Manualshelf

R3303-HP HSR6800 Routers Layer 3 - IP Services Configuration Guide

ManualsBrandsHP ManualsNetwork HardwareHP HSR6804 Router Chassis
301302303304305306307308309310
293
Figure 128 Tunnel establishment process
1. The initiator originates a tunnel establishment request.
{ To establish a hub-spoke tunnel:
After a spoke registers itself successfully, it needs to establish a permanent tunnel with each
hub in the VPN. Upon receiving the registered information of the hubs from the server, the
spoke checks whether a tunnel is present to each hub. If no tunnel exists between the spoke and
a hub, the spoke sends a tunnel establishment request to the hub.
{ To establish a hub-hub tunnel:
After a hub registers itself successfully, the server sends the registered information of the other
hubs in the VPN to the hub and the hub checks whether a tunnel exists to each of its peer hubs.
If not, the hub sends a tunnel establishment request to the peer hub.
{ To establish a spoke-spoke tunnel:
In a full mesh network, when a spoke receives a data packet but finds no tunnel for forwarding
the packet, it sends an address resolution request to the server and then, after receiving the
resolved address, sends a tunnel establishment request to the peer spoke.
2. The tunnel establishment request receiver saves the tunnel establishment information and sends a
response to the sender. If the request sender receives the response, a tunnel is established.
Otherwise, tunnel establishment attempt fails.
Supported DVPN features
NAT traversal of UDP-encapsulated DVPN packets
When a spoke needs to communicate with another spoke, one of the following cases will occur:
If neither of the two spokes is behind a NAT gateway, a direct tunnel will be established between
them.
If only the tunnel initiator resides behind a NAT gateway, a spoke-spoke tunnel can be established
traversing the NAT gateway.
If the tunnel request receiver is behind a NAT gateway, packets must be forwarded by a hub before
the intended receiver originates a tunnel establishment request.
If both spokes reside behind NAT gateways, no tunnel can be established between them and
packets between them will be forwarded by a hub.