Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
421
Views
0
Helpful
2
Replies

Single DMVPN overlayed on multiple clouds

chris.berry.1
Level 1
Level 1

‎10-27-2016 05:17 PM - edited ‎03-05-2019 07:22 AM

At present I have two DMVPNs in place over the internet. One hub per DMVPN. All spokes and the hubs utilize the internet for the DMVPN. I have one new location that has a metro-ethernet link from it's spoke router to one of the hub routers (this hub router has one interface internet facing and one interface for the private metro LAN to the spoke site). Given this is a private connection, spoke to spoke communication won't be possible, which is fine in this case. My question is - will this "break" anything or cause other issues with the DMVPN's operation? I don't want to create a second DMVPN just for this connection if at all possible. I use route tagging to prevent loops and from sending DMVPN traffic from one VPN to the other. If I create a new DMVPN, I need to modify the tags on all of my spokes.

I suppose I could also just do a separate GRE tunnel with IPsec and not put this on the DMVPN at all. If I add more metro-E sites in the future I could then create another DMVPN for that transport.

Thoughts? Or any alternative recommendations for design?

Thanks,

Chris

Labels:
0 Helpful
2 Replies 2

Vasilii Mikhailovskii
Level 7
Level 7

‎11-01-2016 01:22 PM

Hello.

For simplicity and for further scale I would suggest to plan another DMVPN cloud for metro connections.

Regarding two clouds for Internet - I didn't understand the reason, as you may run multiple Hubs per DMVPN cloud.

If you are running EIGRP, then to prevent loops and improve convergence, you may use stub feature (or iWAN EIGRP simplification feature).

PS: new cloud wouldn't break anything unless you mess up with routing or network-id (per cloud it should be unique).

0 Helpful

chris.berry.1
Level 1
Level 1
In response to Vasilii Mikhailovskii

‎11-01-2016 06:09 PM

The second DMVPN is for PfR and to distinguish between high level SLA / Quality Internet connections vs. more bulk internet connections as secondary such as cable modem. EIGRP is used and we have route tagging in place to prevent loops. We're going to look into the stub-site feature implementation to simplify things.

Thanks for the advice!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card