One aspect that sets Celona apart from other private 5G offerings is the ability to configure routing based on the level of visibility required for a specific use-case deployment.
The following diagram presents a logical depiction of the level of visibility observed using either the Internal Network Domain or the External Network domain with and without supernetting. The Internal Network Domain will hide all private cellular devices behind network address translation while External IP extends visibility from enterprise LAN resources into directly-connected client devices.
Finally, the External Network Domain mode combined with supernetting
allows non-native cellular client devices to connect to a mobile router in while still allowing for full visibility from the corporate LAN.
Options on how the Celona 5G LAN platform handles the forwarding of cellular data into the corporate LAN is controlled by what’s known as the Network Domain. On the Celona Orchestrator, Network Domain options are configured within the Edge Clusters
menu.
Note that each cluster’s Network domain can be configured independently from others. Additionally, up to 16 Network domains
can be configured on a single edge cluster, if desired. The Network Domain type is how architects can dictate how the 5G LAN will translate and forward packets to a corporate LAN.
There are two distinct types to be aware of: Internal
and External
. Let’s define the Network domain architecture and what additional configuration options are available.
Internal Network Domain
Internal
Network Domains are fully managed by the Celona Edge. This means that all routing within the Celona network is handled by the Celona Edge as are DHCP and DNS services for all devices on the Network Domain.
By default, every Celona Edge cluster is configured as an Internal Network Domain. This mode enables source NAT services on the Celona Edge. All devices residing on the Celona network rely on the Edge platform to hand out DHCP/DNS information.
Any traffic entering or exiting the 5G LAN in NAT mode will be translated by the Edge platform into a single IP address that is reachable on the corporate LAN. This mode is commonly used for rapid deployments where devices external to the 5G LAN do not need to communicate with connected private cellular devices.
The downside, however, is that connected devices are not accessible from the corporate LAN. Thus, for more complex or permanent deployments where devices must communicate and/or be monitored via devices directly connected to the corporate LAN, the External Network Domain mode will be a better architectural fit.
The following diagram depicts an example Celona network configured in Internal NAT mode
. The Celona Edge is responsible for providing DHCP services to devices in the 172.31.0.0/16
subnet. When these devices need to send data to the LAN, the Celona Edge translates devices in the 172.31.0.0/16
subnet to 10.1.0.20
which is the IP address of the Celona Edge server that directly connects to the corporate LAN:
External Network Domain
Alternatively, a Celona Edge cluster can be configured as an external Network domain (as shown in the diagram below) so that private cellular client devices join the corporate LAN. This mode allows the private 5G network to connect directly to the corporate LAN by way traffic forwarding into one or multiple layer 2 network segments (VLANs).
Thus, the local LAN has visibility into natively connected devices such as the smartphone and mobile gateway, and 5G LAN devices are now directly accessible from the corporate LAN. However, note that the tablet and laptop that are behind the mobile gateway remain hidden from the LAN.
When this Network domain option is used, DHCP and DNS can be configured and managed on the corporate LAN. In the following figure we again have a Celona 5G network connecting to the corporate LAN.
External Network Domain with Supernetting
As mentioned previously, the use of 5G mobile routers such as those from Cradlepoint, Sierra Wireless and Inseego are a great option when seeking to connect non-5G capable devices to a 5G LAN.
However, the caveat to this architecture is that external visibility is lost along with the need to manage multiple IP subnets and DHCP scopes for each 5G mobile router. These management headaches are due to the need for NAT to be performed on the 5G mobile router. Fortunately, Celona has solved both challenges through the use of supernetting managed at the Celona Edge.
Supernetting on a Celona 5G LAN can be implemented in just a few steps. First, the Celona Edge cluster must be configured as an external Network domain. Once this is setup, network address translation (NAT) can be disabled on the 5G mobile routers and routing mode can be used for multiple connected non-5G capable devices with all DHCP, DNS, and routing being relayed upstream to the Celona Edge.
To complete the supernetting architecture, the Celona Edge can be configured so it automatically discovers connected mobile routers and the endpoints sitting behind those routers. The Edge server intelligently routes each endpoint IP address to its corresponding 5G LAN mobile router.
With supernetting, the corporate LAN is provided a route to the remote device subnet that points to the Celona Edge. The Celona Edge then maps each remote device IP to the corresponding 5G interface of the Mobile router they are directly connected to.
Figure above shows the 10.30.1.0/24
network is used by devices sitting behind two mobile routers. On the 5G LAN side, we have our Edge cluster configured as an External Network domain and with route management entries for end devices behind the mobile router.
The benefit of this supernetting configuration option is the ability to gain end-to-end visibility while also consolidating device subnets sitting behind multiple routers for vastly improved ease of management.
Refer documentation for detailed step-by-step user guide.
To see the Celona Network domains in action, check out our on-demand demo here.