cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
850
Views
0
Helpful
6
Replies

Cisco PfR 3.0

Hello,

 

is it possible with PfR3.0 to build a redundant HUB design ? 

We have diffrent regions that we want to interconnect with DMVPN Phase 3 by using Spoke-to-Spoke tunnels.

 

In all configuration examples i only find that it is possible to use a single Master HUB. 

But i think it is not a good idea to have only one single device that is publishing site-prefixes and policies. 

 

Is it also possible to use PfR3.0 in a hirachical HUB design as well ? 

 

All examples from cisco are commonly not build with redundancy or more complex / realistic designs ...

Just found an example with two DC´s and using "Tranit Hub" feature.

 

Can someone help ? 

 

Best regards...

6 Replies 6

rays
Beginner
Beginner

Hi Steffen, did you get any response to this question? I have a similar 'non-standard' WAN design.

 

Thanks

Ray

Hi rays, 

 

no I did not get any response.

I tried to test hierachical Hub design in a LAB and it did not work with PfR and redunandy. 

But i´m not an expert regarding PfR... 

 

Best regards,

Steffen

Hi guys,

There is no explicit redundancy protocol built-in in PfRv3, as far as I know.

There is an option to use a cold standby workaround by having a secondary NC running exactly the same PfR configuration but advertising PfR loopbacks as /31 prefixes. In this case if the primary box fails, the routing falls back to the pre-PfR state and then secondary MC rebuilds the TC etc and starts to control the traffic. May take some minutes for PfR to converge on the new MC.

Check out the latest BRKRST-2362 session on Ciscolive365.com

In XE 3.15 they have introduce a transit hub feature that may help you with horizontal scalability across central site as well as creating regional hubs.

HTH

A.

Which component are you referring to? The DC? MC? DMVPN Hub?

 

3.15 introduced some functionality which allows for connectivity to a single provider from two separate routers at the same site. You could implement it this way or simply place an additional hub at a separate site.

 

My deployment has 2 MPLS Hubs, each at different sites and 2 Internet Hubs, again, each at different sites. With the new code you can theoretically place 2 MPLS Hubs for example at the same site now with the extra Path differentiator used in the channel.

Hi Kyle,

The question was about redundancy for hub Master Controller, which sometimes is reffered as domain controller. So I was referring to hub MC.

Two DMVPN hubs in HQ in my case are central border routers, each of them has MPLS and Internet links. In total 4 WAN links for HQ.

DMVPN spokes are branch MC/BR combined. Typical DMVPN spoke has MPLS and Internet links, some sites have two spokes, hence 4 WAN links.

Indeed in 3.15 there is a path ID feature. Unfortunately there is a nastty bug in 3.15.0, a part of startup config doesn't make it to running config at the time of router startup, clearly showing parser errors on console during startup. TAC SR ID 635423545 in case you are interested. Config sections afected are digital voice dial-peers, NBAR2 custom app definitions and some others. Platforms affected at least for our customer are ASR 1000 and ISR 4000. So we are waiting for 3.15.2 or maybe 3.16 with the fix. Commit window fo r3.15.1 was closed at the time we discovered the problem.

Cheers

A.

Vasilii Mikhailovskii
Rising star
Rising star

Hello. Let me put a note here for anybody, who would find this article later.

 

If you want a redundancy for master hub role, then it may be achieved in three ways:

  • stateless - configure two devices identically (in terms of PFR master hub configuration) and make master hub address an HSRP group (update: this option is not supported for PFRv3);
  • stateless - configure two devices identically (in terms of PFR master hub configuration) make master hub address an "anycast" address  (by IGP metric);
  • stateful - run MC on CSR1V with VmWare HA.

 

Transit site feature helps you in following cases (per http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/pfrv3/configuration/15-mt/pfrv3-15-mt-book/pfrv3-transit-site.pdf):

  • single data centre with multiple BRs in the same DMVPN;
  • dual data centres with multiple BRs (including same DMVPN cloud);
  • dual data centres sharing same set of prefixes.

 

Also could you let me know what are your requirements for H-DMVPN?

PS: scalability could be a primary challenge if you design a big PFRv3-enabled network, as largest verified scale is 2000 branches.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: