Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
739
Views
0
Helpful
2
Replies

Some basics questions about Cisco Viptela SD WAN solution

Go to solution
Jackyhope
Level 1
Level 1

‎01-05-2021 11:20 AM

Hi everyone,

I have some basics questions about Cisco Viptela SD WAN.

1) Let say we have two sites:  A and B, A has VPN1 subnet 1.1.1.0/24 and B has VPN1 subnet: 2.2.2.0/24

   Both sites A and B can talk to each other and have received OPM updates via vsmart about each other subnets , these updates also carry IPSEC keys. We powered down site A and B and power them back up,  at this point there is no traffic in either direction i.e from A to B and vice versa,  will IPSEC tunnel still establish between A and B?

2) Let say A and B has user traffic , therefore A and B establish IPSEC tunnels, A and B also sending BFD traffic over this tunnels for link monitoring. assume there is no longer any user traffic between A and B , but A and B continue to use BFD, given that, IPSEC tunnel will never go down as there is BFD traffic which keeps the tunnel up?

Thanks and have a good day!!

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
osdesent
Cisco Employee
Cisco Employee

‎01-05-2021 12:05 PM

1)The tunnels will come-up evertime unless you deny the TLOCs in the centralized policy, it doesn't matter if there's no data plane going through.

 

2)Same as my previos answer but adding this....by default all Edges will stablish tunnels in a full-mesh fashion with all edges unless a control policy restrict it no matter if they have or not the same service VPN's (VRFs). However there's a new feature named On-demand tunnels that works they way you said but I would say that it's something beyond basic stuffs.

 

Regards 

Oscar Desentis
Customer Success Specialist (SD-WAN)

View solution in original post

0 Helpful
2 Replies 2

Go to solution
osdesent
Cisco Employee
Cisco Employee

‎01-05-2021 12:05 PM

1)The tunnels will come-up evertime unless you deny the TLOCs in the centralized policy, it doesn't matter if there's no data plane going through.

 

2)Same as my previos answer but adding this....by default all Edges will stablish tunnels in a full-mesh fashion with all edges unless a control policy restrict it no matter if they have or not the same service VPN's (VRFs). However there's a new feature named On-demand tunnels that works they way you said but I would say that it's something beyond basic stuffs.

 

Regards 

Oscar Desentis
Customer Success Specialist (SD-WAN)
0 Helpful

Go to solution
osdesent
Cisco Employee
Cisco Employee

‎01-05-2021 01:29 PM

1)The tunnels will come-up evertime unless you deny the TLOCs in the centralized policy, it doesn't matter if there's no data plane going through.

 

2)Same as my previos answer but adding this....by default all Edges will stablish tunnels in a full-mesh fashion with all edges unless a control policy restrict it no matter if they have or not the same service VPN's (VRFs). However there's a new feature named On-demand tunnels that works they way you said but I would say that it's something beyond basic stuffs.

 

Regards 

Customer Success Specialist (SD-WAN)
Oscar Desentis
Customer Success Specialist (SD-WAN)
0 Helpful
Customers Also Viewed These Support Documents