Cisco SD-WAN doesn't use DMVPN, it uses OMP for control plane and IPSec for data plane.
Omar: Yes, by default you will have a full mesh of tunnels. It's easy to build Hub and Spoke topology if you want to. Often large organizations build regional Hub and Spoke where you traverse a Hub to go to another geographical region, such as EU to US etc. Best regards, Daniel -----Original Message----- From: cisco-nsp <cisco-nsp-boun...@puck.nether.net> On Behalf Of Christophe LUCAS Sent: den 24 mars 2020 11:05 To: omar parihuana <omar.parihu...@gmail.com> Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] SD-WAN design for large scale Hi, No, DMVPN and NHRP phase3 make you able to make spoke-to-spoke communications. Regards, Christophe ----- Mail original ----- De: "omar parihuana" <omar.parihu...@gmail.com> À: cisco-nsp@puck.nether.net Envoyé: Lundi 23 Mars 2020 20:02:22 Objet: [c-nsp] SD-WAN design for large scale Guys I've just read the follow document: https://www.cisco.com/c/en/us/solutions/collateral/enterprise-networks/sd-wan/white-paper-c11-743108.html So i am asking about the IPsec tunnel scalability in SD-WAN large deployments. One benefit of L3VPN in MPLS are the full mesh connectivity. From point of view of CE one default route could be enough. Now in SDWAN data plane if I want a full mesh topology a lot of IPsec tunnels are established... maybe I am wrong but I will expect n(n-1)/2 IPsec Tunnels (without consider the second path) then for example if I have 300 branch I could expect 37350 tunnels... really? So hub-and-spoke will be the solution... comments please... maybe it is time to say goodbye to full mesh in SD-WAN deployments? -- Omar E.P.T ----------------- Certified Networking Professionals make better Connections! _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
