Hi, No, DMVPN and NHRP phase3 make you able to make spoke-to-spoke communications.
Regards, Christophe ----- Mail original ----- De: "omar parihuana" <[email protected]> À: [email protected] Envoyé: Lundi 23 Mars 2020 20:02:22 Objet: [c-nsp] SD-WAN design for large scale Guys I've just read the follow document: https://www.cisco.com/c/en/us/solutions/collateral/enterprise-networks/sd-wan/white-paper-c11-743108.html So i am asking about the IPsec tunnel scalability in SD-WAN large deployments. One benefit of L3VPN in MPLS are the full mesh connectivity. From point of view of CE one default route could be enough. Now in SDWAN data plane if I want a full mesh topology a lot of IPsec tunnels are established... maybe I am wrong but I will expect n(n-1)/2 IPsec Tunnels (without consider the second path) then for example if I have 300 branch I could expect 37350 tunnels... really? So hub-and-spoke will be the solution... comments please... maybe it is time to say goodbye to full mesh in SD-WAN deployments? -- Omar E.P.T ----------------- Certified Networking Professionals make better Connections! _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
