06-02-2011 10:50 PM - edited 03-04-2019 12:36 PM
Dear All,
We have DMVPN in our network with 1 hub and 3 spokes.When hub goes down spoke2 and spoke3 link doesnt goes down but
spoke 1 to spoke3 link goes down and spoke1 to spoke2 we have site to site VPN so doesnt goes down when hub is
down.
I want to know why spoke2 and spoke3 link is up when hub is down?
Also we have configured static routes between spoke2 to spoke3 with next hop as tunnel ips of both the location.So is this the reason?and if so then how tunnel IPs are getting in routing table of spoke2 and spok3?
Abhisar.
Solved! Go to Solution.
06-06-2011 03:49 AM
Hello Abhishar,
you have answered yourself your question: the key point is NHRP once the mapping of private address to public addres is done wiith static routes the spoke to spoke tunnel survives to HUB out of service. Dynamic routing would fail as it goes always via the HUB (vertical links to hub) and not over the dynamic spoke to spoke tunnel.
This is by design in DMVPN
Hope to help
Giuseppe
06-03-2011 04:12 AM
Hi Abhisar,
Can you please provide the relevant configs and ouputs from these routers?
And, are you able to reach (ping) from Site 2 to Site 3 in case of hub failure though the tunnels are up?
Regards...
-Ashok.
06-03-2011 04:18 AM
Hi Ashok.
Thanks for your reply..
I got the answer, the concept behind this, is..
If you are using dynamic routing protocol inside the tunnels, you will loose your routes once the Hub failed so there is nothing you can do, spoke-2-spoke communication is lost.
If you are using static routing and If the spoke already has a NHRP entry before the hub failed, it will use it. But if the remote spoke public address changed in the meantime, it will not work as there is no HUB to answer to the NHRP resolution request.
Abhisar.
06-06-2011 03:49 AM
Hello Abhishar,
you have answered yourself your question: the key point is NHRP once the mapping of private address to public addres is done wiith static routes the spoke to spoke tunnel survives to HUB out of service. Dynamic routing would fail as it goes always via the HUB (vertical links to hub) and not over the dynamic spoke to spoke tunnel.
This is by design in DMVPN
Hope to help
Giuseppe
06-06-2011 04:46 AM
Thanks Giuseppe,
Ya I got the concept now.Also if you have any doc or link about DMVPN concepts, can please share here.
Abhisar.
06-06-2011 12:34 PM
Hello Abhisar,
the solution reference network design is a good document about DMVPN
see
http://www.cisco.com/en/US/docs/solutions/Enterprise/WAN_and_MAN/DMVPDG.html
also networkers slides, even of some years ago, are a very good source of information.
Hope to help
Giuseppe
06-06-2011 11:09 PM
Thanks Giuseppe.
I will get back toy you, for further issues regarding DMVPN.
Abhisar.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide