Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2349
Views
0
Helpful
2
Replies

DMVPN Spoke with Failover and Load Balancing

elias.manchon
Level 1
Level 1

‎07-26-2011 02:25 AM - edited ‎02-21-2020 05:28 PM

Hello,

I have a spoke node of a DMVPN infrastructure. Actually, this spoke has a only WAN (Internet) connection. We want provide with a second line of the same ISP to load balancing and FailOver. Must I use CEF with load balancing per destination or per packet, in the other hand, is feasible to use ip sla tracking with floating static routes to FailOver?. Do you know some example that it show this issue?.

Thanks in advance!!

Labels:
0 Helpful
2 Replies 2

RYAN BARNES
Level 1
Level 1

‎07-26-2011 07:54 AM

Does this particular router have two WAN interfaces to which you are plugging in?

With regards to load balancing and failover, you have a few scenarios with single points of failure.

1. Spoke Router failure

2. ISP Failure

From experience, a majority of the problems occur at the ISP level, so I would recommend a diverse link if possible from another ISP.

Speaking on load balancing, there are a few gotchas which you may not have considered.

1. If one ISP is experiencing issues with their service (ie. packet loss, high latency, etc) it will make troubleshooting much more difficult to isolate the source of the problem. In addition, it will also make the entire site link look terrible since half of the traffic will be travelling over the degraded link.

You will also need to consider not just load balancing from the spoke, but also the return path through the hub(s). By leaving equal cost routes everywhere (ie. equal cost from your head office to the hubs, then equal cost from both hubs to the spoke) if there are any problems with a particular link/router you will affect your entire deployment as you may end up with asymetric routing (going out via Link A from the spoke to the hub, but returning via Link B from Hub to Spoke)

If failover is your primary option, my personal opinion would be to split your sites into two groups, and make one group use hub A as the primary with B as the failover, with the second group using the opposite. This makes traffic flow very deterministic and decreases the time to isolate where your problem is as it's quite evident when all the sites in 'groupA' are having issues...

Cisco has a very comprehensive (but looong) read on this here. What you're probably looking for is the Dual Hub - Single DMVPN Layout which gives you what you're looking for. However, I'm not a fan of asymetric routing, which the Dual Hub - Dual DMVPN Layout will solve.

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_white_paper09186a008018983e.shtml#dualhubsingle

0 Helpful

elias.manchon
Level 1
Level 1
In response to RYAN BARNES

‎07-26-2011 08:28 AM

Hi Ryan,

I'm aware of the existence of dual hub - single dmvpn layout and the dual hub - dual dmvpn layout topology, but I don't want to complicate the infraestructure for this moments. The spoke has a WAN interface only, I want to use vlan with subinterfaces and connect the ISP routers throught of a Switch.

With regards to failover, my first idea is resolve the ISP failure before that device spoke failure. Not is possible use other ISP, so We will use the same ISP and the same technology (HDSL), this I don't like particulary but I haven't alternative.

With regards Load Balancing, with IP SLA functionality not is possible to detect the degraded link?.

Greetings!!

0 Helpful
Customers Also Viewed These Support Documents