Virtual Private Networks (VPNs) are used for segmentation in the SD-WAN overlay, same as VRF, which we are familiar with. Each VPN is having its own forwarding table and is separated from each other. An interface or subinterface can be included and become a part of one VPN only. The VPN a packet belongs to is identified by the labels in OMP route attributes and in the packet encapsulation.

The VPN number is a four-byte integer and the range is 0- 65535, maximum of 65527 VPN can be configured as several VPNs are reserved for internal use. The default VPN available in the WAN Edge devices and controllers are VPN 0 and VPN 512. These 2 VPN (VPN 0 and 512) need to be configured on vManage and vSmart controllers. For the vBond orchestrator, only VPN 0 and 512 are functional and the only ones thatthat are used. 

Transport VPN (VPN 0) - This VPN contains those interfaces, which are used to connect to the transports. Secure DTLS/ TLS connections to the controllers are established from this VPN. Static/ Default/ Dynamic routing protocols are configured inside this VPN to get the correct next-hop information in order to establish the control plane and IPsec tunnel that can reach the remote sites. 

Management VPN (VPN 512) – This VPN is used to carry the out-of-band management traffic to and from the SD-WAN devices. OMP ignores this VPN and is not carried across the overlay network. 

Service-side VPN (VPN 1-511 and 513-65527) - This VPN includes the interfaces used to carry user data traffic to the local-site network. Service VPNs can be configured with OSPF or BGP, Virtual Router Redundancy Protocol (VRRP), QoS, etc. User traffic isis carried over the IPsec tunnels to other remote sites by redistributing OMP routes received from the vSmart controllers into the service-side VPN routing protocol. We need to advertise the Service VPN routes into OMP routing protocol so that routes from the local site can be advertised to other sites, which is sent to the vSmart controller and then redistributed to the other WAN Edge routers.