[c-nsp] DMVPN/mGRE on L3VPN - anyone experience issues with encapsulation overhead/MTU?

Luan Nguyen luan20176 at gmail.com
Wed Oct 9 12:27:04 EDT 2013


People do this all the time: GRE/IPSEC back up to MPLS VPN.
Lots of service providers have managed service that does this for you.
With modern hardware, fragmentation shouldn't be a big deal. Most providers
have end to end jumbo frame so just need to be mindful of who does and who
don't.
Good luck.


On Wed, Oct 9, 2013 at 11:30 AM, JP Senior <SeniorJ at bennettjones.com> wrote:

> Hey, all.
> I'm looking at an option to consolidate and reduce complexity of a
> multi-provider L3VPN network in a way that lets me also use internet-based
> VPNs for backup.  Right now I have dual provider uplinks at all of my sites
> to provide me inter-office WAN connectivity.
>
> DMVPN is a nice and easy option where I can have everything run in a
> single routing domain, drasticially simplifying my network topology.
>
> Has anyone experience with a network running in such a design?  I am
> concerned about increased latency, and worse, packet overhead.  I'm not
> sure I'll be able to get jumbos on these providers, so I'll have to deal
> with ipsec/gre overhead.  I don't do anything crazy blocking with ICMP, but
> I'm still hesitant to move forward with such a design.
>
> -JP Senior
>
> The contents of this message may contain confidential and/or privileged
> subject matter. If this message has been received in error, please contact
> the sender and delete all copies. Like other forms of communication,
> e-mail communications may be vulnerable to interception by unauthorized
> parties. If you do not wish us to communicate with you by e-mail, please
> notify us at your earliest convenience. In the absence of such
> notification, your consent is assumed. Should you choose to allow us to
> communicate by e-mail, we will not take any additional security measures
> (such as encryption) unless specifically requested.
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>


More information about the cisco-nsp mailing list