Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
886
Views
0
Helpful
2
Replies

DMVPN Hub-to-Hub + spokes scenario

rkendrick_2
Level 1
Level 1

‎03-23-2010 12:16 PM - edited ‎03-04-2019 07:54 AM

I am having issues getting HUB-to-HUB connectivity working.  As practice, I’m using the Hampton, VA hub site and the Atlanta, GA hub site.  (PLEASE DON'T CONFUSE this with Cisco dual-hub configurations)

I am able to get to work and EIGRP to route if I configure Atlanta as:

!
interface Tunnel1
  description (Spoke Tunnel)
  bandwidth 1500
  ip address 10.250.210.1 255.255.255.0
  no ip redirects
  ip mtu 1472
  ip nhrp authentication SPOKE
  ip nhrp map multicast dynamic
  ip nhrp network-id 10001
  ip nhrp holdtime 700
  ip nhrp max-send 65535 every 10
  ip nhrp cache non-authoritative
  ip tcp adjust-mss 1432
  no ip split-horizon eigrp 250
  load-interval 30
  delay 1000
  keepalive 10 7
  tunnel source 172.17.3.1
  tunnel mode gre multipoint
  tunnel key 10001
hold-queue 4096 in
  hold-queue 4096 out
!

!

interface Tunnel2

description (Global-Hub Tunnel)

bandwidth 1500

ip address 10.250.200.1 255.255.255.0

no ip redirects

ip mtu 1472

no ip next-hop-self eigrp 250 (is this needed?)

ip nhrp authentication GLOBAL

ip nhrp map multicast dynamic

ip nhrp network-id 10002

ip nhrp holdtime 700

ip nhrp max-send 65535 every 10

ip nhrp cache non-authoritative

ip tcp adjust-mss 1432

load-interval 30

delay 1000

keepalive 10 7

tunnel source 172.17.3.1

tunnel mode gre multipoint

tunnel key 10002

hold-queue 4096 in

hold-queue 4096 out

!

!
router eigrp 250
  redistribute static
network 10.250.200.0 0.0.0.255
  network 10.250.210.0 0.0.0.255
  no auto-summary
!
router bgp 1150
  no synchronization
  bgp log-neighbor-changes
  network 172.17.3.0 mask 255.255.255.252
  neighbor 172.17.3.2 remote-as 12000
  no auto-summary

…......... and Hampton, VA as:

!
interface Tunnel1
  bandwidth 1024
  ip address 10.250.250.1 255.255.255.0
  no ip redirects
  ip mtu 1472
  ip nhrp authentication SPOKHAM
  ip nhrp map multicast dynamic
  ip nhrp network-id 50001
  ip nhrp holdtime 700
  ip nhrp max-send 65535 every 10
  ip nhrp cache non-authoritative
  ip tcp adjust-mss 1432
  no ip split-horizon eigrp 250
  load-interval 30
  delay 1000
  keepalive 10 7
  tunnel source 172.17.3.25
  tunnel mode gre multipoint
  tunnel key 50001

  hold-queue 4096 in
  hold-queue 4096 out
!
!

interface Tunnel2

description (Global-Hub Tunnel)

bandwidth 1024

ip address 10.250.200.25 255.255.255.0

no ip redirects

ip mtu 1472

no ip next-hop-self eigrp 250

ip nhrp authentication GLOBAL

ip nhrp map multicast 172.17.3.1

ip nhrp map 10.250.200.1 172.17.3.1

ip nhrp network-id 10002

ip nhrp holdtime 700

ip nhrp nhs 10.250.200.1

ip tcp adjust-mss 1432

no ip split-horizon eigrp 250

delay 1000

qos pre-classify

keepalive 10 4

tunnel source 172.17.3.25

tunnel mode gre multipoint

tunnel key 10002

!

!
router eigrp 250
   network 10.250.200.0 0.0.0.255
  network 10.250.250.0 0.0.0.255
   network 172.22.250.25 0.0.0.0
  no auto-summary
!
router bgp 1750
  no synchronization
  bgp log-neighbor-changes
  network 172.17.3.24 mask 255.255.255.252
  neighbor 172.17.3.26 remote-as 12000
  no auto-summary
!
 

….BUT that Hampton Tunnel2 is basically making Hampton a spoke of Atlanta.  If I configure my other hub sites (Indiana and Washington) like the Hampton Tunnel above, they’ll be dependent on Atlanta being UP all the time in order to keep the 10.250.200.x DMVPN tunnel alive. 

Now… When I change the Hampton’s Tunnel2 to look like:

!

!

interface Tunnel2

bandwidth 1024

ip address 10.250.200.25 255.255.255.0

no ip redirects

ip mtu 1472

no ip next-hop-self eigrp 250 (is this needed?  It doesn’t work right even when removed)

ip nhrp authentication GLOBAL

ip nhrp map multicast dynamic

ip nhrp network-id 10002

ip nhrp holdtime 700

ip nhrp max-send 65535 every 10

ip nhrp cache non-authoritative

ip tcp adjust-mss 1432

no ip split-horizon eigrp 250

load-interval 30

delay 1000

qos pre-classify

keepalive 10 7

tunnel source 172.17.3.25

tunnel mode gre multipoint

tunnel key 10002

hold-queue 4096 in

hold-queue 4096 out

!

I get no EIGRP routes between Hampton and Atlanta which basically is saying it not working (I assume).

Both Atlanta and Hampton have spokes that utilize their respective Tunnel 1 interfaces.  The spokes are not meant to talk to other spokes BUT the HUBs can/should be fully meshed.

What am I doing wrong?  Thanx!

Labels:
0 Helpful
2 Replies 2

rkendrick_2
Level 1
Level 1

‎03-23-2010 12:23 PM

My IOS = c2800nm-adventerprisek9-mz.124-25c

0 Helpful

Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to rkendrick_2

‎03-23-2010 01:16 PM

Hello Rkendrick,

to connect the two hub routers you need to use something different from the DMVPN clouds themselves !!!

if the two devices are not connected via internal links you can use a distinct point-to-point GRE tunnel between them where you can run your routing protocol over it.

A term used in DMVPN context is daisy-chaining of hub routers

see

http://www.cisco.com/en/US/docs/ios/12_4t/12_4t11/ht_nhrp.html

and this networkers slides

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6525/ps9370/ps6658/prod_presentation0900aecd80313ca9.pdf

Hope to help

Giuseppe

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card