I have scenario as below.
Single Hub, dual DMVPN cloud over 2 WAN links. At Spoke site, both WAN links connected to single router. The requirement is to route specific application(email, FTP) via secondary DMVPN cloud , and fail-over to primary DMVPN cloud if secondary fails.
This can be achieved by 2 option at spoke router:
1) Policy based Route, 2 application(Email,FTP) , use next-hop-ip HUB Secondary DMVPN Tunnel IP . To achieve fail-over, i would need to track availability of next-hop-ip via IP SLA, and apply in PBR route-map.
2) Tweak Routing Protocol(OSPF or EIGRP) cost to prefer both Server IP via Secondary DMVPN Tunnel.
Now the question is, i dont see any problem at spoke router, but at HUB. How do Hub router return the traffic via secondary DMVPN tunnel in both above Options ? Do I need to apply PBR in HUB, saying that if match Server Source IP, exit interface is Seconday DMVPN tunnel ? but how about fail-over to primary DMVPN ? Or if use Routing protocol, how to make sure traffic that came from secondary DMVPN tunnel should return via the same way? Could be possible to use route tagging?
Any suggestion is welcomed.