SD-WAN Release Notes for Release 3.3.2.
SNMP SD-WAN Edge MIB
A new custom MIB is provided to allow SNMP polling of SD-WAN specific values on the VMware SD- WAN Edge. This allows access to:
- High Availability Status
- SD-WAN ARP Table
The MIB may be accessed via the Remote Diagnostics page on the Edge.
A new Device Settings Module for performing LAN-side NAT is introduced. This allows for flexible source or destination NAT rules to be applied to traffic before route and flow lookups are done within the VMware SD-WAN Edge, allowing for instance:
- Supporting VPN access to overlapping IPs on the LAN of multiple VMware SD-WAN Edges.
- Destination NAT of traffic with a hardcoded destination IP to an alternate destination IP.
Export of events (e.g. Link Down, Client Device Detected) directly from the VMware SD-WAN Edge via the syslog protocol is now supported using UDP or TCP as a transport.
Network Overview Dashboard
A single page Network Overview that summarizes the status of all VMware SD-WAN Edges in a single customer is now available. Use this page to quickly check the network status for the entire customer, including:
- WAN Links
- High Availability
- Non-VeloCloud Site Tunnels
Check Point® Next Generation Virtual Firewalls and Fortinet® FortiGate™ Virtual Appliances are now supported when enabling third-party firewall VNFs on the VMware SD-WAN Edge.
NetFlow Support is now segment-aware and allows per-segment configuration of collectors and flow export.
Cloud Security Service
GRE tunnels To support higher performance, Zscaler™ Cloud Security Services may now be connected using GRE tunnels. Please consult the Zscaler Documentation for details on how to enable this feature in your Zscaler account.
Under the Configure -> Alerts & Notifications page, users may now enable “up” and “down” alerts for tunnels connecting from the VMware SD-WAN Edge directly to Cloud Security Services.
Port Forwarding rules now support a custom IP address to allow the forwarding of traffic destined to an IP address that is not the IP address of the WAN link.
VLAN-tagged WAN overlays now support the optional setting of 802.1p bits in outgoing packets.
Single Sign-On (SSO) support added for VMware Cloud Services Platform (CSP).
Up to 4 DHCP relay servers are now supported (increased from a previous limit of 2).
BGP Auto-Community Additive Support. In previous versions, BGP auto-community settings always acted as an override for incoming community attributes of a learned route prefix. This prevented the retention of existing community attributes.
Release 3.3.2 adds support for enabling an “additive” option in BGP auto-community configuration. This option allows for the retention of the existing attributes, with the configured auto-community being appended as an addition to those attributes.
Route Refresh Enhancements
In Release 3.2.1, a route-refresh mechanism was introduced to retain routes when connectivity to all Gateways were lost. In Release 3.3.0, support for redundant “Super Gateways” was added, ensuring that all Edges for a given customer have at least two Gateways in common.
In Release 3.3.2, these two features are combined by identifying the dual Super Gateways as the common route reflectors for the customer. If connectivity to both Super Gateways is lost for more than 180 seconds, routes continue to be preserved irrespective of connectivity to other Gateways. This ensures routing continuity across partial Gateway service interruptions in addition to the protection against full Gateway service interruptions provided in Release 3.2.1 and later.