What I suggest if you can source a stable and cost-effective solution then it will be the choice. The VSAT should not be cheap and very stable.
For the tunnel interface, it really depends on your usage. Can you advise why you require tunnel and what traffic will be tunnelled ?
If the link is not a private connection then you may require tunnel, if it is a point-to-point private link then tunnel may not be required. Moreover, tunnel will utilize CPU resource more, but only two tunnel should be fine.
That is a very interesting tunnel. Mutlipoint GRE using nexthop is commonly used over MPLS when you need to encrypt the traffic but still allow for any to any connectivity.
If I read your question correctly you are asking if you can send the traffic over the VSAT without putting it in the tunnel. To make that work your provider would have to have the routes between your sites in their network. If this is a managed network then they may do it.
The other issue is that you are running multicast.. or at least you have it defined on your tunnel. This is a common reason to run tunnels. Although you can now run multicast over MPLS it is not a common offering yet. Again if your provider offers it you can do it.
The main advantage to a tunnel is that you can make changes to your network and not tell your provider anything. If you run without a tunnel they now have routers that are now participating in your network and you must corrodinate with them.
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...