Skip to main content
Cisco SD-WAN
Support
Product Documentation
Viptela Documentation

control-connections

vpn 0 interface tunnel-interface control-connections—Attempt to establish a DTLS or TLS control connection for a TLOC (on vEdge routers only). This is the default behavior.

When a vEdge router has multiple tunnel interfaces and hence multiple TLOCs, the router establishes only a single control connection to the vManage NMS. The router chooses a TLOC at random for this control connection, selecting one that is operational (that is, one whose administrative status is up). If the chosen TLOC becomes non-operational, the router chooses another one.

Starting in Release 15.4, this command is deprecated. Use the max-control-connections command instead.

Command Hierarchy

vpn 0
  interface interface-name
    tunnel-interface
   ​   [no] control-connections 

Options

Do Not Establish a Control Connection for a TLOC
no control-connections
Do not attempt to establish a control connection for a TLOC. You can configure this option only on a vEdge router that has multiple TLOCs. One of the TLOCs must attempt to establish a DTLS or TLS control connection so that the router learns overlay network routing information from the vSmart controllers. This routing information is shared across all the TLOCs on the router.

Operational Commands

show control connections

Example

On a vEdge router, configure two tunnel interfaces (two TLOCs). The tunnel on ge0/1 connects to a public WAN, and the tunnel on ge0/2 connects to a private MPLS network. The router establishes a control connection over ge0/1. The no control-connections command on ge0/2 disables attempts to establish control connections over the MPLS network.

vpn 0
  interface ge0/1
    ip address 172.16.31.3/24
    tunnel-interface
      encapsulation ipsec
      color biz-internet
      allow-service dhcp
      allow-service dns
      allow-service icmp
      no allow-service sshd
      no allow-service ntp
      no allow-service stun
      !
    no shutdown
    !
  interface ge0/2
    ip address 10.10.23.3/24
    tunnel-interface
      encapsulation ipsec
      color mpls restrict
      no control-connections
      allow-service dhcp
      allow-service dns
      allow-service icmp
      no allow-service sshd
      no allow-service ntp
      no allow-service stun
      !
    no shutdown
    !
  !
!

Release Information

Command introduced in Viptela Software Release 15.1.
Starting in Release 15.3.3, a vEdge router establishes only one control connection to the vManage NMS.
Starting in Release 15.4, this command is deprecated. Use the max-control-connections command instead.

Additional Information

See the Configuring Interfaces article for your software release.

  • Was this article helpful?