Solved: Thanks Rick - a good reminder

adamtodd16 · ‎12-09-2014

I'm currently in the process of a mass DMVPN deployment. Right now, we have a single HUB and a few sites are slated to have DUAL SPOKE.

HUB

Cisco 2951

Spoke

R1 - Cisco 2911

R2 - Cisco 2911

HSRP w/ IP SLA Tracking between R1 and R2

I have tunnels on each of the above Spoke Routers pointing to the Tunnel interface at the HUB. Traffic and EIGRP are working as expected on R1.

When R1 is rebooted, R2 takes over the virutal IP and becomes the active HSRP router; however, routes are removed from the HUB and R2 never learns about them / passes traffic.

HUB Config:

interface Tunnel0
description DMVPN Tunnel
ip address 172.16.1.1 255.255.255.0
no ip redirects
no ip next-hop-self eigrp 50
no ip split-horizon eigrp 50
ip nhrp authentication firewall
ip nhrp map multicast dynamic
ip nhrp network-id 1
tunnel source 1.1.1.1
tunnel mode gre multipoint
tunnel protection ipsec profile protect-gre

router eigrp 50
network 10.0.0.0
network 172.16.0.0
network 172.16.1.1 0.0.0.0
network 192.168.0.0
redistribute eigrp 11

SPOKE R1 Config

interface Tunnel0
description DMVPN Tunnel
ip address 172.16.1.17 255.255.255.0
no ip redirects
ip nhrp authentication firewall
ip nhrp map multicast dynamic
ip nhrp map multicast 1.1.1.1
ip nhrp map 172.16.1.1 1.1.1.1
ip nhrp network-id 1
ip nhrp nhs 172.16.1.1
ip virtual-reassembly in
tunnel source GigabitEthernet0/0
tunnel mode gre multipoint
tunnel protection ipsec profile protect-gre

interface GigabitEthernet0/1.17
description LAN
encapsulation dot1Q 17
ip address 10.96.17.253 255.255.255.0
ip access-group OUTBOUND in
ip flow ingress
ip flow egress
ip nat inside
ip virtual-reassembly in
standby 0 ip 10.96.17.254
standby 0 priority 110
standby 0 preempt
standby 0 track 1 decrement 20

router eigrp 50
network 10.96.17.0 0.0.0.255
network 172.16.1.17 0.0.0.0
network 192.168.17.0
redistribute static route-map STATICS

SPOKE R2 Config

interface Tunnel0
description DMVPN Tunnel
ip address 172.16.1.16 255.255.255.0
no ip redirects
ip nhrp authentication firewall
ip nhrp map multicast dynamic
ip nhrp map multicast 1.1.1.1
ip nhrp map 172.16.1.1 1.1.1.1
ip nhrp network-id 1
ip nhrp nhs 172.16.1.1
ip virtual-reassembly in
tunnel source GigabitEthernet0/0
tunnel mode gre multipoint
tunnel protection ipsec profile protect-gre

interface GigabitEthernet0/1.17
description LAN
encapsulation dot1Q 17
ip address 10.96.17.252 255.255.255.0
ip access-group OUTBOUND in
ip flow ingress
ip flow egress
ip nat inside
ip virtual-reassembly in
standby 0 ip 10.96.17.254
standby 0 preempt
standby 0 track 1 decrement 20

router eigrp 50
network 10.96.17.0 0.0.0.255
network 172.20.1.16 0.0.0.0

Richard Burts · ‎12-09-2014

The biggest issue that I see here is that on R2 there is no network statement in EIGRP to get the routing protocol to run over the tunnel. You need something that might look somewhat like this

network 172.16.1.16 0.0.0.0

HTH

Rick

HTH

Rick

View solution in original post

Richard Burts · ‎12-09-2014

The biggest issue that I see here is that on R2 there is no network statement in EIGRP to get the routing protocol to run over the tunnel. You need something that might look somewhat like this

network 172.16.1.16 0.0.0.0

HTH

Rick

HTH

Rick

adamtodd16 · ‎12-09-2014

Thanks Rick - a good reminder is that sometimes typing 172.20 instead of 172.16 can cause all kinds of pain! :)

Richard Burts · ‎12-09-2014

Yes sometimes it is those very small details that cause all kinds of pain and sometimes take a fresh pair of eyes to find. Glad I could help. Thank you for using the rating system to mark this question as answered.

HTH

Rick

HTH

Rick

DMVPN - HSRP - EIGRP Issues