra precautions must be taken when configuring routes
The secondary NCN site should have static IP's for public Internet links
If WAN-to-WAN forwarding is enabled on the Geographic Redundancy Oracle, the route cost will be the same for both NCN and Geographic Redundant NCN appliances. This can impact Oracle SD-WAN Edge routes and should be reviewed.

Image showing conduit NCN to Client 1 site.

In Figure 1, we have the NCN site and two client sites, Client1 and Client2. Client1 is the Geographic Redundancy NCN site. As depicted in Figure 1, there must be a conduit between all client sites and the NCN site, as well as the Secondary NCN site. With this design, there are a number of recommendations:

Design the redundant NCN site first and then design the routes
Plan the Oracle SD-WAN Edge configuration file before deployment using the Oracle SD-WAN Edge configuration editor
There must be enough WAN capacity for the required conduits
Geographic NCN appliance requirements support hardware T3000 or T750 platforms only
Be aware of the number of Oracle clients required, this will dictate NCN hardware requirements
Be aware of failover times if local HA is deployed
Since multiple conduits are now built from client sites, UDP hole punching may not work properly on all firewalls or NAT devices (two conduits)

The commands required to enable the Geographic Redundancy capability are provided below.

With the Geographic, Redundant NCNs, a new command was required to differentiate Oracle appliances. The new command is “appliance_mode,” and is described in detail below. The NCN primary would be configured with the following options:

Command Command Command

Command	Command	Command
`add appli` _{ _{ance name=NCN} `set appliance_properties` _{secure_key=0xacbf1332} `enable_wan_to_wan_forwarding=yes` `appliance_mode=primary_ncn;`		`model=t750`

add appli

_{ance name=NCN}

set appliance_properties

_{secure_key=0xacbf1332}

enable_wan_to_wan_forwarding=yes

appliance_mode=primary_ncn;

model=t750

The Oracle Client configuration would be configured as:

Command Command Command

Command	Command	Command
`add applia` _{ _{nce name=Client1} _{set appliance_properties} _{secure_key=0xacbf1332} `enable_wan_to_wan_forwarding=yes` `appliance_mode=secondary_ncn;`		`model=t750`

add applia

_{nce name=Client1}

_{set
appliance_properties}

_{secure_key=0xacbf1332}

enable_wan_to_wan_forwarding=yes

appliance_mode=secondary_ncn;

model=t750

appliance_mode = Text

Specifies the appliance's role in the Oracle SD-WAN Edge. It can be set as “primary_ncn“, “secondary_ncn,” or “client.” The Primary NCN would be set to primary, the secondary NCN would be set to secondary and a traditional client would be set to client.