Solved: DMVPN Solution for 50 Branches...

tsipoulanis · ‎02-04-2016

Hello to everyone,

we have about 40 Branches and a Central DataCenter.
every office is connected with the DC and all the internet traffic passed and filtered from DC, from the Central Firewall.
we have VoiP, with a Central Call Manager in DC.
our data are in DC, except some of the offices which have their own File Server.
also RDP is importand to use.

Now a days we have a MPLS Network which connect all of our offices.

I do a research about to implement a DMVPN for all or , like a second solution, for some of our offices (the small one).
how do you recommend or expirienced the one or the other solution?

as i read, the voice traffic is the most critical and tricky to manage it with ISP and DMVPN Solution.

i would really apriciate your opinion.

Regards,
Thomas.

PS
I choose DMVPN cause we have in the close future to have a backup of our DC in a second office, only for some of critical Data and services.
Thats why I think to use the DMVPN with 2 Hubs

Philip D'Ath · ‎02-05-2016

Yes you can run it only over the Internet. Yes you can have VoIP issues.

A solution we have used in the past is dual internet connections. You dedicate one to VoIP, and one for everything else. Still much cheaper that MPLS.

You can also use Pfr (Performance Routing) to select the circuit to use based on the latency and jitter and type of traffic.

http://docwiki.cisco.com/wiki/PfR3:Solutions:IWAN

View solution in original post

Philip D'Ath · ‎02-05-2016

We use DMVPN a lot. It works great. We often run it over both MPLS, the Internet and 3G/4G connections. It makes creating redundant back up links easy.

Cisco have a marketing term called iWAN that is more encompassing and builds on DMVPN.

This is the validated design guide explaining the deployments options and how to configure it.

http://www.cisco.com/c/dam/en/us/td/docs/solutions/CVD/Jan2015/CVD-IWANDesignGuide-JAN15.pdf

tsipoulanis · ‎02-05-2016

yes I respect and understand that solution and your idea, but the point is that the manager wants to decrease the cost.
thats why i was thinking for the DMVPN solution with a normal ISP Internet.

then we will configure and implement, and in the future support the Company Network.
but as i read some people have some issues with the Quality of the VoiP.
maybe like a second solution could be to to use the MLPS for the large offices and for the small the DMVPN.
or then i was thinking like two DMVPN(then we have also a redudance/backup) and to split the services, for example one DMVPN for the voip traffic and the second one for Data and other services.

Philip D'Ath · ‎02-05-2016

Yes you can run it only over the Internet. Yes you can have VoIP issues.

A solution we have used in the past is dual internet connections. You dedicate one to VoIP, and one for everything else. Still much cheaper that MPLS.

You can also use Pfr (Performance Routing) to select the circuit to use based on the latency and jitter and type of traffic.

http://docwiki.cisco.com/wiki/PfR3:Solutions:IWAN

tsipoulanis · ‎02-05-2016

Hi Philip,

thank you so much for your quick responds.
Is exactly what i was thinking.
;)
I appreciate your help,

best regards,

Thomas

tsipoulanis · ‎02-05-2016

an extra small question, maybe a bit stupid, but i am not the expert in voip....
if we have a site to site VPN for some offices, is possible one telefon to communicate with an other telefon which is located in other office?

as a basic knowledge i have for voip, normal the telefon take infos from call manager, and then has direct connection with the other telefon. for the example with 2 Site to Site VPNs, eather they communicate through the central location or is not possible to communicate those telefones which are located in different office with site to site vpn, is that correct?

and if that is correct, that is the main reason why we need mpls or dmvpn.right?