cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
705
Views
4
Helpful
3
Replies

DMVPN over OSPF loop condition

hacizeynal
Level 1
Level 1

Hi experts ,I was watching DMVPN over OSPF with Brian McGahan ,CCIE R&S ATC v5 ,in video he mentions conditions for loop ,in 12:00-13:00 min  ,I dont understand how can it happen ? anyone who has access to this video can comment on ? I have created gns3 topology ,we can share the details if you can ,

 

Thanks a lot !

1 Accepted Solution

Accepted Solutions

Hi,

Here an example:

Suppose a DMVPN in Phase 1 or 2 (without nhrp redirect and shortcut).

Put the following on the hub:

router ospf 1
default-information originate always

And on the spoke R5:

access-list 1 permit 0.0.0.0
router ospf 1
distribute-list 1 in

Then advertise one loopback of R3 (ex: 3.3.3.3 ) in ospf.

If the dmvpn (tunnel) link of R3 goes down, R5 will propagate the route to 3.3.3.3 to the hub but not install on the routing table because of the filter, only the default route will be available on R5 by ospf. This will cause a loop on the data panel: R5 "thinks" that 3.3.3.3 is through the hub and the hub "thinks" that 3.3.3.3 is through R5.

For DMVPN environment is better to use EIGRP or BGP - you can filter and summarize wherever you want.

In OSPF the DMVPN network is one subnet so must belong to the same area, you cannot summarize inside an area and if a link is flapping all the routers must calculate the SPF algorithm.

I hope this brief example has helped you.

Best Regards,

Pedro Lereno

View solution in original post

3 Replies 3

Peter Paluch
Cisco Employee
Cisco Employee

Hi,

I don't think I can access the video but can you somehow try to at least explain the topology and the general idea Mr. McGahan mentioned that could lead to an OSPF routing loop? That is, quite frankly, surprising. I am not saying it is impossible but certainly, it's not a common scenario.

Best regards,
Peter

I have uploaded the topology ,he says that it is possible that if we inject default route from Hub to spokes and filter just default from spokes and there is alternative path to hub from spokes ,it can create loop .

Hi,

Here an example:

Suppose a DMVPN in Phase 1 or 2 (without nhrp redirect and shortcut).

Put the following on the hub:

router ospf 1
default-information originate always

And on the spoke R5:

access-list 1 permit 0.0.0.0
router ospf 1
distribute-list 1 in

Then advertise one loopback of R3 (ex: 3.3.3.3 ) in ospf.

If the dmvpn (tunnel) link of R3 goes down, R5 will propagate the route to 3.3.3.3 to the hub but not install on the routing table because of the filter, only the default route will be available on R5 by ospf. This will cause a loop on the data panel: R5 "thinks" that 3.3.3.3 is through the hub and the hub "thinks" that 3.3.3.3 is through R5.

For DMVPN environment is better to use EIGRP or BGP - you can filter and summarize wherever you want.

In OSPF the DMVPN network is one subnet so must belong to the same area, you cannot summarize inside an area and if a link is flapping all the routers must calculate the SPF algorithm.

I hope this brief example has helped you.

Best Regards,

Pedro Lereno

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco