We have two IPsec VPN tunnels (over the public network) to a VPC in AWS. Each tunnel has one BGP session. Our router is a Cisco 3925E. Under load (not necessarily excessive), the BGP sessions are often flapping (hold time expired). I've already tried to play with the keepalive / hold time parameters but without any success
I described that a Virtual Private Network(VPN) encrypts and protects your identity, location and data. It isn’t totally secure, but a VPN gives you a way to reduce the tracking of your internet activities. Here is How does a VPN work and how they cisco - BGP over IPsec: session flapping - Network We have two IPsec VPN tunnels (over the public network) to a VPC in AWS. Each tunnel has one BGP session. Our router is a Cisco 3925E. Under load (not necessarily excessive), the BGP sessions are often flapping (hold time expired). I've already tried to play with the keepalive / hold time parameters but without any success Cookbook | FortiGate / FortiOS 6.2.0 | Fortinet
VPN labels The idea: Use a label to identify the next-hop at the remote PE. Also called VPN label. The label is distributed by BGP, along with the VPN-IP address. Traffic will carry two labels, the VPN label and the LSP label. The remote PE makes the forwarding decision based on the VPN label.
BGP-Based VPN - TechLibrary - Juniper Networks
VPN Policy: Name: IP Address: Subnet Mask: Management: On the Advanced tab, enable Enable Asymmetric Route Support option, then click OK. Repeat this procedure for the second tunnel interface. Configure BGP. Next you will need to enable Advanced Routing and BGP and then configure BGP …
IPSec VPN with Dynamic Routing / Mikrotik and Cisco This example shows how to setup an IPSec VPN using dynamic routing protocol (RIP), it can be used with another protocol. In this example you can find a setup between Mikrotik and Cisco routers, but it can be done just between Mikrotik routers, but to be more colorfull I decided to use Mikrotik and Cisco.