I am planning on making our small offic vpn solution more redundant by adding a second hub router to our DMVPN solution. There are about 100 spoke routers, and there will be 2 hub routers, both located in one of our datacenters.
I have some questions around the detailed config for this (we will use EIGRP routing protocol).
Most important question is weither or not to use ISAKMP profiles with the crypto keyring commands for the pre-shared keys, or just choosing different tunnel-id, different subnet and tunnel key for each tunnel (each spoke will have two tunnel configs ofcourse).
What are the pros and cons of crypto keyring, when to use it?
Second question is about EIGRP over DMVPN (in case of two hub routers). What is the best way to force trafic to prefer one hub router as the main path?
Thanks in advance,