Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
973
Views
0
Helpful
7
Replies

OSPF Over DMVPN

mandeep62
Level 1
Level 1

‎07-06-2018 04:10 PM - edited ‎03-05-2019 10:44 AM

Hi all, I'm trying to configure ospf over dmvpn. The data doesn't pass through the tunnel. I have attached the topology.

 

I have configured OSPF on R1, R2 and R3 and R2 is the hub while R3 and R1 are the spokes.

 

R2 Hub config:

R2#show run | section ospf
 ip ospf network broadcast
router ospf 1
 router-id 2.2.2.2
 network 10.10.20.0 0.0.0.255 area 0
 network 192.168.1.0 0.0.0.255 area 0
 network 201.1.12.0 0.0.0.255 area 0
 network 201.1.13.0 0.0.0.255 area 0

 

interface Tunnel0
ip address 192.168.1.2 255.255.255.0
no ip redirects
ip nhrp map multicast dynamic
ip nhrp network-id 1
ip ospf network broadcast
tunnel source GigabitEthernet2/0
tunnel mode gre multipoint

 

R1 config:

R1#show run | section ospf
 ip ospf network broadcast
 ip ospf priority 0
router ospf 1
 router-id 1.1.1.1
 network 10.10.10.0 0.0.0.255 area 0
 network 192.168.1.0 0.0.0.255 area 0
network 201.1.12.0 0.0.0.255 area 0

interface Tunnel0
 ip address 192.168.1.1 255.255.255.0
 no ip redirects
 ip nhrp map 192.168.1.2 201.1.12.2
 ip nhrp map multicast 201.1.12.2
 ip nhrp network-id 1
 ip nhrp nhs 192.168.1.2
 ip ospf network broadcast
 ip ospf priority 0
 tunnel source GigabitEthernet2/0
 tunnel mode gre multipoint

 

R3 config:

router ospf 1
 router-id 3.3.3.3
 network 10.10.30.0 0.0.0.255 area 0
 network 192.168.1.0 0.0.0.255 area 0
 network 201.1.13.0 0.0.0.255 area 0

 

interface Tunnel0
 ip address 192.168.1.3 255.255.255.0
 no ip redirects
 ip nhrp map 192.168.1.2 201.1.12.2
 ip nhrp map multicast 201.1.12.2
 ip nhrp network-id 1
 ip nhrp nhs 192.168.1.2
 ip ospf network broadcast
 ip ospf priority 0
 tunnel source GigabitEthernet1/0
 tunnel mode gre multipoint

 

Am I doing something wrong?

 

 

Labels:
Preview file
51 KB
0 Helpful
7 Replies 7

Francesco Molino
VIP Alumni
VIP Alumni

‎07-06-2018 07:35 PM

Hi

 

If you issue show dmvpn do you see your tunnels up?

 

If you want to have dmvpn with spoke to spoke dynamic tunnel you need to add a router interconnecting these 3 routers R1, R2 and R3 to simulate internet.

 

Also in your ospf config, you added your public Network 201.x.x.x and you don't need it otherwise adjacency will be built through it and traffic will flow directly without passing through tunnels.

 

Make these corrections first and let us know your tunnels and dmvpn status.

 

If you want to take an overview of configs, go on the following Cisco documentation guide:

https://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ike-protocols/43068-dmvpn-gre-ospf.html

 

 

 

 

 

 


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful

mandeep62
Level 1
Level 1
In response to Francesco Molino

‎07-06-2018 08:07 PM

Hi,
below is the output:
R2#show dmvpn
Interface: Tunnel0, IPv4 NHRP Details
Type:Hub, NHRP Peers:2,

# Ent Peer NBMA Addr Peer Tunnel Add State UpDn Tm Attrb
----- --------------- --------------- ----- -------- -----
1 201.1.12.1 192.168.1.1 UP 00:14:04 D
1 201.1.13.1 192.168.1.3 UP 00:05:59 D

R1#show dmvpn
Interface: Tunnel0, IPv4 NHRP Details
Type:Spoke, NHRP Peers:1,

# Ent Peer NBMA Addr Peer Tunnel Add State UpDn Tm Attrb
----- --------------- --------------- ----- -------- -----
1 201.1.12.2 192.168.1.2 UP 00:14:36 S


R3#show dmvpn

# Ent Peer NBMA Addr Peer Tunnel Add State UpDn Tm Attrb
----- --------------- --------------- ----- -------- -----
1 201.1.12.2 192.168.1.2 UP 00:07:00 S

