Chapter 7. Scaling and Optimizing IPsec VPNs

Chapter 6, “Deploying Site-to-Site IPsec VPNs,” introduced IPsec VPNs. This chapter looks at how to scale IPsec VPNs using technologies such as Tunnel Endpoint Discovery (TED) and Dynamic Multipoint VPN (DMVPN), how IPsec VPNs can support quality of service (QoS), and how to avoid performance degradation caused by IPsec packet fragmentation.

Scaling IPsec Virtual Private Networks

As you saw in Chapter 6, IPsec tunnels are inherently point to point. The fact that the tunnels are point to point means that there are a number of challenges to be faced when scaling IPsec VPNs to a large number of sites. These challenges can be best illustrated by taking a look at the network shown in Figure 7-1.

Figure 7-1. Sample ...

Get Comparing, Designing, and Deploying VPNs now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Comparing, Designing, and Deploying VPNs by

Chapter 7. Scaling and Optimizing IPsec VPNs

Scaling IPsec Virtual Private Networks

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly