Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
672
Views
10
Helpful
9
Replies

Need suppport in DMVPN with OSPF and cluster

Hisoma Sama
Level 1
Level 1

‎07-12-2018 12:52 AM - edited ‎03-05-2019 10:45 AM

Greeting

 

I am trying to build DMVPN MPLS ( it will be L2VPN MPLS ) i dont know if it will make a difference but im using L2 switch from GNS3 it should be the same i guess since the isp im using will not provide L3 or VRF's anyway, my plan to do 2 main Hubs if one fail the other will act as main, in case the whole site fail i want them to redirect to the disaster recovery site until the main site back up then it will redirect again to the main site. but somehow its not working as it should

the issue im facing

ospf taking along time to come up even with "ip ospf dead-interval" and it dont do the fail-over as i mentioned above.

here's my current configs

 

Hub 1

 

interface GigabitEthernet0/0/0
 ip address 10.255.255.1 255.255.255.0
 negotiation auto
end

 

interface Tunnel10
 bandwidth 1000
 ip address 172.30.10.1 255.255.255.0
 no ip redirects
 ip mtu 1400
 ip nhrp map multicast dynamic
 ip nhrp network-id 10
 ip nhrp holdtime 10
 ip nhrp registration timeout 3
 ip nhrp redirect
 ip tcp adjust-mss 1360
 ip ospf network point-to-multipoint
 ip ospf dead-interval minimal hello-multiplier 4
 ip ospf 1 area 10
 keepalive 10 3
 tunnel source GigabitEthernet0/0/0
 tunnel mode gre multipoint
 tunnel key 10
 end

 

Hub 2

 

interface GigabitEthernet0/0/0
 ip address 10.255.255.2 255.255.255.0
 negotiation auto
end

 

interface Tunnel10
 bandwidth 1000
 ip address 172.30.10.2 255.255.255.0
 no ip redirects
 ip mtu 1400
 ip nhrp map multicast dynamic
 ip nhrp network-id 10
 ip nhrp holdtime 10
 ip nhrp registration timeout 3
 ip nhrp redirect
 ip tcp adjust-mss 1360
 ip ospf network point-to-multipoint
 ip ospf dead-interval minimal hello-multiplier 4
 ip ospf 1 area 10
 keepalive 10 3
 tunnel source GigabitEthernet0/0/0
 tunnel mode gre multipoint
 tunnel key 10
 end

 

Site-X

interface GigabitEthernet0/0/0
ip address 10.255.255.11 255.255.255.0
negotiation auto
end

 

interface Tunnel10
  ip address 172.30.10.x 255.255.255.0
 no ip redirects
 ip mtu 1400
 ip nhrp map 172.30.10.1 10.255.255.1
 ip nhrp map 172.30.10.2 10.255.255.2
 ip nhrp map multicast 10.255.255.1
 ip nhrp map multicast 10.255.255.2
 ip nhrp map 172.30.10.5 10.255.255.5
 ip nhrp map multicast 10.255.255.5
 ip nhrp network-id 10
 ip nhrp holdtime 10
 ip nhrp nhs 172.30.10.2 priority 2 cluster 1
 ip nhrp nhs 172.30.10.5 priority 3 cluster 1
 ip nhrp nhs 172.30.10.1 cluster 1
 ip nhrp nhs cluster 1 max-connections 10
 ip nhrp nhs fallback 60
 ip nhrp registration timeout 3
 ip nhrp shortcut
 ip tcp adjust-mss 1360
 ip ospf network point-to-multipoint
 ip ospf dead-interval minimal hello-multiplier 4
 ip ospf 1 area 10
 keepalive 10 3
 cdp enable
 tunnel source GigabitEthernet0/0/0
 tunnel mode gre multipoint
 tunnel key 10
 end

 

 

 

 

 

  dmvpn ospf.png

 

im appreciating any help in this matter

Labels:
0 Helpful
9 Replies 9

Georg Pauwen
VIP
VIP

‎07-12-2018 01:30 AM

Hello, 

 

change the OSPF network type to broadcast and adjust the priority on the hubs and the spoke (changes marked in bold):

 

Hub 1

 

interface GigabitEthernet0/0/0
ip address 10.255.255.1 255.255.255.0
negotiation auto
end

