Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

Redundancy of MPLS+Internet+VPN traffic


We are designing the below listed network:

Dual cisco 3825 router will be used to build the MPLS+Internet network setup.

For LAN redundancy HSRP will be used.

For WAN redundancy dual links will be provisioned in active/backup mode and will go to different PoP of ISP.

Active link will terminate on Primary 3845 CE router similarly backup link will terminate on seconday 3845 CE router at customer premise.

EBGP will be used between CE-PE for both MPLS and Internet traffic.

MPLS and internet will run on the same last mile link.

When primary link will fail MPLS + Internet traffic will shift on secondary link.

For acieving the same we will create four subinterface on the WAN links.

Two on the primary link and two subinterface on the secondary link.

one subinterface will carry the MPLS traffic and other subinterface will carry the internet traffic.

On the LAN side will will run HSRP between the router lan interface.

Also we will enable nat inside on the inside interface of both the 3845 routers.

Lastly we will run Site-to-Site VPN on the internet cloud.

Total bandwdith including MPLS,Internet browsing,VPN and Lan based voice will not be more than 20Mbps.

Kindly validate if the above architecture will work seamlessly on the secondary link for MPLS , Internet and VPN traffic in case of primary link failure.

Also will 3825 router good enough to handle the MPLS,Internet browsing,Nat configuration,IPSEC VPN and Lan based voice traffic equalling 20Mbps traffic.

Please revert with inputs.

Attaching the overall schematic for reference.



Re: Redundancy of MPLS+Internet+VPN traffic

I have following suggestion please go thought it. One is to redirect all the traffic through the PIX in order to send it to the 3550 and from there through the 3640, but the problem is the 3550 has a default gateway the PIX.

Two, redirect all the traffic through the MPLS connection but the problem is the MPLS handle a different network range.

Three, add a new link on the 2610s for the backup connection in order to establish the redundancy configuration.

Four, add a new link between each 2610 and each 3640 as the backup connection in case we loose the Internet connection through the 2610s.

CreatePlease to create content