O'Reilly logo

Comparing, Designing, and Deploying VPNs by Mark Lewis, - CCIE No. 6280

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 7. Scaling and Optimizing IPsec VPNs

Chapter 6, “Deploying Site-to-Site IPsec VPNs,” introduced IPsec VPNs. This chapter looks at how to scale IPsec VPNs using technologies such as Tunnel Endpoint Discovery (TED) and Dynamic Multipoint VPN (DMVPN), how IPsec VPNs can support quality of service (QoS), and how to avoid performance degradation caused by IPsec packet fragmentation.

Scaling IPsec Virtual Private Networks

As you saw in Chapter 6, IPsec tunnels are inherently point to point. The fact that the tunnels are point to point means that there are a number of challenges to be faced when scaling IPsec VPNs to a large number of sites. These challenges can be best illustrated by taking a look at the network shown in Figure 7-1.

Figure 7-1. Sample ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required