Got it
Huawei Enterprise Support Community
Community Forums Security
The networking diagrams o...

The networking diagrams of DSVPN

Latest reply: Dec 19, 2021 21:41:20 1822 5 6 0 2
View the author 1#

Hi, everyone!


This post will introduce the common networking diagrams of DSVPN. Please have a look below for more information.


HUB-SPOKE VPN


In the Hub-Spoke scenario, the Spoke nodes establish VPN tunnels with the Hub node, but do not establish tunnels with each other. The traffic between Spoke nodes is relayed by the Hub node.


In this scenario, the tunnel interfaces of the Spoke nodes can be GRE P2P interfaces.


Figure 1. The networking diagram of Hub-Spoke VPN

163033sbqgccn6nlybl2gc.jpg


SPOKE-SPOKE VPN


In the Spoke-Spoke scenario, the Spoke nodes establish VPN tunnels not only with the Hub node, but also dynamically with each other based on service requirements.


In this scenario, all tunnel interfaces must be GRE P2PM interfaces.


Figure 2. The networking diagram of Spoke-Spoke VPN

163047cc9ep9edatx9c5z9.jpg


HUB REDUNDANCY


In the Hub redundancy scenario, each Spoke node establishes VPN tunnels with the two Hub nodes. Each Spoke node needs to confirm the active and standby Hub. If the active Hub is Down, the standby Hub takes over.


Figure 3. Networking diagram of Hub redundancy

163057wo7yr6zdddoagsxf.jpg


HUB HOT BACKUP


In the Hub hot backup scenario, the active Hub backs up NHRP entries and IPSec tunnel information to the standby Hub. If the active Hub is Down, the standby Hub takes over.


Figure 4. Networking diagram of Hub hot backup

163113oun00jmnhxebphi1.jpg


HUB LOAD BALANCING


In the Hub load balancing scenario, the two Hub nodes work together to process services. If one Hub is Down, the other takes over.


Figure 5. Networking diagram of Hub load balancing

163124aplie0lppigblilg.jpg


This is what I wanted to share with you today on the networking diagrams of DSVPN. Thank you for reading this post!

DSVPN

Like (6) Dislike (0) Favorite(2) Share Report
Previous: PC failed to dail the L2TP over IPSec using secoclient
Next: Basic Concept of Bandwidth Management.
(0) (0)
2#
Torrent
Created Dec 29, 2018 08:32:50

1.Hub-Spoke VPN
In the Hub-Spoke scenario, the Spoke nodes establish VPN tunnels with the Hub node but do not establish tunnels with each other. Traffic between Spoke nodes is relayed by the Hub node.
In this scenario, the tunnel interfaces of the Spoke nodes can be GRE P2P interfaces.
Figure 1 Networking diagram of Hub-Spoke VPN

As for this situation, I do not know how to configure. do you have an example?
View more
  • x
  • convention:
(0) (0)
3#
No.9527
Created Dec 29, 2018 09:40:09

DSVPN involves the following entities:

A DSVPN node is a device on which DSVPN is deployed, which can be a Spoke or Hub.
Spoke

A Spoke is the network gateway of a branch. Generally, a Spoke uses a dynamic public network address.

Hub

A Hub is the gateway in the headquarters and receives registration packets from Spokes. On a DSVPN network, the Hub can use a fixed public network address or a domain name.
View more
  • x
  • convention:
(0) (0)
4#
user_3534491
Created Dec 16, 2019 11:19:38

This is helpful, thanks for the sharing.
View more
  • x
  • convention:
(0) (0)
5#
Steelblue
Created Dec 20, 2019 08:25:24

Dynamic Smart Virtual Private Network (DSVPN) establishes VPN tunnels between Spokes with dynamically variable public addresses in the Hub-Spoke model.


Benefits of DSVPN

1. Reduced VPN network construction costs

DSVPN implements dynamic connections between the Hub and Spokes, and between Spokes. Spokes do not need to purchase static public network addresses.


2. Simplified configuration of the Hub and Spokes

The Hub and Spokes use an mGRE tunnel interface but not multiple GRE tunnel interfaces to establish tunnels. When a new Spoke is added to the network, the network administrator does not need to change configurations on the Hub or any existing Spokes. The administrator only needs to configure the new Spoke, and then the Spoke dynamically registers with the Hub.


3. Reduced data transmission delay between branches

Spokes can dynamically establish tunnels to directly exchange service data, reducing the forwarding delay and improving forwarding performance and efficiency.
View more
  • x
  • convention:
(0) (0)
6#
adrian_alucard
Moderator Created Dec 19, 2021 21:41:20

This is helpful, thanks for the sharing.
View more
  • x
  • convention:
Back to list

Comment

Advanced
B Color Image Link Quote Code Smilies
You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login
Huawei Website Support About Huawei Privacy User Agreement Terms of Use Cookies Cookie Settings
Huawei Enterprise Huawei Carrier Forum Training & Certification

Contact Us: e_online@huawei.com Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

APP

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.