Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
853
Views
0
Helpful
4
Replies

DMVPN 2 TUNNEL AND THO ROUTING PROTOCOL

BurakTutkun
Level 1
Level 1

‎06-28-2020 12:23 AM

hi all ;

 

i need your help, advice.

 

i have a topology that include 1 hq and 2 sites.  i have 2 dmvpn tunnel. one is belongs to primary link of isp(tunnel 100), other one is belongs to backup link of isp(tunnel 200). tunnel 100 is running bgp, tunnel 200 is running eigrp. my problem is; when a site primery link goes down for exm:site 1. there is asiymetric route. site 1 tun 200 running eigrp, is forwarding packet to hq , hq is forwarding packet to site 2 . but via bgp(tunnel 100) (because site 2 is running still bgp(primary link of tunnel run bgp). and bgp ad is lower. and first chosie.that ok. but) site 2 is forwarding packet to site 1 directly via tunnel 200. (that i want. but site 1 is not forward trafic to site 2. i want they comminicate directly. ). i cant solve this. please advice me or hand me.

Labels:
Preview file
24 KB
Preview file
17 KB
Preview file
35 KB
0 Helpful
4 Replies 4

Giuseppe Larosa
Hall of Fame
Hall of Fame

‎06-29-2020 12:07 AM

Hello @BurakTutkun ,

what you would like to achieve is not an easy task.

In order to have the spokes to be able to speak directly on the only available tunnel when the primary tunnel fails you need to ensure that all the configuration tricks are configured.

For EIGRP you need:

no ip eigrp X split-horizon

no ip eigrp X next-hop self

 

on the hub router under interface tunnel 200.

But even with these tricks configured the eBGP route would be preferred over the EIGRP route for its lower AD.

One possible way to avoid this comparison would be to put the two tunnels in two different VRFs on the hub site so that if the primary link fails on a spoke the other spoke uses the secondary tunnel.

But this is not enough.Two different VRFs should be used also on the spokes and this would make the solution really complex.

 

I would suggest you to consider if the current setup can be acceptable for you (this depends on the number of spokes in the real network).

 

Hope to help

Giuseppe

 

 

0 Helpful

BurakTutkun
Level 1
Level 1
In response to Giuseppe Larosa

‎06-29-2020 12:18 PM

hi,i will try with vrf. but i need to ask that its possible configure vrf only at hub site. one is for tunne 100 other one is tunnel 200 ? i
0 Helpful

BurakTutkun
Level 1
Level 1
In response to Giuseppe Larosa

‎06-29-2020 12:44 PM

hi, tunnel 100 is running bgp and primary isp link,eigrp running on tunnel 200 and secondary link(backup).normaly both link is up and tunnel 100 is running all traffic goes via tunnel 100. but problem is starting when one one of the sites primary link goes down. when primaty link goes down, for exp. site 1 , tunnel 200 is running . and forwarding traffic to hub. now i wait hub give site 2 nbma adress of the tunnel 200 . its normal for nhrp. but hq does not give site 2 nbma adress of tunnel 200. hq look the routing table . site 2 tunnel 100 is up and run bgp . for ad its forward traffic to site 2 via tunnel 1. untill now things okey. site 2 send a packet to site 1. packet goes to hq first for site 1 nbma of tunnel 200. its okey. hq gives the adress and site 2 setup a tunnel with site 1 directly. when i look at the site 1 routing table i cant see any route entry for site 2 networks. site 1 see only default route from hq. but site 2 see site 1 network advertisements. when i shut the interface of the site 1 primary link. all comminications is normal. and i can see site 2 networks on the aite 1 routing table. i think promlem is when site 1 primary link goes down. hq see site 1 networks from eigrp, site 2 network from bgp. site 1 send a packet to site . packet come to hq and hq know the networks on the site 2 from bgp. but site 2 send a packet to site 1 . packet come to hq. hq know networks on site 1 from eigrp. because site 1 bgp is down. there is a contrast.
0 Helpful

_|brt.drml|_
Level 1
Level 1

‎06-29-2020 06:08 AM

So, each site has two tunnels connected to the isp.

Each having a Tunnel with BGP en a Tunnel based on EIGRP. You probably wan't to select the EIGRP as main...

So I understand that a tunnel goes down from a site, you HQ is sending out suddenly via the wrong Tunnel?...

 

To reach site 1, it is only able via the BGP tunnel to Site 2?

That is as far I understand correct behavior... But perhaps creating a fixed route with a higher AD can solve the issue.

It floats around until the tunnel goes down. You configure it to use the still active Tunnel if it is there.

 

I hope this is a good idea for you.

 

 

 

 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card