Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
408
Views
0
Helpful
3
Replies

DMVPN

bob.bartlett
Level 1
Level 1

‎01-16-2009 05:25 AM - edited ‎02-21-2020 03:12 AM

I am building a VPN architecture that connects to 2 separate NOCS. I want to have half my offices point to 1 NOC and the other half point to the other and have each NOC be the backup Hub for the other. Is this achievable with DMVPN

0 Helpful
3 Replies 3

dominic.caron
Level 5
Level 5

‎01-16-2009 01:35 PM

Hi,

I've never did a Dual Hub - Dual DMVPN Layout before but it might work...

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_white_paper09186a008018983e.shtml

Since your spoke router are using 2 different tunnels interfaces to pass trafic, if you play around with your routing metric, you should be able to make it work...

If it works, please tell me.

0 Helpful

bob.bartlett
Level 1
Level 1
In response to dominic.caron

‎01-17-2009 05:56 PM

I think i made a mistake in stating this. I want to design this so that one NOC is the primary and the other NOC the backup? Is that possible? So when you build your DMVPN the primary NOC for one group is the west coast NOC and the backup is the east coast and opposite for the other coast.

0 Helpful

dominic.caron
Level 5
Level 5
In response to bob.bartlett

‎01-19-2009 07:02 AM

The two hub (NOC) have to be up at the same time. If you want to split the load like that, the only way to go is with routing protocol.

If you look at the Dual Hub - Single DMVPN Layout explanations, you can read this :

The dynamic routing protocol will not run over the dynamic IPsec+mGRE links between spokes. Since the spoke routers are routing neighbors with the hub routers over the same mGRE tunnel interface, you cannot use link or interfaces differences (like metric, cost, delay, or bandwidth) to modify the dynamic routing protocol metrics to prefer one hub over the other hub when they are both up.

Now int the Dual Hub - Dual DMVPN Layout definition :

Since the spoke routers are routing neighbors with both hub routers over the two GRE tunnel interfaces, you can use interface configuration differences (such as bandwidth, cost and delay) to modify the dynamic routing protocol metrics to prefer one hub over the other hub when they are both up.

You'll have to try it.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card