Training and Certification

Hello

I cant find KB's or any documnet about the below two VPN topics included in the blueprint;

- On-demand Tunnels

-DRP over a tunnel

Do anyone have some documnets aout them?

Regards

on-demand tunnels are those configured without using any of the keep alive features so that the tunnel only establishes when traffic is present.

DRP= Dynamic Routing Protocols, this is creating route based vpn using OSPF, RIP or BGP instead of static routing.

Steve,

That explains clearly.

I have a question on top of this.

Is it possible to have Route Based with on-demand tunnels??

Because for the tunnel to come up we need traffic to flow. But for traffic to flow we need the routing protocol up and running . I tried with keepalive also. But from my understanding for keepalive also we need routing to be up.

Now is it not a deadlock ???

Route based tunnels can also be configured as on-demand.

In practice, if you have a dynamic routing protocol running across the tunnel this will be sending traffic periodically so the tunnel will not come down.  The nature of the communication on the routing protocol keeps the tunnel active.  But the IPSEC configuration itself is still an on-demand tunnel.

With static routes the tunnel will tear down when traffic is no longer passing after the configured time.  The local routing table still has the static route pointing to the tunnel interface so that when the traffic arrives the tunnel will be built again and pass the routed packets.