[c-nsp] Cisco iWAN Solution

Łukasz Bromirski lukasz at bromirski.net
Sat May 2 13:58:16 EDT 2015


> On 02 May 2015, at 19:52, Pavel Skovajsa <pavel.skovajsa at gmail.com> wrote:
> 
> Hello Ranjith,
> 
> The IWAN solution is relatively new, so you will not find a lot of people
> with experience with it.

True.

> Also there are interesting operational issues that are probably much harder
> to fix in IWAN world. For example the customer calls you and tells you that
> yesterday at 9:35AM their application did not work in SiteA. How would you
> know which path the traffic took? It is dynamic, so how would you
> troubleshoot?

PfR logs prefix decisions, and you can store them either in some
syslog server, or in other software solutions that provide more
capabilities than just checking.

> Now to your questions:
>> How good is the PFR feature for load balancing effectively among multiple internet
> links
> PFR is traditionally excellent in this, without configuration it actually
> loadbalances almost precisely 50/50.

Well, that’ll depend on the configuration and traffic characteristics.

> If I understand correctly what you are asking is whether PFR works for
> Direct Internet Access. No, it does not, my understanding is that PFR only
> works inside the DMVPN cloud inside the Enterprise. The reason is simple -
> PFR not only changes the forward path, but also the return path, hence you
> need full control of both sides.

PfR works on prefixes and reachability information, so no, it is not
dependent on the DMVPN cloud. You can run (and people usually do) for
pure IP traffic. It’s capability to actually run and use different
types of tunnels makes it more flexible.

-- 
"Those pople who think they know        |              Łukasz Bromirski
 everything, are a great annoyance to   |     jid:lbromirski at jabber.org
 those of us, who do."     Isaac Asimov |   http://lukasz.bromirski.net



More information about the cisco-nsp mailing list