Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Resilient WANs

I'm planning on redesigning our WAN network. Currently hub and spoke with a mixture of 10mbs, 20mbs, 100mbs and 1G with layer 1 and layer 2 links. Some are true layer1 with just piece of fiber between the sites others peering with the carrier is at layer 2 Vlan/sub-interfaces. The latency of the links is a mixture as well, less than 1ms and up to 138ms
The backup is  currently over Internet VPN, routing protocol is EIGRP. I have a business requirement now to minimize or even eliminate any outages as the applications traversing these links are very sensitive to any outage even 1 or 2 seconds.

So what I was thinking of doing was using two 3850 switches running stackwise-480 (IP Services Feature) at each location.
Buying a second link from an alternate provider that matches the primary for bandwidth and latency as close as possible (removing the Internet VPN.
Connecting the links on either switch of the stack then running either EIGRP with load balancing or Etherchannel/LACP.
The objective here is to eliminate data loss as much as possible during 1, 2 or 5 second outages.

I have been doing basic testing in the lab over 1G conneciton between two pairs of switches (just using a patch lead).
When I use EIGRP and I fail a link I lose around 2 seconds of ICMPs when I use LACP I only lose around one second, however I always lose data even if it's load balancing, for fail back don't lose any.  Is it possible to totally eliminate packet loss using these protocols, or others if not what is the next best option?

Very Interested any advise or views on this topic Hoping to use that information in designing my network.

Super Bronze

DisclaimerThe Author of this


The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.


In your existing VPN setup, the dual paths are on the same device?  If so, with EIGRP "tuning", sub second switchover should be possible.


If the existing VPN setup's dual paths are on different devices, again with EIGRP "tuning" sub second switchover may still be possible, but now you need to deal with convergence between EIGRP routers too.