Dynamic multipoint virtual private network (DMVPN) is a secure network, which can exchange data between sites without the need to transfer traffic through the (VPN) server or router of the organization’s headquarters virtual private network.
Traditionally, VPN connects each remote site to headquarters. DMVPN essentially creates a mesh VPN topology. This means that each site (branch) can connect directly to all other sites, wherever they are located.
The DMVPN service runs on VPN routers and firewall concentrators. Each remote site has a router configured to connect to the VPN device (hub) at the corporate headquarters so that available resources can be accessed. When data exchange between two branches is required (for example, for VoIP phones), the branch will contact the hub, get the necessary information about the other end, and create a dynamic IPsec VPN tunnel directly between them.
Direct spoke-to-spoke deployments provide a number of advantages when compared to traditional VPN deployments:
Traffic between remote sites does not need to traverse the hub (headquarter VPN router).
A DMVPN deployment eliminates additional bandwidth requirements at the hub.
1. DMVPNs eliminate additional network delays.
2. DMVPNs conserve WAN bandwidth.
3. They lower costs for VPN circuits.
4. They increase resiliency and redundancy.
DMVPN deployment includes mechanisms such as GRE tunnel and IPsec encryption with next-hop parsing protocol (NHRP) routing, which aims to reduce the administrative burden and provide reliable dynamic connections between sites. Using DMVPN where possible is good for every company to help reduce WAN costs and increase bandwidth and reliability.
Note: if you are interested in this article, and you can follow SPOTO where we will update more technical articles that will improve your ability to take the Cisco certification exams.
More Related Topics
1. MPLS Configuration Tutorial Step by Step
2. 5 Best Cisco Certifications in Demand
3. How to advertise networks in BGP