BGP across DMVPN Tunnels

Brian Green · ‎09-08-2015

Hello,

I currently have, in a lab environment, 2 routers (a 2921 and a 3945) that establish a DMVPN tunnel between them. Externally, statics are used to define the next hop to eventually reach the other end and establish the DMVPN. BGP is supposed to advertise the routes within the Tunnel to the other end - that's where I'm having problems. I have a basic BGP configuration on both ends, using Passive connection as the transport-mode (as, for scalability, the spoke is part of a peer-group), but show bgp neighbor doesn't show me anything. Both the external link and the DMVPN tunnel are inside VRFs - not the same one.

Both the Hub & Spoke router are in different Autonomous Systems, and have different router-id values (I've used their internal IP Address for that).

As you may have guessed, I'm not a BGP expert - I'm picking this up as I go. Any idea what I could be missing?

Thanks,

Brian

paul driver · ‎09-08-2015

Hello

can you post the configuration for this please?

res

paul

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Brian Green · ‎09-08-2015

Basic Config:

HUB:

GigabitEthernet0/0

9.9.9.1 255.255.255.0

vrf OUTER

GigabitEthernet0/1

10.10.10.1 255.255.255.0

vrf INNER

DMVPNTunnelInterface

2.1.1.1 255.255.255.0

vrf INNER

SPOKE:

GigabitEthernet0/0

8.8.8.1 255.255.255.0

vrf OUTER

GigabitEthernet0/1

10.10.1.10 255.255.255.0

vrf INNER

DMVPNTunnelInterface

2.1.1.10 255.255.255.0

vrf INNER

When the Interface for the DMVPN is brought up, the router connect over vrf OUTER, the SPOKE using interface 8.8.8.1 to connect to 9.9.9.1 Once the DMvPN shows as UP, the SPOKE can ping to the HUB`s DMVPN address on vrf INNER – ping vrf INNER 2.1.1.10 and vice versa.
HUB:

router bgp 61100

bgp router-id 10.10.10.1

bgp log-neighbor-changes

bgp deterministic-med

bgp listen-range 2.1.1.0/24 peer-group SPOKES

bgp listen limit 1000

bgp graceful-restart restart-time 120

bgp graceful-restart stalepath-time 360

bgp graceful-restart

bgp redistribute-internal

address-family ipv4 vrf OUTER

redistribute static

exit-address-family

!

address-family ipv4 vrf INNER

network 10.10.10.0 mask 255.255.255.0

redistribute connected

redistribute static

neighbor SPOKES peer-group

neighbor SPOKES transport connection-mode passive

neighbor SPOKES version 4

neighbor SPOKES timers 10 60

neighbor SPOKES send-community both

neighbor SPOKES route-reflector-client

neighbor SPOKES next-hop-self

default-information originate

exit-address-family

SPOKE:

router bgp 61500

bgp router-id 10.10.1.10

no bgp fast-external-failover

bgp log-neighbor-changes

bgp deterministic-med

bgp graceful-restart restart-time 120

bgp graceful-restart stalepath-time 360

bgp graceful-restart

bgp redistribute-internal

neighbor 2.2.2.1 remote-as 61100

!

address-family vpnv4

exit-address-family

!

address-family ipv4 vrf INNER

network 10.10.1.0 mask 255.255.255.0

neighbor 2.1.1.1 remote-as 61100

neighbor 2.1.1.1 transport path-mtu-discovery

neighbor 2.1.1.1 transport connection-mode passive

neighbor 2.1.1.1 update-source DMVPNTunnelInterface

neighbor 2.1.1.1 version 4

neighbor 2.1.1. 1 timers 10 60

neighbor 2.1.1.1 activate

neighbor 2.1.1.1 send-community

neighbor 2.1.1.1 soft-reconfiguration inbound

exit-address-family