05-16-2023 12:22 AM
Hey folks,
Very simple diagram
Cisco Umbrella / internet
||
||
FRP3k x2 (Active-Active)
||
||
450 routeurs (MPLS network) 10.0.0.0/8
Since Cisco Umbrella limits IPsec VPNs to 250Mps per tunnel, we need to run more than 20 IPsec VPNs to Umbrella to meet our needs. What would be your suggestions to load balance about 60k devices over these VPNs?
I was thinking of implementing ECMP load balancing from FPR3K. Do you guys have any others ideas which would be more "effective" from your perspective?
BR
Dardan.
Solved! Go to Solution.
05-16-2023 02:31 AM
if you decided to use ECMP, then you need VTI not policy based VPN.
the traffic will load and encrypt under same interface VTI.
05-16-2023 02:31 AM
if you decided to use ECMP, then you need VTI not policy based VPN.
the traffic will load and encrypt under same interface VTI.
05-31-2023 12:14 AM
Thanks for the answer.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide