DMVPN as Backup link to MPLS

Similar Messages

• Reliability of DMVPN as primary link

  Hi,
  We are planning to implement DMVPN (phase 3)  through internet to connect 100 plus locations (including business critical locations) . These locations are located around the globe including embargoed countries. However , while browsing through various case studies of DMVPN implementation, we understand the solution is used a backup link and not primary link for many of companies. Would like to know from you anyone that if the solution is successful as primary link as well. Kindly advise..
  Regards,
  Jubair.S

  Disclaimer
  The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
  Liability Disclaimer
  In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
  Posting
  Case studies using DMVPN as a backup, are more due, I believe, to the question of reliability of the "Internet" rather than the DMVPN technology, itself.
  I used to work within an international company with offices all over the world.  Usually we had a private WAN link and Internet VPN link to each site.  Although Internet VPN was "sold" to management as a lower cost backup/secondary, we usually treated the two links equally (as they had about the same bandwidths).  I saw very little difference in performance between the two technologies.  Regarding reliability, in 1st world countries, reliability was about the same.  In 3rd work countries, VPN actually has a slight edge (because if was often newer infrastructure and a primary focus for the country's build outs [i.e. everyone wants Internet access]).

• Dual cloud dual hub single tier dmvpn with backup service provider

  Hi,
  I have a design issue with a WAN network. I have decided to use dual cloud dual hub single tier DMVPN topology (ref. to http://www.cisco.com/application/pdf/en/us/guest/netsol/ns171/c649/ccmigration_09186a008075ea98.pdf - "Dynamic Multipoint VPN (DMVPN) Design Guide"). I have tested in lab 2 hubs and 3 spokes, applying the mentioned technology. Everything is OK, when the primary hub fails, there is only 1-3 seconds loss (3 pings).
  The problem is that each spoke and hub will have 2 service providers for WAN - primary and backup. I am still wondering which design is better and more stable to implement - using more DMVPN clouds (for the backup service provider network) or creating static IPSEC GRE tunnels in the backup links?
  Is there a guide for this case?
  What is the best practice in this case?
  Thanks in advance,
  Mladen

  Dynamic spoke-to-spoke requires your spoke routers to have mGRE tunnel interfaces. If you ever have a spoke which sources 2 tunnels from the same physical interface, you have a problem: how to resolve which tunnel is an incoming NHRP request for?
  My DMVPN is a bit different in that the crypto is GETVPN on the physical interface. There is a crypto-map applied to the physical interface and it has 2 entries which correspond to the GETVPN crypto-groups for each tunnel.
  I resolved this issue by making one of the 2 tunnels on each spoke router mGRE and the 2nd one point to point. the mGRE tunnel is preferred as primary (we use eBGP through the tunnel, so routes received through the mGRE tunnel are local-pref'd high and we AS path prepend routes advertised out the point-to-point tunnel)
  I haven't gone back and tested what happens when you have a spoke which has 2 tunnels sourced from the same interface and another spoke with 2 tunnels sourced from the same interface or from 2 different physical interfaces. The concern is that you may get a situation where one router uses Tunnel 2 for dynamic spoke-to-spoke tunneling, and the other uses Tunnel1, and that the dynamic tunnel setup fails because the crypto map cannot properly decide which crypto group to use for the incoming traffic on the router where 2 tunnels use the same physical interface.

• Can't find the storage and backup link to start an icloud backup

  Why is it that when you create an icloud account the Storage and Backup link isn't always there.  I need to create an icloud account and then create an icloud backup right away so that I can setup multiple ipads using the icloud backup.  How do I force an icloud backup?
  Thanks

  You can check your Junk/Spam folders, sometimes the e-mail gets sent there. Also, double check that the primary e-mail address in your Apple ID account is hers. If none of this works, I suggest to wait it out, sometimes it can take up to 24 hours!

• Root bridge and Non rootbridge as backup link (point to Point)

  I want to use 2 APs as backup link. I want to be sure that this wireless link is working fine as a backup.
  In order to avoid loops, Should I set any specific configuration in both APs?