 

interface Tunnel10
bandwidth 1000
ip address 172.30.10.1 255.255.255.0
no ip redirects
ip mtu 1400
ip nhrp map multicast dynamic
ip nhrp network-id 10
ip nhrp holdtime 10
ip nhrp registration timeout 3
ip nhrp redirect
ip tcp adjust-mss 1360
ip ospf network broadcast
ip opsf priority 255
ip ospf dead-interval minimal hello-multiplier 4
ip ospf 1 area 10
keepalive 10 3
tunnel source GigabitEthernet0/0/0
tunnel mode gre multipoint
tunnel key 10
end

 

Hub 2

 

interface GigabitEthernet0/0/0
ip address 10.255.255.2 255.255.255.0
negotiation auto
end

 

interface Tunnel10
bandwidth 1000
ip address 172.30.10.2 255.255.255.0
no ip redirects
ip mtu 1400
ip nhrp map multicast dynamic
ip nhrp network-id 10
ip nhrp holdtime 10
ip nhrp registration timeout 3
ip nhrp redirect
ip tcp adjust-mss 1360
ip ospf network broadcast
ip ospf priority 254
ip ospf dead-interval minimal hello-multiplier 4
ip ospf 1 area 10
keepalive 10 3
tunnel source GigabitEthernet0/0/0
tunnel mode gre multipoint
tunnel key 10
end

 

Site-X

 

interface GigabitEthernet0/0/0
ip address 10.255.255.11 255.255.255.0
negotiation auto
end

 

interface Tunnel10
ip address 172.30.10.x 255.255.255.0
no ip redirects
ip mtu 1400
ip nhrp map 172.30.10.1 10.255.255.1
ip nhrp map 172.30.10.2 10.255.255.2
ip nhrp map multicast 10.255.255.1
ip nhrp map multicast 10.255.255.2
ip nhrp map 172.30.10.5 10.255.255.5
ip nhrp map multicast 10.255.255.5
ip nhrp network-id 10
ip nhrp holdtime 10
ip nhrp nhs 172.30.10.2 priority 2 cluster 1
ip nhrp nhs 172.30.10.5 priority 3 cluster 1
ip nhrp nhs 172.30.10.1 cluster 1
ip nhrp nhs cluster 1 max-connections 10
ip nhrp nhs fallback 60
ip nhrp registration timeout 3
ip nhrp shortcut
ip tcp adjust-mss 1360
ip ospf network broadcast
ip ospf priority 0
ip ospf dead-interval minimal hello-multiplier 4
ip ospf 1 area 10
keepalive 10 3
cdp enable
tunnel source GigabitEthernet0/0/0
tunnel mode gre multipoint
tunnel key 10
end

Hisoma Sama
Level 1
Level 1
In response to Georg Pauwen

‎07-12-2018 01:52 AM

thanks for your support Georg Pauwen but i tried that the issue i face with it is sometimes the srouter stuck in INIT to it stay down it never come back up unless i remove the tunnel inter face and put it back! any idea why is that?
0 Helpful

Georg Pauwen
VIP
VIP
In response to Hisoma Sama

‎07-12-2018 04:30 AM

Can you post the full configs of your routers (both hubs and the spoke) so we can lab this in GNS3 ?

0 Helpful

a.alekseev
Level 7
Level 7
In response to Georg Pauwen

‎07-12-2018 03:25 AM

Why do you think that "ip ospf network broadcast" is better? :)
0 Helpful

a.alekseev
Level 7
Level 7

‎07-12-2018 01:42 AM

Why do you need DMVPN if you have vpls from your provider?

Hisoma Sama
Level 1
Level 1
In response to a.alekseev

‎07-12-2018 01:55 AM

hey Alekseev thanks for you quick response, could you go more into it. should it be a normal routing and ACL and how to do the same fail-over scenario above with vpls.

i tried to convince them with that but they mention it should be encrypted traffic.
0 Helpful

Hisoma Sama
Level 1
Level 1
In response to a.alekseev

‎07-12-2018 04:44 AM

most of the designs are for EIGRP but im using OSPF is there any issue with my current config in your opinion? and why its not working with the fail-over
0 Helpful

Georg Pauwen
VIP
VIP
In response to Hisoma Sama

‎07-12-2018 04:51 AM

Post the full configs, it is hard to tell what is missing without those...

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card