Different Enterprise networks have different requirements driven by size, complexity and level of confidence with their existing solution. At Citrix, we understand this and provide multiple options to customers that are interested in leveraging SD-WAN benefits. These options are Edge mode, one-arm mode and Inline mode.

In Part-1 of this blog post, we looked at Edge mode, which allows the customers to directly terminate WAN links on SD-WAN devices. Let’s now look at one-arm mode, as it is the most seamless model and allows customers to get a taste of SD-WAN without the costly rip and replacement of devices or cabling. Because one-arm mode requires Policy Based Routing (PBR), it is also called PBR mode, which provides for a granular and controlled introduction of SD-WAN.


The idea behind one-arm mode is to identify interesting traffic (voice, mission-critical applications etc.) that require SD-WAN treatment, and using an access list on the Routing device, then punting the interesting traffic to the SD-WAN device. The “uninteresting” traffic just passes through the routing via normal routing. The SD-WAN device receives the interesting traffic and processes it to provide the best path based on the application type.

Another advantage of this mode is that if the SD-WAN device were to go down, then the interesting traffic gets normally routed on the Router. Of course, there is no SD-WAN treatment, however, the traffic is not dropped or black-holed.

To summarize, one-arm provides the following benefits:

  • Controlled deployment through PBR
  • No traffic impact in case SD-WAN devices go down
  • Seamless insertion with minimal overhead

In the next post, we will look into 3rd deployment option: Inline mode.