02-12-2017 08:04 AM - edited 03-05-2019 08:01 AM
I have dual DMVPN clouds using EIGRP which is working fine. SiteB currently pushes all data and voice traffic across the primary DMVPN tunnel and I would like to push the voice traffic over the backup link and still retain failover to primary or backup for all traffic.
I use summary-addresses, distribute lists (both /16s) to control the routing tables on the far end and bandwidth to prefer one tunnel over the other. I tried adjusting both summary and distribute list (to 10.99.24.0/24) on the SiteB's backup tunnel without any luck. I could not get it to advertise a the single /24.
How can I route or prefer a single /24 in both directions over the backup link (DMVPN B)via the data center?
Site A: 10.100.11.0/24
Site B: 10.99.24.0/24
interface Tunnel1 (Backup)
bandwidth 7000
ip address 10.1.2.99 255.255.255.0
.....
ip summary-address eigrp 3500 10.99.0.0 255.255.0.0
interface Tunnel2 (Primary)
bandwidth 10000
ip address 10.1.1.99 255.255.255.0
...
ip summary-address eigrp 3500 10.99.0.0 255.255.0.0
router eigrp 3500
distribute-list 99 out Tunnel2
distribute-list 99 out Tunnel1
network 10.0.0.0
access-list 99 permit 10.99.0.0 0.0.255.255
Solved! Go to Solution.
02-12-2017 12:32 PM
Hi,
You can use the EIGRP summary-address leak-map feature to allow EIGRP to advertise a component subnet of the summary route as well as the summary route itself. For example on the backup DMVPN tunnel you would configure:
ip prefix-list EIGRP-LEAK permit 10.99.24.0/24
!
route-map EIGRP-LEAK permit 10
match ip address prefix-list EIGRP-LEAK
!
interface tunnel 1
ip summary-address eigrp 3500 10.99.0.0 255.255.0.0 leak-map EIGRP-LEAK
Hope this helps
02-12-2017 12:32 PM
Hi,
You can use the EIGRP summary-address leak-map feature to allow EIGRP to advertise a component subnet of the summary route as well as the summary route itself. For example on the backup DMVPN tunnel you would configure:
ip prefix-list EIGRP-LEAK permit 10.99.24.0/24
!
route-map EIGRP-LEAK permit 10
match ip address prefix-list EIGRP-LEAK
!
interface tunnel 1
ip summary-address eigrp 3500 10.99.0.0 255.255.0.0 leak-map EIGRP-LEAK
Hope this helps
02-12-2017 01:06 PM
Thanks, will try this out and report back.
I would have to do it the other way around to get 10.100.11.0/24 to advertise via that backup path too? If I didn't I assume I would end up asymmetric routing.
02-12-2017 01:12 PM
Yes, you will need to do the same on SiteA to advertise 10.100.11.0/24 as well as its summary route. This way both sites will prefer each other’s /24 prefixes over the backup DMVPN and then the shorter prefix summaries over the primary DMVPN in the event that the backup DMVPN is down
04-08-2017 11:42 AM
Hi Will
I finally got it working thanks to yours and Ciscos help.
SPOKE:
interface Tunnel1
bandwidth 7000
ip address 10.1.2.99 255.255.255.0
...
ip summary-address eigrp 3500 10.99.0.0 255.255.0.0 leak-map EIGRP-LEAK
!
route-map EIGRP-LEAK permit 10
match ip address prefix-list EIGRP-LEAK
!
ip prefix-list EIGRP-LEAK seq 5 permit 10.99.24.0/24
!
access-list 98 permit 10.99.24.0 0.0.0.255
access-list 98 permit 10.99.0.0 0.0.255.255
!
ip prefix-list PREFIX seq 15 permit 10.99.24.0/24
!
router eigrp 3500
distribute-list 99 out Tunnel2
distribute-list 98 out Tunnel1
..
eigrp stub connected summary leak-map LEAK
BACKUP-HUB#show ip eigrp top 10.99.24.0/24
EIGRP-IPv4 Topology Entry for AS(3555)/ID(10.100.2.10) for 10.99.24.0/24
State is Passive, Query origin flag is 1, 1 Successor(s), FD is 1600512
Descriptor Blocks:
10.1.2.99 (Tunnel1), from 10.1.2.99, Send flag is 0x0
...
CORE:
interface GigabitEthernet1/10/1
no switchport
ip address 10.10.2.20 255.255.255.0
ip summary-address eigrp 3500 10.10.0.0 255.255.0.0 leak-map VOICE-LEAK
ip prefix-list VOICE-LEAK seq 5 permit 10.10.5.0/2
route-map VOICE-LEAK permit 10
match ip address prefix-list VOICE-LEAK
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: