Deploying Resilient Internet Access with Edge Pro

Deploying Resilient Internet Access with Edge Pro

Introduction

Big Network Edge Pro is the ideal platform to provide resilient Internet Access to offices, branches, or remote locations. Sites seeking high availability of Internet access can use Edge Pro to "abstract" underlying ISPs, such as mobile providers (LTE/5G), broadband (DSL, Cable, FTTx) , and Dedicated Internet Access (DIA), via Cloud Networks, to create a resilient connection regardless of underlying ISP availability.

Design Diagram / Application Concept


The solution is delivered by "abstracting" access provided at the Client Site. In a typical Internet Access failover scenario, failover occurs by monitoring each Internet connection at the Client Site, and re-writing NAT mapping rules across the available ISP WAN IP addresses. Each time a WAN failover event occurs, all existing NAT sessions must be re-mapped to a new ISP WAN address, causing all sessions via said ISP to reset, dropping connections, and interrupting productivity. 
In this scenario, we are relying on the highly available "Internet Access Point of Presence" for its quality of Internet access, and moving the Client Site gateway to the Internet Access POP. The Internet Access POP has stable IP connectivity, with static WAN IP address that do not change. By moving the gateway, NAT, and DHCP function to the Internet Access POP, and tunneling Layer 2 via the various ISPs involved, we de-couple local site connectivity from each of the ISPs WAN IPs provided. The WAN IP for the Client Site is now located at the Internet Access POP, which is stable and not subject to change.

Design Implementation and Configuration

To realize this design, we need the following:
Internet Access POP:
- Edge Pro deployed with 1x or more WAN connections, preferrably on Public IPv4 addresses.
Client Site:
- Edge Pro deployed with 2x or more WAN connections, any type of WAN IP addressing.
- Clients in the site will be dyanmically numbered using DHCP in the 192.168.250.0/24 network.

Step #1: Cloud Network Creation

Create a “Cloud Network”. A Cloud Network is a collection of devices that share a common Layer 2 network. Just think of it as your virtual LAN in the cloud.  Devices joined to a Cloud Network have complete access to each other.

Navigate to Cloud Networks

  • Click on “Create Network”; a wizard will appear to collect details about your Cloud Network.

  • Provide a Name and Description for your Cloud Network

  • Click “Next”

  • Define an IP Address Pool - Since this is an L2 network there is no need to define the IP pool just select “Do not assign address pool”.

  • Click “Next”

  • Define access to the Cloud Network - You may leave this blank since we only want Edge devices to join the network.

  • Click “Next”.

  • Now finalize

    • To proceed, click “Create”

    • To proceed, click “Network”

Step #2: Internet Access POP - Edge Pro Configuration

  • Navigate to “Edge Devices”

  • Select “Configure” next to the Edge Pro / Lite you want to use.

  • Select “Networks” to see configured Networks on the device.

  • Select “Edit Config”

  • Select “Create Local Network”

    • Provide the Network a Name.

    • Provide the IP range for the "entire" L2 domain - in this example - 192.168.250.0/24

    • Click “Confirm”

  • Expand the newly created network; Select Local Services:

    • Add an Internet Breakout Service - The Service IP will be 192.168.250.1

    • Add a DHCP Service:

      • Choose a pool suitable for this site - i.e. the "subnet" is 192.168.250.0/24, so 192.168.250.50-254 is reasonable. Adjust as you like.

      • Use Elipsis for More Settings

        • The Service IP will be 192.168.250.2

        • The Gateway IP will be 192.168.250.1

      • Click Apply

  • Select “Connection”

  • In “Connected Cloud Network” select the Cloud Network you defined in Step #1.

  • Click “Validate” to validate the configuration.

  • Click the “Pending Changes” gear to review configuration changes.

  • Click “Apply” to Apply the configuration changes.

  • Click “Back”.

Step #3: Client Site - Edge Pro Configuration

  • Navigate to “Edge Devices”

  • Select “Configure” next to the Edge Pro / Lite you want to use.

  • Select “Networks” to see configured Networks on the device.

  • Select “Edit Config”

  • Select “Create Local Network”

    • Provide the Network a Name.

    • Provide the IP range for the "entire" L2 domain - in this example - 192.168.250.0/24

    • Click “Confirm”

  • Expand the newly created network; Select Local Services:

  • Select “Connection”

  • In “Connected Cloud Network” select the Cloud Network you defined in Step #1.

  • In “Connected LAN Interfaces” select the physical ports you wish to use with your existing network.

  • Click “Validate” to validate the configuration.

  • Click the “Pending Changes” gear to review configuration changes.

  • Click “Apply” to Apply the configuration changes.

  • Click “Back”.

  • Click “Config History” to observe the configuration being applied to Edge Devices. When the new configuration’s checkbox turns from Blue to Green, you know the new configuration is applied.

Conclusion and Result

As of a result of this implementation:
  1. Devices connected at the Client Site will receive DHCP IP addresses in the 192.168.250.0/24 subnet. The default router is the Edge Pro at the Internet Access POP. Connectivity to Internet Access POP is enabled via SD-WAN over 3x ISPs at the Client Site to 1x or more ISPs at the Internet Access POP.
  2. The Edge Pro at the Internet Access POP will provide gateway, NAT, and DHCP functions to the devices at the Client Site.
  3. The Cloud Network provides Layer 2 SD-WAN functionality.

    • Related Articles

    • Edge Pro On-Boarding Guide

      Introduction This guide is designed to assist with the Edge Pro on-boarding process. Assumptions Device Model: IEI Puzzle Facility Requirements: Available Internet access service with DHCP WAN addressing (see below for Static WAN IP) Existing Big ...

    • Remote Access (VPN Substitute)

      Introduction Use this Configuration Guide to setup Remote Access using Big Network. Remote Access with Big Network is an ideal substitute to the traditional VPN. Design Diagram and Concept of Operation Design Diagram / Application Concept In this ...

    • Use Edge Lite as a Building Management System (BMS) Remote Access Gateway

      Introduction Big Network Edge Lite is an ideal remote access gateway for building management systems (BMS) including HVAC, Security, Access Control, Video Surveillance, and IoT Sensors. Using Edge Lite, you can deploy a clear point of demarcation ...

    • Multi-Site Layer 2 Cloud Networks with Local-Site Internet Breakout

      Introduction Big Network provides Software and Hardware that makes it fast and simple to deploy distributed multi-site Layer 2 networks, along with Local Internet Breakout functionality. By default, Local Internet Breakout relies upon two key ...

    • Big Edge: Local Services

      Introduction Big Network's Edge Pro and Edge Lite devices feature the ability to host "Local Services" which are virtual network functions (VNFs) natively available on our devices. Local Services include: Local Breakout Dynamic Host Configuration ...