07-25-2019 12:09 AM
Hi,
My current setup =
2 DMVPN Phase 2 hubs (Hub1 & Hub2)
Single DMVPN Cloud
Multiple spoke sites with single tunnel(Tu0)
Requirement =
2 tunnels at spoke. 1 to each hub router (Tu0>Hub1 & Tu1>Hub2)
No change in DMVPN cloud
Goal =
Load some traffic on Hub2
Currently all traffic is flowing via Hub1 on account of EIGRP delay configured on Hub2.
Forward & reverse traffic is required to be symmetric.
Can i configure 2 tunnels tu0 & tu1 on spoke location to reach each of the tunnel on hub.
I can share some load on Hub2 by changing delay on Tu0 & using offset lists in outward direction.
Need your comments if this is feasible to do.
Thanks
Solved! Go to Solution.
07-25-2019 01:24 AM - edited 07-25-2019 01:26 AM
Hello Kapish2007,
your requirements are in conflict:
you would like to keep a single DMVPN cloud and at the same time use two different multipoint GRE Tunnels on spokes.
This is not feasible: the second MGRE Tunnel should use a different internal IP subnet managed by NHRP and a different NHRP server (on Hub2) and would qualify for a dual DMVPN cloud deployment.
Actually two interfaces either logical or physical cannot have an IP address in the same IP subnet ( an address overlapping error is generated by CLI parser and second command is rejected)
Because offset-list can be used inbound and outbound in EIGRP on current Hub1 and Hub2 you should be able to get some load balancing and symmetric paths also in the current setup.
Hope to help
Giuseppe
07-25-2019 01:24 AM - edited 07-25-2019 01:26 AM
Hello Kapish2007,
your requirements are in conflict:
you would like to keep a single DMVPN cloud and at the same time use two different multipoint GRE Tunnels on spokes.
This is not feasible: the second MGRE Tunnel should use a different internal IP subnet managed by NHRP and a different NHRP server (on Hub2) and would qualify for a dual DMVPN cloud deployment.
Actually two interfaces either logical or physical cannot have an IP address in the same IP subnet ( an address overlapping error is generated by CLI parser and second command is rejected)
Because offset-list can be used inbound and outbound in EIGRP on current Hub1 and Hub2 you should be able to get some load balancing and symmetric paths also in the current setup.
Hope to help
Giuseppe
07-25-2019 02:45 AM
Hi Giuseppe,
Thanks for your response.
You are right, i missed the part of config IP from same subnet onto 2 interfaces (phy/logical)
you were suggesting to use offset lists in both directions to load share with symmetric paths.
Can you elaborate more please?
07-25-2019 06:12 AM
Hello Kapish2007,
what I am going to suggest is valid only for routing between spokes and central site.
Spoke to spoke dynamic tunnel if permitted will not be influenced.
In DMVPN phase 2 the HUB routers in EIGRP need to keep the original next-hop in order to allow dynamic Spoke to Spoke to tunnels.
Let us focus on Central Site and two spokes.
Example:
Central Site IP subnets
10.10.10.0/24 should be preferred via Hub1
10.10.20.0/24 should be preferred via Hub2
Spoke Subnets
Spoke1 LAN is 10.20.20.0/24 spoke1 traffic should use Hub1 in upstream
Spoke2 LAN is 10.20.30.0/24 spoke2 traffic should use Hub2 in upstream
b)
You can use a prefix-list to match inbound spoke subnets
on Hub1:
ip prefix-list Spoke-Hub1-secondary permit 10.20.30.0/24
another prefix-list can be used for CS subnets to be made less preferred
ip prefix-list HQ-Hub1-secondary permit 10.10.20.0/24
router eigrp 100
offset-list prefix HQ-Hub1-secondary out 200 tunnel0
offset-list prefix Spoke-Hub1-secondary in 200 tunnel0
Where I have supposed you are using EIGRP 100 in classic mode and tunnel0 is your MGRE tunnel.
A similar setup with different IP subnets can be used on Hub2.
However, this does not provide symmetric path upstream / downstream. So this is an approximation.
Hope to help
Giuseppe
07-25-2019 07:05 PM
Thank you very much bro!
I was trying to avoid a major redesign in my customer network, looks like i will have to split the hubs into 2 clouds. No other way to achieve symmetric flows.
Cheers!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide