- DMVPN (4)
- IPv6 (1)
- MPLS (1)
- Network Automation (19)
- Network Security (1)
- Network Services (8)
- Quality of Service (2)
- SDN (10)
recent posts
- Security Architecture: More Than Just Firewalls
- DMVPN Dual Hub Dual Cloud – Full Redundancy Design
- DMVPN Dual Hub Single Cloud: Hub Redundancy Without Losing Path Control
- DMVPN Single Hub Dual Cloud: Why Redundancy Does Not Always Mean Optimal Failover
- DMVPN Single Hub Single Cloud: Design Behavior Across Phase 1, 2 and 3
- L3VPN is not just about labels, MP-BGP, or VRFs
- IPv6 Prefix Delegation and SLAAC
- WFQ, CBWFQ and LLQ Explained in a Practical Way
- How Traffic is Classified, Marked, and Queued
- NAT
- Proxy ARP
- DNS and HTTP GET with IP SLA
- Cisco IRB (Integrated Routing and Bridging)
- GLBP Weighting
- DNS Server on Cisco IOS
- DHCP Proxy over PPP
- ARP authorized
- QoS in Cisco SD-WAN
- Application-based traffic steering And AAR
- Creating Extranets and Access to Shared Services
- Enforcing Security Perimeters with Service Insertion
- Cisco SD-WAN TLOC Extension
- Cisco SD-WAN Security Features
- Traffic Engineering at Sites with Multiple Routers
- Isolating Guest Users from the Corporate VPN
- Cisco SD-WAN Hub-and-Spoke Topology
- Cisco SD-WAN Onboarding
- AI-Powered Network Assistant
- Ansible Playbook
- Ansible Gathering Facts
-
When most people hear the term cybersecurity, they immediately think about firewalls, antivirus software, or intrusion prevention systems. While these technologies are important, security architecture is much broader than individual security products. As part of Cisco U’s “Designing Cisco Security Infrastructure (SDSI)” learning path, I recently completed the Security Architecture Design Fundamentals module. The course…
-
When enterprises start scaling DMVPN deployments, a single hub or a single transport quickly becomes a limitation. The Dual Hub + Dual cloud design provides: while still keeping the overlay scalable with DMVPN Phase 3. Topology Overview We have two independent DMVPN clouds: MPLS Cloud Internet Cloud Each spoke connects to both hubs: This creates:…
-
In the previous designs, we looked at single-hub DMVPN topologies. A single hub is simple, but it also creates a clear single point of failure. The next logical step is to add a second hub while keeping a single DMVPN cloud. The goal is to provide hub redundancy while keeping the overlay simple. Design Goal…
-
DMVPN is often designed to provide transport flexibility. A company may have an MPLS WAN as the primary transport and an Internet circuit as a backup path. At first glance, the design looks simple: build one DMVPN cloud over MPLS and another DMVPN cloud over the Internet. This design is usually called Single Hub, Dual…
-
DMVPN is often introduced as a configuration topic, but in real networks the more important question is design behavior. The same DMVPN topology can behave very differently depending on the phase and the overlay routing protocol. In this post, we look at the simplest DMVPN topology: Single Hub, Single Cloud. This design contains one hub…
