[c-nsp] SD-WAN design for large scale
Christophe LUCAS
christophe at clucas.fr
Tue Mar 24 06:05:13 EDT 2020
Hi,
No, DMVPN and NHRP phase3 make you able to make spoke-to-spoke communications.
Regards,
Christophe
----- Mail original -----
De: "omar parihuana" <omar.parihuana at gmail.com>
À: cisco-nsp at puck.nether.net
Envoyé: Lundi 23 Mars 2020 20:02:22
Objet: [c-nsp] SD-WAN design for large scale
Guys I've just read the follow document:
https://www.cisco.com/c/en/us/solutions/collateral/enterprise-networks/sd-wan/white-paper-c11-743108.html
So i am asking about the IPsec tunnel scalability in SD-WAN large
deployments. One benefit of L3VPN in MPLS are the full mesh connectivity.
>From point of view of CE one default route could be enough. Now in SDWAN
data plane if I want a full mesh topology a lot of IPsec tunnels are
established... maybe I am wrong but I will expect n(n-1)/2 IPsec Tunnels
(without consider the second path) then for example if I have 300 branch I
could expect 37350 tunnels... really? So hub-and-spoke will be the
solution... comments please... maybe it is time to say goodbye to full mesh
in SD-WAN deployments?
--
Omar E.P.T
-----------------
Certified Networking Professionals make better Connections!
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list