  Follow the URl for the configuration of the Backup Controllers which may help you :
  http://www.cisco.com/en/US/docs/wireless/controller/5.1/configuration/guide/c51lwap.html#wp1249029

• Backup link

  My customer needs to have backup lines for their branch offices. They have installed on each branch office a router (RV042 or TL ER6120 or ASA5505), on each branch office are installed 2 fiber optic transceiver from diferent ISPs. At headquarter they have installed a cisco 892FSP. 892 WAN1 interface is connected to a layer 3 switch (on that switch are connected many Patch cords connected to many ONTs), WAN2 is connected to a catalyst 2960 switch with a SFP connected. Customer needs to have backup link between headquarter and branch offices. Can anyone help?

  Need help!!!

• Configure backup link

  My customer needs to have backup lines for their branch offices. They have installed on each branch office a router (RV042 or TL ER6120 or ASA5505), on each branch office are installed 2 fiber optic transceiver from diferent ISPs. At headquarter they have installed a cisco 892FSP. 892 WAN1 interface is connected to a layer 3 switch (on that switch are connected many Patch cords connected to many ONTs), WAN2 is connected to a catalyst 2960 switch with a SFP connected. Customer needs to have backup link between headquarter and branch offices. Can anyone help on cisco 892 configuration please?

  Hi 
  Your connectivity/setup is not clear however if your query is to configure backup data link you can follow the below link for details:
  http://www.cisco.com/en/US/docs/routers/access/800/860-880-890/software/configuration/guide/backup_ps9572_TSD_Products_Configuration_Guide_Chapter.html#wp1015543
  If you still have query please share your topology.
  Thanks & Regards
  Sandeep

• Failover ISDN backup link

  I have situation where half of my network is connected with one central location and other half with second central location. Every router is connected with primary frame-relay link and ISDN as backup link (floating static route conf).
  I need to configure that in case backup link can't manage to connect with one central location start connection with second central location. Failover ISDN backup link. Any sugestions? Thanks

  Configure the two numbers under dialer interface. These will be tried in sequence, and in fact if things are configured properly it will be no problem if some branches are connected to primary hub and some to secondary.
  Hope this helps, please rate post if it does!

• Configuration requried for 4 port ISDN S/T Interface card as backup link

  Dear All,
  I have ISDN BRI 4 lines Interface card installed in my company router cisco 2821, I want to configure all 4 BRI lines as an backup link of 512Kbps with same ISP which is directly connected on Serial0/2/0 with 1mbps bandwidth. If my Serial link become down. ALL 4 BRI group dail same ISP with full loaded 512kbps bandwith link.
  Router IOS detail c2800nm-ipbasek9-mz.124-15.T5.bin
  and I have no idea how to impelement in real senerio.
  if any one using same senerio in his live enviroment please send me configration....!
  waiting you reply....

  Respected Sir,
  Thanks for your advise. But This is very helpfull forum of cisco where cisco highly professional persons help their juniors sitting allaround the world, therefore as a junior I have posted my problem here someone give me guide line. How to configure it...?
  Because no one is perfect in whole world everyone is trying to learn more and more in his field, so this is my humbly request if you looking into this matter and help me out.
  I will be very thankfull to you.
  regards

• DMVPN WAN Backup Solution

  Hi All,
  I am in the midst of designing a backup solution for our Asia Pac MPLS/BGP wan. Before proceeding with the design and procurement etc I thought it best to confirm a few things. We will use dmvpn and I am planning to use a 7200 VXR at the headend though it might be a bit of an overkill. Has anyone used a smaller say 3800 series router as a dmvpn hub/headend plus what series of routers can be used as the headend that will ensure the successful operation of the dmvpn network? Would the other vpn technologies be a better alternative?

