cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1092
Views
10
Helpful
11
Replies

DMVPN Single Cloud Dual Hub - Failover from one hub to another

Hello community,

I have a question regarding DMVPN Phase 3 Single Cloud,  that is one tunnel interface for all routers) configuration with redundant hubs. Specifically, how do you achieve failover from the primary hub to the secondary hub ? 



In my scenario routers vIOS1 and vIOS5 are hubs, and vIOS2 and vIOS3 are spokes. OSPF is being run on the tunnel interfaces, and the spokes have priority 0 to make sure they never become DRs. Spoke to spoke traffic works as expected for DMVPN phase3. As I have mentioned there is only single DMVPN cloud so there is one tunnel per router. 

However, after I clear the dynamic tunnels on the spokes and shutdown the tunnel interface on vIOS1 ( to simulate a failure of the hub), the spokes don't failover immediately to the other hub vIOS5. When they eventually do failover, it is only when 1/3 of the NHRP holdtime expires and the spokes don't receive replies to the NHRP Registration Requests. By default, that can mean up to 2400 seconds for the default value of the timers.

Is there any other way to make the switchover from one hub to another other than that ? 
I have searched this forum and Cisco documentation but could not find an answer for this .

Version on all routers is the following. As you may have guessed, this is a GNS3 lab topology.

R5#show version
Cisco IOS Software, IOSv Software (VIOS-ADVENTERPRISEK9-M), Version 15.5(3)M, RELEASE SOFTWARE (fc1)

 

Topology and router configuration can be found below. 

DMVPN.JPG

 

 

 
### R1 - Hub ###

R1#show run int tu123
Building configuration...

Current configuration : 351 bytes
!
interface Tunnel123
 ip address 10.10.123.1 255.255.255.248
 no ip redirects
 ip nhrp map multicast dynamic
 ip nhrp network-id 123
 ip nhrp nhs 10.10.123.5 nbma 150.10.45.5 multicast
 ip nhrp redirect
 ip ospf network broadcast
 ip ospf 1 area 0
 tunnel source GigabitEthernet0/0.100
 tunnel mode gre multipoint
 tunnel key 123
end
### R2 - Spoke ###

R2#show run int tu123 Building configuration... Current configuration : 482 bytes ! interface Tunnel123 ip address 10.10.123.2 255.255.255.248 no ip redirects ip nhrp map 10.10.123.1 150.10.14.1 ip nhrp map multicast 150.10.14.1 ip nhrp map 10.10.123.5 150.10.45.5 ip nhrp map multicast 150.10.45.5 ip nhrp network-id 123 ip nhrp nhs 10.10.123.1 ip nhrp nhs 10.10.123.5 ip nhrp shortcut ip ospf network broadcast ip ospf priority 0 ip ospf 1 area 0 tunnel source GigabitEthernet0/0.100 tunnel mode gre multipoint tunnel key 123 end
### R3 - Spoke ###

R3#show run int tu123 Building configuration... Current configuration : 392 bytes ! interface Tunnel123 ip address 10.10.123.3 255.255.255.248 no ip redirects ip nhrp network-id 123 ip nhrp nhs 10.10.123.1 nbma 150.10.14.1 multicast ip nhrp nhs 10.10.123.5 nbma 150.10.45.5 multicast ip nhrp shortcut ip ospf network broadcast ip ospf priority 0 ip ospf 1 area 0 tunnel source GigabitEthernet0/0.100 tunnel mode gre multipoint tunnel key 123 end
### R5 - Hub ###

R5#show run int tu123 Building configuration... Current configuration : 351 bytes ! interface Tunnel123 ip address 10.10.123.5 255.255.255.248 no ip redirects ip nhrp map multicast dynamic ip nhrp network-id 123 ip nhrp nhs 10.10.123.1 nbma 150.10.14.1 multicast ip nhrp redirect ip ospf network broadcast ip ospf 1 area 0 keepalive 5 3 tunnel source GigabitEthernet0/0.100 tunnel mode gre multipoint tunnel key 123 end

 

11 REPLIES 11
Georg Pauwen
VIP Master

Hello,

 

you could change the 'ip nhrp registration timeout' to a low value (1 second is the lowest). That said, typically you would configure two tunnels on each spoke, one to each hub.