R3#show ip nhrp
192.168.1.2/32 via 192.168.1.2
Tunnel0 created 00:16:51, never expire
Type: static, Flags: used
NBMA address: 201.1.12.2

R2#show ip nhrp
192.168.1.1/32 via 192.168.1.1
Tunnel0 created 00:15:51, expire 01:44:08
Type: dynamic, Flags: unique registered used
NBMA address: 201.1.12.1
192.168.1.3/32 via 192.168.1.3
Tunnel0 created 00:07:47, expire 01:52:12
Type: dynamic, Flags: unique registered used
NBMA address: 201.1.13.1
R1#show ip nhrp
192.168.1.2/32 via 192.168.1.2
Tunnel0 created 00:16:10, never expire
Type: static, Flags: used
NBMA address: 201.1.12.2

However, I created different process IDs for ospf now. one for the internal network( public) and one for the public ones.

R1#show run | section ospf
router ospf 2
network 10.10.10.0 0.0.0.255 area 0
router ospf 1
network 192.168.1.0 0.0.0.255 area 0
network 201.1.12.0 0.0.0.255 area 0
R2#show run | section ospf
ip ospf network broadcast
router ospf 2
network 10.10.20.0 0.0.0.255 area 0
router ospf 1
network 192.168.1.0 0.0.0.255 area 0
network 201.1.12.0 0.0.0.255 area 0
network 201.1.13.0 0.0.0.255 area 0
R3#show run | section ospf
router ospf 2
network 10.10.30.0 0.0.0.255 area 0
router ospf 1
network 192.168.1.0 0.0.0.255 area 0
network 201.1.13.0 0.0.0.255 area 0

I don't know how to configure correctly this.

0 Helpful

Francesco Molino
VIP Alumni
VIP Alumni
In response to mandeep62

‎07-07-2018 08:15 PM

Have you removed those lines from ospf config because you don't need them:
network 201.1.12.0 0.0.0.255 area 0
network 201.1.13.0 0.0.0.255 area 0

Then what are you trying to test you said it's not working?

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful

mandeep62
Level 1
Level 1
In response to Francesco Molino

‎07-07-2018 08:18 PM

Yes, I have removed them and advertised those in different OSPF ID. It's not working.
0 Helpful

Francesco Molino
VIP Alumni
VIP Alumni
In response to mandeep62

‎07-07-2018 08:23 PM

Ok. For test just remove public segments to be advertised and building an adjacency over it. Only adjacency you should have is over tunnel interfaces.

Are you testing ping from spoke vlan to hub vlan?
Can you share some outputs of traceroutes please?

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful

Georg Pauwen
VIP
VIP

‎07-08-2018 12:48 AM

Hello,

 

post the full configurations of your routers not just snippets, so we can lab this...

0 Helpful

Georg Pauwen
VIP
VIP

‎07-08-2018 05:30 AM

Hello

 

make the changes below to your routers (changes marked in bold):

 

R2

router ospf 1
router-id 2.2.2.2
network 10.10.20.0 0.0.0.255 area 1
network 192.168.1.0 0.0.0.255 area 1
area 1 stub no-summary

 

interface Tunnel0
ip address 192.168.1.2 255.255.255.0
no ip redirects
ip nhrp map multicast dynamic
ip nhrp network-id 1
ip ospf network broadcast
ip opsf priority 255
tunnel source GigabitEthernet2/0

 

R1

 

router ospf 1
router-id 1.1.1.1
network 10.10.10.0 0.0.0.255 area 1
network 192.168.1.0 0.0.0.255 area 1
area 1 stub no-summary

 

interface Tunnel0
ip address 192.168.1.1 255.255.255.0
no ip redirects
ip nhrp map 192.168.1.2 201.1.12.2
ip nhrp map multicast 201.1.12.2
ip nhrp network-id 1
ip nhrp nhs 192.168.1.2
ip ospf network broadcast
ip ospf priority 0
tunnel source GigabitEthernet2/0
tunnel mode gre multipoint

 

R3

 

router ospf 1
 router-id 3.3.3.3
 network 10.10.30.0 0.0.0.255 area 1
 network 192.168.1.0 0.0.0.255 area 1

area 1 stub no-summary

 

interface Tunnel0
 ip address 192.168.1.3 255.255.255.0
 no ip redirects
 ip nhrp map 192.168.1.2 201.1.12.2
 ip nhrp map multicast 201.1.12.2
 ip nhrp network-id 1
 ip nhrp nhs 192.168.1.2
 ip ospf network broadcast
 ip ospf priority 0
 tunnel source GigabitEthernet1/0
 tunnel mode gre multipoint

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card