03-14-2008 03:40 AM - edited 03-03-2019 09:08 PM
I would like to deploy 250 endpoints GRE tunnel. Which router do I need at HQ?
03-14-2008 04:04 AM
In reality depends by the amount of traffic carried, more than the number of tunnels.
You also have the point-to-multipoint tunnel that is engineer's friend as it simplifies the configuration very very much.
In any case, for serious enterprise-class networking, look at 7200 NPE-G1 or G2 routers in the centers.
Hope this helps, please rate post if it does!
03-14-2008 04:25 AM
The reason of deployment GRE is sending Video streaming, where we do not have IP Multicast in backbone. Is DMVPN -Multi GRE you are talking about point-to-multipoint ? Give me a hint any way
regards
03-14-2008 04:54 AM
Uncertain whether it would help or hinder, and I realize you're only requirement is for GRE, but Cisco's GET-VPN might simplify the implementation and in the http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6635/ps7180/prod_brochure0900aecd80582078.pdf notes it supports multicast.
PS:
For performance, one of the fastest might be multipoint GRE where CEF is used, e.g. http://www.cisco.com/en/US/docs/ios/12_2t/12_2t8/feature/guide/ft_cefgt.html
03-14-2008 05:13 AM
Yes, you are be able to send multicast over the p2mp tunnels. DMVPN is kind of marketing name to indicate that the tunnels are encrypted as well, thing that you may or may not require.
Note the GET technology as suggested by Joseph is actually more complicated than dmvpn, because it requires an external provisioning systems (sun based), so it's no recommendable for enterprise customers in my opinion.
03-14-2008 10:26 AM
Paolo, I'm unable to find a Cisco GET-VPN reference for the requirement of a Sun based provisioning system. (Key servers are noted as using routers.) Could you provide a URL reference? Thanks.
PS:
Paolo, makes an interesting point about the complexity of GET-VPN vs. DMVPN. Probably depends on how the features map to what you desire to do. For instance, the key server is pushed as a method for easier key management (probably more true as you scale up). A two page Cisco sheet contrasting the two, GET-VPN and DMVPN: http://www.cisco.com/web/strategy/docs/gov/turniton_dmvpn.pdf
03-14-2008 04:23 PM
Hi, I stand corrected about the requirement for a server based platform with GET VPN, still I note the fact that a keyserver is not needed with DMVPN especially considering that encryption is not even mandatory.
So I think that unless you have already encountered major limitations with the consolidated DMVPN solution, you should stay with that. The Q&A is an additional source of info:
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: