08-10-2009 01:54 PM - edited 03-04-2019 05:42 AM
Hi all,
I'm involved in a WAN redesign at the company I work for and I'm seeking advice regarding the equipment we're thinking of getting.
Topology of the WAN will be dual-hub and spoke with both hubs being active. Half of the spokes will connect to one hub with the other half connecting to the other one. Total number of spokes is 100 at the moment, but it's likely there will be more in the future.
In order to benefit from redundancy, each spoke will be configured with 4 tunnels: one to hub1 via provider 1, one to h1 via p2, one to h2 via p1 and one to h2 via p2. However, traffic will be sent only to one hub, with the other being used only in case the first one fails.
Hubs will have links from 2 providers (10mbit from each, so 20 mbps total bandwidth/hub). Encryption and QoS will also be deployed. Routing protocol will be EIGRP (most likely over DMVPN).
Now given the above, we've been recommended to get the 7206VXR with NPE-G2 (and equipped with a VSA as well) as a hub router. The VSA should relieve the router from doing the encryption, leaving it with EIGRP and QoS.
Regarding traffic, it will be split into 4 classes: VoIP (not used right now, but will be sometime in the future), business traffic, management traffic (rdp,vnc) and bulk (internet, mail).
Based on this, could you please comment on the ability of the 7206 to handle everything without issues? I've seen the routerperformance.pdf and we're nowhere near the numbers there and I consider we'll be fine with it, but we've been told we should also get a SCE box to handle QoS.
Thanks,
Gabriel
08-10-2009 01:59 PM
That is ok, it's only 20 mpbs.
Recommend you hire an experienced consultant to avoid common mistakes, eg heavy routing protocol when it's not absolutely needed.
Your should also consult with intesa sanpaolo italy, they got lot of help from cisco to have their network perfected over the years.
Don't believe all you're told.
08-10-2009 10:36 PM
Hello Paolo,
we've already initiated discussions with some Cisco Partners to help us implement this as we don't have the necessary expertise to do this by ourselves. In fact, I posted here to check with others what we've been recommended so far.
We'll get in touch with ISP Italy also.
Regards
08-11-2009 01:54 AM
Very good. If you are interested in professional consultancy, you can contact me at the address [present in my profile.
We have reference implementations running dmvpn architecture with many hundreds of branches.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: