Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1511
Views
5
Helpful
2
Replies

DMVPN single cloud, dual hub - NHRP problem

sebastian.lemke
Level 1
Level 1

‎06-03-2013 08:35 AM - edited ‎03-04-2019 08:05 PM

Hi Experts,

I am trying to set up a DMVPN design with a single cloud and dual hub, routing via BGP.

Currently, both hub routers have the MPGRE tunnels (Tunnel0, NHRP ID 12345, Subnet 10.0.0.0/24) configured. To enable NHRP between the hub routers, I configured an additional tunnel via the LAN (Tunnel1, same NHRP ID, Subnet 10.2.0.0/30). The BGP neighborship is established via the LAN interfaces, not via Tunnel1.

HubA

interface Tunnel0

ip address 10.0.0.1 255.255.255.0

no ip redirects

ip mtu 1400

ip nhrp authentication KEY234

ip nhrp network-id 12345

ip nhrp holdtime 300

ip nhrp redirect

ip tcp adjust-mss 1360

tunnel source GigabitEthernet0/0

tunnel mode gre multipoint

tunnel key 12345

tunnel protection ipsec profile cisco

interface Tunnel1

ip address 10.2.0.1 255.255.255.252

no ip redirects

ip nhrp authentication KEY234

ip nhrp map 10.2.0.2 192.168.0.2

ip nhrp network-id 12345

ip nhrp holdtime 300

ip nhrp redirect

tunnel source GigabitEthernet0/1

tunnel mode gre multipoint

tunnel key 12345

HubB

interface Tunnel0

ip address 10.0.0.2 255.255.255.0

no ip redirects

ip mtu 1400

ip nhrp authentication KEY234

ip nhrp network-id 12345

ip nhrp holdtime 300

ip nhrp redirect

ip tcp adjust-mss 1360

tunnel source GigabitEthernet0/0

tunnel mode gre multipoint

tunnel key 12345

tunnel protection ipsec profile cisco

interface Tunnel1

ip address 10.2.0.2 255.255.255.252

no ip redirects

ip nhrp authentication KEY234

ip nhrp map 10.2.0.1 192.168.0.1

ip nhrp network-id 12345

ip nhrp holdtime 300

ip nhrp redirect

tunnel source GigabitEthernet0/1

tunnel mode gre multipoint

tunnel key 12345

In this setup, the dynamic spoke-to-spoke tunnels won't come up, it seems that the NHRP redirects are not working.

When I establish the BGP neighborship via Tunnel1, it all works fine.

Can you explain, why I have to use the Tunnel1 for BGP neighborship? Do I have any other option to get this working?

Labels:
0 Helpful
2 Replies 2

Jose Jara
Level 3
Level 3

‎06-05-2013 04:08 AM

Hi Sebastian,

as you are using two tunnels in the Hubs, you need a different network-id in each tunnel. One for the Hub-Spokes and another one for Hub to Hub tunnel. By the way, why are you using a tunnel between the Hubs ? I think it will be easier to have the BGP session between the Hubs via the LAN interface.

Best Regards,

Jose.

0 Helpful

sebastian.lemke
Level 1
Level 1
In response to Jose Jara

‎06-05-2013 05:41 AM

Hi Jose,

no, I have to configure the same NHRP network ID, since this is a Single Cloud - Dual Hub design. That means, boths hubs have to be linked together to share the same NHRP information for the DMVPN cloud.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card