Intelligent wide area network (IWAN)

What is claimed is: 1. A method comprising: maintaining, by a device, one or more tunnel-based overlays for a communication network for each application of a plurality of applications, wherein the communication network comprises two or more physical provider networks; maintaining, by the device, a mapping between a particular application of a plurality applications and the one or more tunnel-based overlays for the communication network; adjusting, by the device, the mapping between the particular application and the one or more tunnel-based overlays for the communication network, wherein adjusting the mapping between the particular application and the one or more tunnel-based overlays for the communication network comprises: receiving, at the device, an indication that an endpoint for the particular application is migrating from a first network domain to a second network domain, wherein the second network domain is a different network than the first network domain; and dynamically adjusting, in response to receiving the indication, routing information associated with the particular application to cause traffic for the particular application to be routed to the second network domain; causing, by the device, one or more routers in the communication network to route the traffic for the particular application according to the adjusted mapping between the particular application and the one or more tunnel-based overlays for the communication network; and causing, by the device, a particular router of the one or more routers to maintain 1) a global virtual routing and forwarding (VRF) instance for user traffic routing and 2) one or more separate VRF instances corresponding to each interface of the two or more physical provider networks for tunnel establishment. 2. The method as in claim 1 , wherein the mapping between the particular application and the one or more tunnel-based overlays for the communication network comprises: an enterprise network address associated with the particular application that is within an enterprise address space. 3. The method as in claim 2 , wherein the routing information comprises routing information for the enterprise network address that comprises one or more addresses that are within address spaces of the two or more physical provider networks. 4. The method as in claim 1 , wherein the first and second network domains correspond to separate data centers, virtual private data centers, or Internet as a service (IaaS) providers. 5. The method as in claim 1 , wherein causing the particular router to maintain the global VRF instance and the one or more separate VRF instances comprises: causing, by the device, the particular router to maintain the global VRF instance and a front door VRF (fVRF) instance. 6. The method as in claim 1 , wherein adjusting the mapping between the particular application and the one or more tunnel-based overlays for the communication network comprises: determining, by the device, that the traffic for the particular application should be routed via a different one of the two or more physical provider networks; and causing, by the device, the routing information to be adjusted to route the traffic for the particular application via the second network domain. 7. The method as in claim 6 , wherein determining that the traffic for the particular application should be routed via a different one of the two or more physical provider networks comprises: receiving, at the device, one or more performance metrics associated with the traffic for the particular application. 8. The method as in claim 1 , wherein causing the one or more routers in the communication network to route traffic for the particular application according to the adjusted mapping between the particular application and the one or more tunnel-based overlays for the communication network comprises: providing, by the device, one or more policies to the one or more routers, wherein the one or more routers make routing decisions for the traffic for the particular application according to the one or more policies. 9. The method as in claim 1 , wherein a first of the two or more physical provider networks comprises a multiprotocol label switching (MPLS) network, an Internet service provider (ISP) network, a cellular network, or a metropolitan-area Ethernet (Metro-E) network, and wherein a second of the two or more physical provider networks comprises an MPLS network, an ISP network, a cellular network, or a Metro-E network. 10. An apparatus, comprising: one or more network interfaces to communicate with a communication network; a processor coupled to the one or more network interfaces and configured to execute a process; and a memory configured to store the process, the process when executed operable to: maintain one or more tunnel-based overlays for the communication network for each application of a plurality of applications, wherein the communication network comprises two or more physical provider networks; maintain a mapping between a particular application of the plurality of applications and the one or more tunnel-based overlays for the communication network; adjust the mapping between the particular application and the one or more tunnel-based overlays for the communication network, wherein the apparatus adjusts the mapping between the particular application and the one or more tunnel-based overlays for the communication network by: receiving an indication that an endpoint for the particular application is migrating from a first network domain to a second network domain, wherein the second network domain is a different network than the first network domain; and dynamically adjusting, in response to receiving the indication, routing information associated with the particular application to cause traffic for the particular application to be routed to the second network domain; cause one or more routers in the communication network to route the traffic for the particular application according to the adjusted mapping between the particular application and the one or more tunnel-based overlays for the communication network; and cause a particular router of the one or more routers to maintain 1) a global virtual routing and forwarding (VRF) instance for user traffic routing and 2) one or more separate VRF instances corresponding to each interface of the two or more physical provider networks for tunnel establishment. 11. The apparatus as in claim 10 , wherein the mapping between the particular application and the one or more tunnel-based overlays for the communication network comprises: an enterprise network address associated with the particular application that is within an enterprise address space. 12. The apparatus as in claim 11 , wherein the routing information comprises routing information for the enterprise network address that comprises one or more addresses that are within address spaces of the two or more physical provider networks. 13. The apparatus as in claim 10 , wherein the first and second network domains correspond to separate data centers, virtual private data centers, or Internet as a service (IaaS) providers. 14. The apparatus as in claim 10 , wherein the apparatus causes the particular router to maintain the global VRF instance and the one or more separate VRF instances by: causing the particular router to maintain the global VRF instance and a front door VRF (fVRF) instance. 15. The apparatus as in claim 10 , wherein the apparatus adjusts the mapping between the particular application and the one or more tunnel-based overlays for the communication network by: deter