VPN as a redundant link for MPLS

Unanswered Question
Nov 1st, 2008

Hi,

I need some help regarding network design. We have 40 branches , each other connected by MPLS and also to the data centre. Now we want redundant link to connect other branches with the data centre. Each branches and data centre also having internet link.

We want to use IPsec/GRE tunnel to the other branches with the DC.Now the questions are..

1)Is it possible to use VPN tunnel as a redundant link so that when MPLS goes down the only tunnel comes up?

2)If MPLS and tunnel both work simultaneously is there any chances to formed loop in the network?

3)How much internet link BW generally require for branches to connect with DC?

Please guide in this issue..

Thanks

som

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Collin Clark Mon, 11/03/2008 - 07:21

1) Yes it is, you could use floating static routes or possibly another method depending on your IGP.

2) Not a layer 2 loop (which would cause an outage), but you could have two routes to get to a branch and that could cause asymmetrical routing.

3) Depends on a ton of things specific to your network. This is something you'll have to figure out.

Take a look at GET for your VPN. It will be a lot easier to administrate that a ton of GRE tunnels.

http://www.cisco.com/en/US/products/ps7180/index.html

Hope that helps.

Actions

This Discussion