Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2153
Views
0
Helpful
3
Replies

General design - cEdge on internet routers

jzak
Level 1
Level 1

‎02-15-2019 01:02 AM - edited ‎03-08-2019 05:34 PM

HI all, 

 

I'm preparing possible design for SD-WAN for our comapny. Having major question about possible coexistance of cEdge SD-WAN router (ISR 4K router) and internet CE router. It **bleep** possible? 

 

To give more info about our setup, we do not have any MPLS or any other private connection. As WAN we are uisng DMVPN setup across internet links. Usually we have two lines per site for redundancy.(SItes are oll aver the world)

 

So I need to run SD-WAN overlay through internet and also internal connections will be inside tunnel but across same internet lines. Also for all sites local internet access is a must.

 

Attaching basic schema  of network. For me best would be to have SD-WAN direclty on the ISP routers as I wll have tunnels terminated on that routers and will be able to see all traffic on the firewall. But not sure if Overlay netowrk can be configured on same interfaces   where stadard BGP config for ISP connection has to be done. 

 

If it's not possible, I would have to keep same setup as now, just enable SD-WAN on dmvpn routers, but I want to avoid this as I wan to use SD-WAN for internet access and use possiblities to measere lantncy for applicationss, choose best path for certain type of traffic etc... 

 

Thank you in advance for your advices. Schematic drawing datacenter.png

Labels:
0 Helpful
3 Replies 3

ekhabaro
Cisco Employee
Cisco Employee

‎02-15-2019 02:24 AM

you can't have DMVPN together with SD-WAN on the same device. For SD-WAN cEdge routers use separate software (Cisco IOS-XE SDWAN software), it's based on IOS-XE, but contains additional SD-WAN features and does not contain some old features that are replaced with SDWAN like DMVPN, EasyVPN, FlexVPN as so on.
Valid option will be to replace software on one of DMVPN routers (if model is supported) and build tunnels in the same manner as you do with DMVPN. You can also keep approach with DIA.
0 Helpful

jzak
Level 1
Level 1
In response to ekhabaro

‎02-15-2019 02:54 AM

Hello Ekhabaro, 

 

I know it's not possible to have it on the same device as it is. MIgration to new image is clear. Just want to know if it's possible from design perspective. 

 

I can't have local internet access on that fromer DMVPN routers as internet traffic is not routed throug it and going to internet through firewall. 

 

THat's the reason why best would be to have SD-WAN directly on CE routers. 

0 Helpful

ekhabaro
Cisco Employee
Cisco Employee
In response to jzak

‎02-15-2019 03:16 AM

Probably you may be interested in the following Cisco Live session: https://ciscolive.cisco.com/on-demand-library/?search=SD-WAN%20design#/session/1511296171066001AuIJ
0 Helpful
Customers Also Viewed These Support Documents