Configuring topology
Tunnels form a topology that determines the connectivity of devices in the data plane and is responsible for optimizing the passage of traffic of transport services. In Kaspersky SD-WAN, devices can be arranged in one of the following topologies:
- Hub-and-Spoke is the default topology in which tunnels between CPE devices are established through the SD-WAN Gateway.
- Full-Mesh is a topology in which direct tunnels are created between all CPE devices.
- Partial-Mesh is a topology in which direct tunnels are established between some of the CPE devices.
A role is assigned to each CPE device: standard device or SD-WAN Gateway. Standard devices automatically establish tunnels with SD-WAN Gateways, which in turn establish tunnels with all devices on the network, including other gateways. By default, all devices are standard devices. The SD-WAN Gateway role is required to build a Hub-and-Spoke topology.
Standard devices can be assigned topology tags to make them transit devices. If two devices are assigned the same topology tag, a tunnel is automatically created between them. Other devices establish tunnels through transit devices. Topology tags and transit devices are used to build Full-Mesh and Partial-Mesh topologies.
In addition to topology tags, the solution also uses standard tags that allow you to classify CPE devices by various criteria, such as model, software version, or street address of the location, and perform group actions on the devices, such as firmware updates. Topology tags and standard tags are not related to each other in any way.
