I am building a VPN architecture that connects to 2 separate NOCS. I want to have half my offices point to 1 NOC and the other half point to the other and have each NOC be the backup Hub for the other. Is this achievable with DMVPN
I think i made a mistake in stating this. I want to design this so that one NOC is the primary and the other NOC the backup? Is that possible? So when you build your DMVPN the primary NOC for one group is the west coast NOC and the backup is the east coast and opposite for the other coast.
The two hub (NOC) have to be up at the same time. If you want to split the load like that, the only way to go is with routing protocol.
If you look at the Dual Hub - Single DMVPN Layout explanations, you can read this :
The dynamic routing protocol will not run over the dynamic IPsec+mGRE links between spokes. Since the spoke routers are routing neighbors with the hub routers over the same mGRE tunnel interface, you cannot use link or interfaces differences (like metric, cost, delay, or bandwidth) to modify the dynamic routing protocol metrics to prefer one hub over the other hub when they are both up.
Now int the Dual Hub - Dual DMVPN Layout definition :
Since the spoke routers are routing neighbors with both hub routers over the two GRE tunnel interfaces, you can use interface configuration differences (such as bandwidth, cost and delay) to modify the dynamic routing protocol metrics to prefer one hub over the other hub when they are both up.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...