Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
798
Views
5
Helpful
3
Replies

Internet Breakout on DMVPN configuration

Jonnyballgame34
Level 1
Level 1

‎03-23-2017 01:52 PM - edited ‎03-05-2019 08:14 AM

Greetings,

I've been doing some new dmvpn deployments with a standard configuration template that was given to me.  The site has 2 DMVPN tunnels going to two hubs.  What I'm having trouble understanding is whether the internet traffic to places like Office 365 and other vendors is transversing the tunnels through the hubs directly or breaking out.  

I thought the internet traffic should be going directly out, but I can't find the part in the configuration that manages that..I've attached a config as an example, but as much as anything else I'd be happy if someone could recommend a good source for reading about breakouts and how they are configured.  I have not had much luck finding anything.  Any input would be appreciated.  

Thanks

Labels:
Preview file
13 KB
0 Helpful
3 Replies 3

Jon Marshall
Hall of Fame
Hall of Fame

‎03-23-2017 03:51 PM

I should say that I am no expert on DMVPN but as far as I understand it by default internet traffic will be sent locally unless you tell it otherwise. The reason for this is the default route on the spoke which points to the ISP router so any traffic for which there is not a specific EIGRP route (in your case) received via the tunnel will be sent to the ISP ie. local internet.

The extra configuration is needed when you want all traffic, including internet, to go via the hub because then you need two default routes. The first points to the ISP router because without that the tunnel can't be built. But then you also need to send a default route from the hub down the tunnel so all traffic is sent via the tunnel interface and there is no local breakout.

You achieve this by using VRFs which gives you the ability to have two default routes, one in a VRF and one in the global routing table. If you do a search on DMVPN and VRFs you should find some examples.

As I say I am no expert on DMVPN but hopefully some of that has helped and hopefully others will add to this.

Jon

Jonnyballgame34
Level 1
Level 1
In response to Jon Marshall

‎04-13-2017 09:39 AM

Hi Jon,

I apologize, I just realized I never took the time to thank you for looking at my question.  Have a good holiday weekend

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame
In response to Jonnyballgame34

‎04-13-2017 10:05 AM

No need to apologise but thanks anyway :)

Have a good holiday weekend as well.

Jon

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card