Implementation of dvpn – H3C Technologies H3C SecPath F1000-E User Manual
Page 415
403
Figure 295 Full mesh DVPN networking diagram
•
Hub-spoke DVPN. In a hub-spoke DVPN, no tunnel can be established between two spokes, and
data between them has to be forwarded through the hub. The hub is used as both the routing
information exchange center and the data forwarding center. As shown in
, each spoke
establishes a permanent tunnel with the hub, and data between spokes is forwarded through the
hub.
Figure 296 Hub-spoke DVPN networking diagram
Implementation of DVPN
DVPN works in three phases: connection initialization, registration, and tunnel establishment. The
following is a brief description of the phases:
Site 1
Site 2
VAM server
Hub
Spoke 1
Public network
Spoke 2
Spoke-Spoke
Hub-Spoke
Data
Site 1
Site 2
VAM server
Hub
Spoke 1
Public network
Spoke 2
Hub-Spoke
- H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS