Dual Hubs in Active/Standby Mode

In basic DSVPN networking, all Spokes are connected to one Hub. Spokes cannot communicate with each other if the Hub fails. Multiple Hubs can be deployed to improve network reliability.

Dual-hub backup is supported for DSVPN only in shortcut scenarios.

Figure 1 Dual Hubs in active/standby mode
The working mechanism is as follows:
  1. All Spokes send NHRP Registration requests to Hub 1 (active) and Hub 2 (standby) at the same time. (The request messages carry the Spokes' tunnel addresses and public IP addresses.) In addition, the Spokes locally generate NHRP peer tables for the Hubs. Each Spoke records the mappings between the tunnel addresses and public IP addresses of the Hubs in the NHRP peer table.
  2. Hub 1 and Hub 2 record the mapping between the tunnel addresses and public IP addresses of the Spokes based on the received requests, generate NHRP peer entries for the Spokes, and then send NHRP Registration Reply messages to the Spokes.
  3. Routing policies can be deployed on the Spokes to make Hub 1's routes have higher priorities than Hub 2's routes. When the Spokes need to communicate, NHRP Resolution requests are preferentially sent to Hub 1, which forwards the messages.
  4. For details about the principles of establishing tunnels between branches based on traffic, see DSVPN Principles in Shortcut Scenarios.
  5. If Hub 1 fails, the Spokes send NHRP Resolution requests to Hub 2, which forwards the messages. If Hub 1 recovers then, the Spokes choose Hub 1 again as the forwarder based on the predefined routing policies.
Parent Topic: Understanding DSVPN
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic