Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1852
Views
0
Helpful
6
Replies

MPLS service access when using SDWAN

nareh84
Level 3
Level 3

‎08-22-2019 06:41 PM

hi all,

 

 

we are in the the designing phase before we deploy viptela. we have around 2 dc and 10 branches. each branch have 1 internet and 2 mpls links. sip service from service provider is provided via mpls (ie service provider sip network reside in mpls), so all external incoming/outgoing call use mpls for calls. i believe that once viptela is installed, phone system/server wont be able to reach sip service because of overlay. is there a work around of this that somehow customer sip network get advertised/leaked from vpn 0 to service vpn. 

my second query is, if all branches are not migrated to cisco sdwan and will use traditional router, is there a design that these non sdwan branches be able to communicate with sdwan branches and dc.

 

Regards

 

 

Labels:
0 Helpful
6 Replies 6

daniel.dib
Level 7
Level 7

‎08-22-2019 10:40 PM

It is possible to leak routes between VPNs but that is normally between service VPNs. What I'm thinking is that it could be enough to put a static route in the service VPN pointing to VPN 0. For example, when doing local internet breakout, you could have a service VPN that has "ip route 0.0.0.0/0 vpn 0" to send traffic towards internet via VPN 0. I think you can reuse the same principle to add a static route for your SIP service in the service VPN to point to VPN 0.

 

To get traffic between migrated and non-migrated sites, you need a site, often a DC or HQ, that connects to both "worlds". That way, traffic will go through that location if it needs to go between the new and old network.

Daniel Dib
CCIE #37149
CCDE #20160011

Please rate helpful posts.
0 Helpful

nareh84
Level 3
Level 3
In response to daniel.dib

‎08-22-2019 11:23 PM

thanks for the reply,

 

 

outgoing call might work but i am worried about incoming call. if incoming call will hit vpn0, it will not be routed to Service vpn for phone to ring

0 Helpful

daniel.dib
Level 7
Level 7
In response to nareh84

‎08-23-2019 12:43 AM

Yes. That's a good observation. One option would be to have the service VPN peer with the MPLS router to learn routes straight into the service VPN. I will see if I can come up with any other designs.

Daniel Dib
CCIE #37149
CCDE #20160011

Please rate helpful posts.
0 Helpful

Srikanth Reddy Navuluri
Level 1
Level 1
In response to nareh84

‎08-25-2019 08:20 PM

You can also use NAT to allow traffic from VPN 0 to service VPN. But I feel this complicates the design.

Simple solution is to peer with MPLS route from Service side as Daniel mentioned.

 

Thanks,

Srikanth

0 Helpful

ved89
Level 1
Level 1
In response to nareh84

‎04-22-2022 07:28 PM

Hi nareh

 

 I'm intrested to see how you have overcome this problem as am having a challenges inline to above query.

0 Helpful

Flavio Miranda
VIP
VIP

‎04-28-2022 04:05 PM

Hi,

 This query is a bit old but sinse you bring it back, I was trying to read all the comments and understand what is the problem. I´m not a voice guy but I did not understand why the SIP communication ,on this case, can´t be just one more service over the SDWAN overlay. 

 VPN 0 is the Transport VPN to build the overlay but it is not supposed to carry user traffic. Am I wrong? The same way, VPN 512 is for devices management.

 I used to work for a company with 4K branches and all of them with  data and voice over SDWAN solution.

 Was that a Vipitela limitation?

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card