Dual ISP deployment: Two hubs and four spokes in the same region
In this dual ISP topology, the hubs and the spokes are in a single region, with AS number AS 1111. The hubs and spokes use Internal Border Gateway Protocol (iBGP) as the routing protocol to exchange routing information.
-
Hub HA1 and Hub HA2 are hub Threat Defense devices at the headquarters.
-
Branch1, Branch2, Branch3, and Branch4 are spoke Threat Defense devices at the branches.
-
ISP1 is the VPN interface of each spoke to ISP1.
-
ISP2 is the VPN interface of each spoke to ISP2.
To configure this topology, you must create two SD-WAN topologies using the SD-WAN wizard.
SD-WAN topology 1
|
Parameter |
Value |
|---|---|
|
Primary Hub |
Hub HA1 |
|
Secondary Hub |
Hub HA2 |
|
Spokes |
Branch1, Branch2, Branch3, Branch4 |
|
AS Number |
1111 |
|
VPN Interface (Spoke Tunnel Source) |
ISP1 |
|
Number of Tunnels |
8 |
The total number of tunnels in SD-WAN Topology 1 is 8.
SD-WAN topology 2
|
Parameter |
Value |
|---|---|
|
Primary Hub |
Hub HA1 |
|
Secondary Hub |
Hub HA2 |
|
Spokes |
Branch1, Branch2, Branch3, Branch4 |
|
AS Number |
1111 |
|
VPN Interface (Spoke Tunnel Source) |
ISP2 |
|
Number of Tunnels |
8 |
The total number of tunnels in SD-WAN Topology 2 is 8.
The total number of VPN tunnels for this dual ISP deployment is 16.
Note | If the hubs are in different geographic locations and have different protected networks behind them, to ensure direct communication between these networks, configure a point-to-point route-based VPN topology between the two hubs using the route-based VPN wizard. |