Deployment Planning
1. Routing and Cluster Logic
-
Cluster Mechanism: One or more SDWAN access gateways can form a cluster, serving the purposes of traffic distribution, load balancing, and high availability.
-
Intelligent Routing: When a client dials in, the SDWAN system automatically selects an available and load-optimized gateway for forwarding.
2. Traffic Forwarding Service Relationship
The service relationship between the access gateway cluster and cloud desktops needs to be planned. The system supports flexible service scope definitions:
- Cloud Platform Level: An access gateway cluster provides services for all desktops within a certain IaaS cloud platform.
- Project Level: An access gateway cluster provides services for desktops within a specific project in an IaaS cloud platform.
- Desktop Level: A dedicated access gateway cluster is configured for a single specific hosted desktop.
2.1 Priority and Configuration Principles
One xSpace system supports managing multiple access gateway clusters. When configurations overlap, the system follows a priority coverage principle from "small scope to large scope":
- Hosted Desktop Configuration (Highest Priority)
- Project Configuration
- Cloud Platform Configuration (Lowest Priority)
Note: For a specific cloud platform or project, only one access gateway cluster is supported. If both project-level and cloud platform-level configurations are made, the system will prioritize the project-level configuration, which has a smaller scope.
3. Virtual Machine System Requirements
The service name for the SDWAN access gateway in Linux systems is aiwan-svpn.
-
Operating System:
Ubuntu 22.04.5 LTS (x86_64) -
Software Package:
aiwan-svpn-*.deb -
Architecture Requirements: Currently, only X86 versions are provided. For ARM or other architecture versions, please contact vendor technical support.
4. Recommended VM Specifications
Please select appropriate hardware configurations based on business concurrency:
| Concurrent Paths | Recommended Configuration | Bandwidth Requirement |
|---|---|---|
| 200 Concurrent Paths | 4 Cores / 8G RAM | Refer to Product Overview -> Networking Solutions |
| 500 Concurrent Paths | 8 Cores / 16G RAM | Same as above |
| 1000 Concurrent Paths | 16 Cores / 32G RAM | Same as above |
5. Network Configuration Requirements
To ensure proper traffic forwarding, please confirm the following network environment before VM deployment:
-
Internal Network Interoperability: The access gateway must have an internal IP address, and this address must be able to achieve routing interoperability with the internal network segment where the cloud desktops are located.
-
Public Network Mapping: An independent public IP address must be mapped for each access gateway virtual machine.
-
Firewall/Security Group Policy: The following public network mapped ports (all UDP protocol) must be allowed:
- UDP: 901, 902, 903
- UDP: 5000