Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3501
Views
1
Helpful
1
Replies

Help to decide between DMVPN vs IPSec VPN

news2010a
Level 3
Level 3

‎02-01-2011 10:42 PM - edited ‎02-21-2020 05:08 PM

Hi,

I have total of 4 sites connected to MPLS network.  2 sites are in the US and 2 sites are in Europe.

All sites have Internet connection.

In the event that MPLS circut or CE routers go down, I want to have a failover configuration which uses the Internet circuit to use the other site and reach the MPLS network. For example, let's say the hub site MPLS circuit fails, then it switches over to the Internet-Router and it reaches Site2. From there I hope Site1 can access the MPLS network and do VoIP/SIP trunking operations just fine.

In this scenario, since I have total of 4 sites, any real advantage if I use DMVPN or typically people just do IPsec VPN?

Labels:
0 Helpful
1 Reply 1

Latchum Naidu
VIP Alumni
VIP Alumni

‎02-02-2011 12:06 AM

Hi,

In the present technology environment DMVPN is the best coice and I have dmvpn in my environment with EIGRP which is best suite in dmvpn environment and it is fully stable and scalable.
Please see below some key advantages of DMVPN...

Cisco’s DMVPN enables zero-touch deployment of IPsec networks and its spoke-to-spoke functionality enables the secure exchange of data between two branch offices without traversing the head office. This improves network performance by reducing latency and jitter, while optimizing head-office bandwidth utilization.

Additionally, DMVPN delivers a suite of functionality that benefits the entire network.
• Employs Multi-Point Generic Routing Encapsulation (mGRE) interface.
• Spokes maintain a permanent GRE tunnel to the hub, but not to the other spokes.
• Spoke sites can initiate a dynamic GRE tunnel to another spoke site based on user traffic.
• Spoke-to-spoke tunnel is built over the mGRE interface.
• Spokes only maintain RP adjacencies with Hub(s).

Powerful advantages
DMVPN provides several smart advantages that empower you to achieve comprehensive, secure network intelligence.
• Dynamic full mesh based on spoke-to-spoke traffic.
• Better control plane scalability than full mesh design.
• Simplified configuration and management.
• Easy provisioning of spokes.
• Works with IPSec or GRE (for use with IP KGs).


Please rate the helpful posts.


Regards,
Naidu.

Customers Also Viewed These Support Documents