Configuring Local Internet Breakout at Network Edge

Aviatrix Secure Edge solution offers local internet breakout capability. This capability allows the Edge Gateway to route traffic from on-premises and remote sites to remote destinations via overlay tunnels and route internet-based traffic directly to the local ISP at the edge location. In SD-WAN networks typically, by routing internet-based traffic locally, you avoid the need to send internet traffic to your central datacenter for processing, which reduces network latency and costs.

To support local internet breakout, the Edge Gateway functions as a stateful firewall. Using the Edge Gateway’s SNAT feature, you define the rules that the Edge Gateway uses to route traffic from the remote sites to the Aviatrix Transit Gateway to cloud and the internet.

Local Internet Breakout capability is supported only on the Aviatrix Edge Platform.

To define SNAT rules for local internet breakout on the Edge Gateway:

  1. In Aviatrix CoPilot, go to Cloud Fabric > Edge > Gateways tab.

  2. In the table, select the Edge Gateway for which you want to enable local internet breakout.

  3. Click the Edge Gateway’s Settings tab and expand the Network Address Translation (NAT) section.

  4. Set the Source NAT toggle to On.

  5. Select Single IP, then click Save.