Change default IP gateway on SD-WAN partner gateway

Products

VMware SD-WAN by VeloCloud VMware VeloCloud SD-WAN

Issue/Introduction

Broadcom SD-WAN Gateways are a distributed network of gateways, deployed around the world or on-premises at service providers, provide scalability, redundancy and on-demand flexibility. Partner gateways are on-premises and hosted by service providers. When a service provider wants to change the default IP gateway of a partner SD-WAN gateway, there is no way we can do it on VCO. This article introduces a method to change the IP gateway of a partner SD-WAN gateway without deploying a new virtual instance.

Environment

All supported SD-WAN gateway versions

Resolution

1. Login SD-WAN partner gateway's command line.

2. Check the current IP gateway, from below output the default IP gateway is 20.0.1.1 for example.

root@A41-5Site-gateway-1:~# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         20.0.1.1        0.0.0.0         UG    1      0        0 eth0
0.0.0.0         20.0.1.1        0.0.0.0         UG    1      0        0 eth0
0.0.0.0         101.101.101.10  0.0.0.0         UG    2      0        0 eth1
0.0.0.0         101.101.101.10  0.0.0.0         UG    2      0        0 eth1
20.0.1.0        0.0.0.0         255.255.255.0   U     0      0        0 eth0
101.101.101.0   0.0.0.0         255.255.255.0   U     0      0        0 eth1
169.254.128.0   0.0.0.0         255.255.128.0   U     0      0        0 gwd1
192.168.0.0     0.0.0.0         255.255.255.0   U     0      0        0 eth2

3. Use 'vi' command or WinSCP to change the IP gateway settings in /etc/netplan/*.yaml, in lab it is '/etc/netplan/interfaces.yaml', but in service providers' production SD-WAN gateway it could be other names. Below is the output of a typical yaml:

root@A41-5Site-gateway-1:~# cat /etc/netplan/interfaces.yaml
network:
  ethernets:
    eth0:
      addresses: [20.0.1.2/24]
      routes:
      - {metric: 1, to: 0.0.0.0/0, via: 20.0.1.1}  <----Change this IP
    eth1:
      addresses: [101.101.101.11/24]
      routes:
      - {metric: 2, to: 0.0.0.0/0, via: 101.101.101.10}
    eth2:
      addresses: [192.168.0.111/24]
      routes: []
  renderer: networkd
version: 2

4. Save changes and check:

root@A41-5Site-gateway-1:~# cat /etc/netplan/interfaces.yaml
network:
  ethernets:
    eth0:
      addresses: [20.0.1.2/24]
      routes:
      - {metric: 1, to: 0.0.0.0/0, via: 20.0.1.5}
    eth1:
      addresses: [101.101.101.11/24]
      routes:
      - {metric: 2, to: 0.0.0.0/0, via: 101.101.101.10}
    eth2:
      addresses: [192.168.0.111/24]
      routes: []
  renderer: networkd
  version: 2

5. Issue 'reboot' command to restart entire the SD-WAN partner gateway instance.

6. Once the SD-WAN partner gateway instance boots up, login and check if the change has taken effect.

root@A41-5Site-gateway-1:~# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         20.0.1.5        0.0.0.0         UG    1      0        0 eth0
0.0.0.0         20.0.1.5        0.0.0.0         UG    1      0        0 eth0
0.0.0.0         101.101.101.10  0.0.0.0         UG    2      0        0 eth1
0.0.0.0         101.101.101.10  0.0.0.0         UG    2      0        0 eth1
20.0.1.0        0.0.0.0         255.255.255.0   U     0      0        0 eth0
101.101.101.0   0.0.0.0         255.255.255.0   U     0      0        0 eth1
169.254.128.0   0.0.0.0         255.255.128.0   U     0      0        0 gwd1
192.168.0.0     0.0.0.0         255.255.255.0   U     0      0        0 eth2

Additional Information

Changing this configuration requires an SD-WAN partner gateway reboot which takes ~5-10 minutes to complete. If possible, perform this change in a maintenance window.