Control Connections Test

In a typical environment where Cisco SD-WAN appliance is deployed, the components are authenticated and validated by establishing a functional overlay network. In the context of a Cisco SD-WAN overlay network, port hopping is the process by which devices/components try different ports when attempting to establish connections with each other, in the event that a connection attempt on the first port fails. After such a failure, the port value is incremented and the connection attempt is retried. If any component fails to authenticate the other component, then the performance of the entire Cisco SD-WAN appliance may be affected.

For example, if the vSmart Controller operating on a data center fails authentication, then, the data center could not be connected over the transport network i.e, through internet, Multiprotocol Label Switching (MPLS), Layer 2 switching, Layer 3 routing, and Long-Term Evolution (LTE), or any mixture of transports. Eventually, the components/devices that are connected to the data center through the vSmart controller may be inaccessible. Similarly, Cisco vBond Orchestrators always use DTLS tunnels to establish control connections with other Cisco vEdge devices, so they always use UDP. If the control connections fail, then the vBond Orchestrators cannot connect to other vEdge devices and other components. Frequent control connection failure indicates performance degradation of the target Cisco SD-WAN appliance. To avoid such connectivity issues and to improve the performance of the Cisco SD-WAN appliance, it is essential to keep a constant vigil on the connections established through the transport network among the components. The Control Connections test helps administrators in this regard!

This test auto-discovers the connections established between the components of the target Cisco SD-WAN appliance over a transport network, and for each established connection, reports the status and uptime. Using this test, administrators can figure out the connections that are down and analyze the reason behind such connection failures. By closely monitoring the connections established by each component, administrators can figure out the component that is frequently experiencing connection failures.

Target of the test : Cisco SD-WAN

Agent deploying the test : An external agent

Outputs of the test : One set of results for each component:transport network:connection established on the target Cisco SD-WAN appliance that is being monitored

Configurable parameters for the test
Parameter Description

Test period

How often should the test be executed

Host

The IP address of the host for which this test is to be configured.

Port

Specify the port at which the specified Host listens to. By default, this is NULL.

Username

By default, the eG agent executes REST APIs on the target appliance to collect the required metrics. For the eG agent to execute the REST APIs, a special user with monitoring privilege is required. Specify the name of such a user in this text box.

Password

Specify the password corresponding to the user mentioned in the Username text box here.

Confirm Password

Confirm the Password by retyping it here.

REST API Port

By default, the REST API Port is set to none. This implies that by default, this test connects to the default port to execute the REST API commands and collect the required metrics. In some environments however, a different port can be used to execute the REST API commands. In such case, specify that port number against the REST API Port text box.

SSL

The eG agent collects performance metrics by executing REST APIs on the target appliance. Typically, the REST APIs can be invoked through HTTP or HTTPS mode. By default, the eG agent invokes REST APIs using the HTTPS mode. This is why, the SSL flag is set to Yes by default. If the target appliance is not SSL-enabled, then the REST APIs can be accessed through HTTP mode only. In this case, set the SSL flag to No.

Measurements made by the test

Measurement

Description

Measurement Unit

Interpretation

State

Indicates the current state of this connection.

 

The table below indicates the values that this measure can report and their corresponding numeric equivalents:

Measure value Numeric Value
Down 0
Up 1

Note:

By default, this measure reports the above-mentioned Measure Values while indicating the current status of the connection. However, the graph of this measure is represented using the corresponding numeric equivalents only - i.e., 0 or 1.

Uptime

Indicates the uptime of this connection.

Minutes