  Hi,
  I guess that depends how many spokes you have. I have used 3800 routers as hubs for 10 spokes for more than a year without having any performance problems.
  Regards,
  PH

• Running Large Backups over an MPLS Network

  We are opening up a second data center at my organization. The location is about 60 miles from our primary data center.
  At our primary data center we use an MPLS network for our WAN. We have ll remote locations on our WAN and we have a DS-3 that connects to our primary data center.
  At our new second data center we will connect it to the MPLS network.
  Do you think we should run our backups between the 2 data centers across the MPLS or do you think we should order a seperate private line or ethernet type service between the 2 data centers? All back ups from our primary data center will continually move across the network to our new secondary data center.
  Do you think MPLS is a good technology to run large back ups across? Is it reliable enough

  "Do you think MPLS is a good technology to run large back ups across?"
  Sure.
  "Is it reliable enough"
  Depends more on your MPLS provider than the technology itself.
  Two issues that may be more important to you vs. how "reliable" MPLS is, might be cost of bandwidth vs. other technologies or sharing the MPLS bandwidth with non-backup applications. The latter would depend much on what QoS that might be available to you to insure your backup traffic doesn't adversely impact non-backup traffic.

• How are Level 0 and Level 1 backups linked?

  Version:11g
  I was going through the scripts in the post Two Questions on RETENTION POLICY
  When you have a Differential Incremental backup strategy and When you run level 0 and level 1 backup scripts through different cronjobs from Sunday to saturday, during recovery, How will RMAN identify all these level 1 backups and its parent level 0 backup as one unit ? In the level 0 and its subsequent level 1 backup scripts, i don't see a clause which links level 0 backup and its subsequent level 1 backups?

  Hi Steve_74,
  How will RMAN identify all these level 1 backups and its parent level 0 backup as one unit ?The information used during a restore is comming from the controlfile.
  Example
  select BACKUP_TYPE, INCREMENTAL_LEVEL
  from v$backup_set
  Will determine the level 0 backup set needed according to your restore clause
  select INCREMENTAL_LEVEL, INCREMENTAL_CHANGE#, CHECKPOINT_CHANGE#
  from V$BACKUP_DATAFILE
  where file# = 1
  Will determine which incremental(s) to apply on datafile 1 according to your restore clause.
  Regards,
  Tycho
  Edited by: tychos on Nov 1, 2009 1:51 AM

• Link Redundancy Mpls primary on ethernet & point to point secoundary leaseline on serial

  hi i am having one link mpls with internet (primary) (e0/0)-10.1.1.1 and secound link point to point serial (s0/0) i want to do redundancy between two links
  but problem is mpls link never shows down . so if mpls fails then  my point to point should be  up please Find Attach file.
  can i get confuration according to my e.g. drawing
  as per my knowledge ip sla track command is thier but i dont know exact command.

  Hi,
  You are right...You should use IP SLA to track the primary link (ISP side IP)....
  Try these...
  track 125 ip sla 10 reachability
  delay down 15 up 10
  ip sla 10
  icmp-echo 4.2.2.2 (change this with the exact IP) source-interface Dialer1
  threshold 40
  If it doesn't work, just tewak some parameters..Some the methodilogy remain same..
  Good Luck !!!!

• DMVPN Dial Backup

  Hi,
  I need to configure a DMVPN with Dial Backup, my intention is when to fall interface ADSL, my router 837 make a call to local ISP by Console port and close the DMVPN in this interface, that is possible???..Somebody has some configuration as example? Thanks.

  I've been reviewing that document over and over, but it only appears to work properly with static IPs, and I will need to use DHCP. There was another document talking about RSR with DHCP, but I still couldn't get it to work properly. Here's why...
  My default route is the hubs tunnel address. Then I have a /32 route for the public-facing IP of the hub, via DHCP.
  The above-mentioned document doesn't function this way, because they assume that your default route is placed by DHCP. Additionally, I can't seem to find a way to work without my default route pointing the the hub tunnel address.

• Link Bundle - MPLS TE & FRR Support

  Hi Sir,
  Platform Cisco 12406 PRP, current running IOS 12.0(32)SY3.
  May I know what is latest IOS that can support MPLS TE & FRR over link bundle (L3 Etherchannel) ?
  Regards

  Hi,
  12.0(33)S is the last IOS version for GSR and doesn't support this feature. New development focus on XR only and only few of them like 4B ASN are ported to 33S.
  Laurent.