Each location we had 2 Routers(Primary and secondary) configured with EIGRP. Recently we implemented IPsec for the traffic.
EIGRP route will take place in primary only. if i configured variance command and if i did the load balancing.. Will traffice will go via IPsec. because IPsec was active on primary router only. If primary link goes then only IPSec was becaming active in Secondary router in this situation.. how traffice will go.
will load balance will work. to reach the network we have route via 2 ways so if traffice go via EIGRP then it will work with out disturbance
But IP sec was active in primary only so traffic on primary router will encrypt and secondary will go with out encryption is possible? i am not sure about it
If IP sec was down then i am not able to reach the Branch office eventhough WAN Link is Up and route was there in EIGRP. so if IPsec configured we can reach branch office only IPsec was Up. then how load balance will work because secondary router it was showing down so branch office will be not reachable eventhough route was there..
Please clarify i am not sure wheather i am conveyed my doubt clearly.
While a little of your situation is clear there is much in your question that is not clear. It is clear that there are two sites and that each site has a primary router and a secondary router. It is clear that you implemented IPSec on the primary router but it is not clear whether IPSec is also implemented on the secondary router (I am assuming that it is not but it is not clear to me).
It is clear that EIGRP is running on the primary router and not clear whether EIGRP is also on the secondary router. It is also not clear whether EIGRP is running through IPSec on the primary router (goes over the WAN) or whether it is running only locally. You talk about variance and load balancing but it is not clear whether that has actually been done and whether there are actually two routes in the routing table for some destinations which would be necessary for load balancing.
I do not have enough information to answer questions 1 and 3. The answer to question 2 seems clear. If primary router has enabled IPSec and secondary router has not enabled IPSec then traffic going out primary router should be encrypted and traffic going out secondary router will go in the clear.
EIGRP was configured on both routers and IPsec also configured both router.. IPsec was configured WAN Peer IP of Branch is configured in head office and vice versa.. There is connection between Primary and Secondary router... Right now only one route was installed if we change variance then have chance to install 2 route.. 1 Route go via WAN directly other route go via Secondary and reach the WAN.. Sample rough diagram attached.
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...