Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1745
Views
1
Helpful
6
Replies

VPN 0 default routes with static and DHCP

Go to solution
tautog
Level 4
Level 4

‎05-20-2022 10:55 AM

Somehow I am not understanding the scant documentation on setting default routes for multiple circuits in VPN 0. It works for me with more than one circuit if they all are static IPs with static next hops. It works for a single circuit with DHCP. However, I can't figure out how to get things working with two circuits when one is DHCP and the other is static. If the VPN template is configured with an IPv4 route of 0.0.0.0/0 set to DHCP, the DHCP circuit works. If it is set to a next hop for the static IP circuit, that one works and the DHCP doesn't. How do we configure it properly so both circuits have a default route and the overlay connections come up for both?

1 person had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
tautog
Level 4
Level 4
In response to tautog

‎05-27-2022 03:56 PM

It is now working, after re-trying the configuration suggested by TAC. I thought I had tried that configuration, but maybe I didn't or there was something in the order of the different configurations tried that messed it up, or it didn't get pushed.

 

What is working is setting the 0.0.0.0/0 default route in the VPN 0 template under IPv4 route to use next hop, and setting a device specific variable for the value of the next hop IP. Then, in the VPN Ethernet interface template for the DHCP interface, set the DHCP admin distance to 1 as a global setting. This is a precaution as that is the default setting also, but I wanted to make sure. Finally, do make sure the device template is pushed to the device, which can be done by changing the device values and just following through the steps again to apply the template. Ended up with this.

 

sh ip ro
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, m - OMP
n - NAT, Ni - NAT inside, No - NAT outside, Nd - NAT DIA
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
H - NHRP, G - NHRP registered, g - NHRP registration summary
o - ODR, P - periodic downloaded static route, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
& - replicated local route overrides by connected

Gateway of last resort is 173.48.130.1 to network 0.0.0.0

S* 0.0.0.0/0 [1/0] via 173.48.130.1
[1/0] via 50.214.194.26
50.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 50.214.194.24/30 is directly connected, GigabitEthernet0/0/1
L 50.214.194.25/32 is directly connected, GigabitEthernet0/0/1
173.48.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 173.48.130.0/24 is directly connected, GigabitEthernet0/0/0
L 173.48.130.213/32 is directly connected, GigabitEthernet0/0/0

View solution in original post

6 Replies 6

Go to solution
Deepak Kumar
VIP Alumni
VIP Alumni

‎05-21-2022 11:27 PM

Can you share your template configuration or edge configuration to double check issue?

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!
0 Helpful

Go to solution
tautog
Level 4
Level 4
In response to Deepak Kumar

‎05-23-2022 01:55 PM

Originally we tried having the DHCP default route configured under IPv4 route, and then added a device specific route prefix which we then tried configuring for the default route through the static default gateway of the static circuit. That removed the DHCP default when pushed to the device.

 

A TAC engineer suggest just having the default distance in the interface template for the DHCP circuit, and putting the static configuration in the IPv4 route in the VPN template. I'm pretty sure we tried that, but we will try it again when we can schedule a maintenance window with the site to work on it.

0 Helpful

Go to solution
tautog
Level 4
Level 4
In response to tautog

‎05-27-2022 03:56 PM

It is now working, after re-trying the configuration suggested by TAC. I thought I had tried that configuration, but maybe I didn't or there was something in the order of the different configurations tried that messed it up, or it didn't get pushed.

 

What is working is setting the 0.0.0.0/0 default route in the VPN 0 template under IPv4 route to use next hop, and setting a device specific variable for the value of the next hop IP. Then, in the VPN Ethernet interface template for the DHCP interface, set the DHCP admin distance to 1 as a global setting. This is a precaution as that is the default setting also, but I wanted to make sure. Finally, do make sure the device template is pushed to the device, which can be done by changing the device values and just following through the steps again to apply the template. Ended up with this.

 

sh ip ro
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, m - OMP
n - NAT, Ni - NAT inside, No - NAT outside, Nd - NAT DIA
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
H - NHRP, G - NHRP registered, g - NHRP registration summary
o - ODR, P - periodic downloaded static route, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
& - replicated local route overrides by connected

Gateway of last resort is 173.48.130.1 to network 0.0.0.0

S* 0.0.0.0/0 [1/0] via 173.48.130.1
[1/0] via 50.214.194.26
50.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 50.214.194.24/30 is directly connected, GigabitEthernet0/0/1
L 50.214.194.25/32 is directly connected, GigabitEthernet0/0/1
173.48.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 173.48.130.0/24 is directly connected, GigabitEthernet0/0/0
L 173.48.130.213/32 is directly connected, GigabitEthernet0/0/0

Go to solution
Kanan Huseynli
VIP
VIP

‎05-22-2022 04:04 PM

Hi,

 

please, share "show ip route" when you have both static and DHCP configuration. In autonomous mode of IOS XE you have different AD value for dhcp learned gateway / next-hop. Most probably, it is the same for SD-WAN too. Just check what AD value has dhcp learned gateway, if it is other than 1 (which is default AD for static) you need to set the same AD for static (or 1 for DHCP if this setup is available).

 

HTH,

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

0 Helpful

Go to solution
tautog
Level 4
Level 4
In response to Kanan Huseynli

‎05-23-2022 01:48 PM

This is for controller mode, so it needs to be configured via templates.

0 Helpful

Go to solution
LukaszC
Level 1
Level 1

‎11-03-2023 01:45 AM - edited ‎11-03-2023 03:01 AM

It works, keep in mind, while testing, static and DHCP must be form different subnets.

0 Helpful
Customers Also Viewed These Support Documents