cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
344
Views
0
Helpful
4
Replies

Force voice traffic over backup link EIGRP and DMVPN

the-lebowski
Level 4
Level 4

I have dual DMVPN clouds using EIGRP which is working fine.  SiteB currently pushes all data and voice traffic across the primary DMVPN tunnel and I would like to push the voice traffic over the backup link and still retain failover to primary or backup for all traffic.     

I use summary-addresses, distribute lists (both /16s) to control the routing tables on the far end and bandwidth to prefer one tunnel over the other. I tried adjusting both summary and distribute list (to 10.99.24.0/24) on the SiteB's backup tunnel without any luck.   I could not get it to advertise a the single /24.  

How can I route or prefer a single /24 in both directions over the backup link (DMVPN B)via the data center?  

Site A: 10.100.11.0/24 

Site B: 10.99.24.0/24  

interface Tunnel1 (Backup)
bandwidth 7000
ip address 10.1.2.99 255.255.255.0
.....
ip summary-address eigrp 3500 10.99.0.0 255.255.0.0

interface Tunnel2 (Primary)
bandwidth 10000
ip address 10.1.1.99 255.255.255.0
...
ip summary-address eigrp 3500 10.99.0.0 255.255.0.0


router eigrp 3500
distribute-list 99 out Tunnel2
distribute-list 99 out Tunnel1
network 10.0.0.0

access-list 99 permit 10.99.0.0 0.0.255.255

1 Accepted Solution

Accepted Solutions

willwetherman
Spotlight
Spotlight

Hi,

You can use the EIGRP summary-address leak-map feature to allow EIGRP to advertise a component subnet of the summary route as well as the summary route itself. For example on the backup DMVPN tunnel you would configure:

ip prefix-list EIGRP-LEAK permit 10.99.24.0/24

!

route-map EIGRP-LEAK permit 10

 match ip address prefix-list EIGRP-LEAK

!

interface tunnel 1

 ip summary-address eigrp 3500 10.99.0.0 255.255.0.0 leak-map EIGRP-LEAK

 

Hope this helps

View solution in original post

4 Replies 4

willwetherman
Spotlight
Spotlight

Hi,

You can use the EIGRP summary-address leak-map feature to allow EIGRP to advertise a component subnet of the summary route as well as the summary route itself. For example on the backup DMVPN tunnel you would configure:

ip prefix-list EIGRP-LEAK permit 10.99.24.0/24

!

route-map EIGRP-LEAK permit 10

 match ip address prefix-list EIGRP-LEAK

!

interface tunnel 1

 ip summary-address eigrp 3500 10.99.0.0 255.255.0.0 leak-map EIGRP-LEAK

 

Hope this helps

Thanks, will try this out and report back.  

I would have to do it the other way around to get 10.100.11.0/24 to advertise via that backup path too?  If I didn't I assume I would end up asymmetric routing.  

Yes, you will need to do the same on SiteA to advertise 10.100.11.0/24 as well as its summary route. This way both sites will prefer each other’s /24 prefixes over the backup DMVPN and then the shorter prefix summaries over the primary DMVPN in the event that the backup DMVPN is down

Hi Will

I finally got it working thanks to yours and Ciscos help.  

  1. I had another prefix-list I was using to send a clean routing table to the downstream router behind the spoke.  I had to add the specific route to that list to get it to advertise correctly.
  2.  Add the necessary subnets to the distribute list to EIGRP on the spoke.  
  3. Add route-map and it add it summary-address on CORE behind primary HUB to prefer secondary HUB path

SPOKE:
interface Tunnel1
bandwidth 7000
ip address 10.1.2.99 255.255.255.0
...
 ip summary-address eigrp 3500 10.99.0.0 255.255.0.0 leak-map EIGRP-LEAK
!
route-map EIGRP-LEAK permit 10
match ip address prefix-list EIGRP-LEAK
!
ip prefix-list EIGRP-LEAK seq 5 permit 10.99.24.0/24
!
access-list 98 permit 10.99.24.0 0.0.0.255
access-list 98 permit 10.99.0.0 0.0.255.255
!
ip prefix-list PREFIX seq 15 permit 10.99.24.0/24
!
router eigrp 3500
distribute-list 99 out Tunnel2
distribute-list 98 out Tunnel1
..
 eigrp stub connected summary leak-map LEAK

BACKUP-HUB#show ip eigrp top 10.99.24.0/24
EIGRP-IPv4 Topology Entry for AS(3555)/ID(10.100.2.10) for 10.99.24.0/24
State is Passive, Query origin flag is 1, 1 Successor(s), FD is 1600512
Descriptor Blocks:
10.1.2.99 (Tunnel1), from 10.1.2.99, Send flag is 0x0
...

CORE:
interface GigabitEthernet1/10/1
no switchport
ip address 10.10.2.20 255.255.255.0
ip summary-address eigrp 3500 10.10.0.0 255.255.0.0 leak-map VOICE-LEAK

ip prefix-list VOICE-LEAK seq 5 permit 10.10.5.0/2
route-map VOICE-LEAK permit 10
match ip address prefix-list VOICE-LEAK
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: