cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1853
Views
0
Helpful
6
Replies

MPLS service access when using SDWAN

nareh84
Level 3
Level 3

hi all,

 

 

we are in the the designing phase before we deploy viptela. we have around 2 dc and 10 branches. each branch have 1 internet and 2 mpls links. sip service from service provider is provided via mpls (ie service provider sip network reside in mpls), so all external incoming/outgoing call use mpls for calls. i believe that once viptela is installed, phone system/server wont be able to reach sip service because of overlay. is there a work around of this that somehow customer sip network get advertised/leaked from vpn 0 to service vpn. 

my second query is, if all branches are not migrated to cisco sdwan and will use traditional router, is there a design that these non sdwan branches be able to communicate with sdwan branches and dc.

 

Regards

 

 

6 Replies 6

daniel.dib
Level 7
Level 7

It is possible to leak routes between VPNs but that is normally between service VPNs. What I'm thinking is that it could be enough to put a static route in the service VPN pointing to VPN 0. For example, when doing local internet breakout, you could have a service VPN that has "ip route 0.0.0.0/0 vpn 0" to send traffic towards internet via VPN 0. I think you can reuse the same principle to add a static route for your SIP service in the service VPN to point to VPN 0.

 

To get traffic between migrated and non-migrated sites, you need a site, often a DC or HQ, that connects to both "worlds". That way, traffic will go through that location if it needs to go between the new and old network.

Daniel Dib
CCIE #37149
CCDE #20160011

Please rate helpful posts.

thanks for the reply,

 

 

outgoing call might work but i am worried about incoming call. if incoming call will hit vpn0, it will not be routed to Service vpn for phone to ring

Yes. That's a good observation. One option would be to have the service VPN peer with the MPLS router to learn routes straight into the service VPN. I will see if I can come up with any other designs.

Daniel Dib
CCIE #37149
CCDE #20160011

Please rate helpful posts.

You can also use NAT to allow traffic from VPN 0 to service VPN. But I feel this complicates the design.

Simple solution is to peer with MPLS route from Service side as Daniel mentioned.

 

Thanks,

Srikanth

Hi nareh

 

 I'm intrested to see how you have overcome this problem as am having a challenges inline to above query.

Hi,

 This query is a bit old but sinse you bring it back, I was trying to read all the comments and understand what is the problem. I´m not a voice guy but I did not understand why the SIP communication ,on this case, can´t be just one more service over the SDWAN overlay. 

 VPN 0 is the Transport VPN to build the overlay but it is not supposed to carry user traffic. Am I wrong? The same way, VPN 512 is for devices management.

 I used to work for a company with 4K branches and all of them with  data and voice over SDWAN solution.

 Was that a Vipitela limitation?

Review Cisco Networking for a $25 gift card