Re: Line redundacy for data comminucation between Remote Branch

jomo frank · ‎03-05-2012

Hello Expert,

I currently have a fully functional network consist of Hub (central office) and

8 spokes (remote branch office)

I am using cisco DMVPN for all tunnel communications.

I am about to introduce a second Telco for redundancy, hence for clarity I will refer

Primary Telco as TELCO1 and secondary Telco as TELCO2

The HUB ROUTER INFO

-------------------------------

CISCO 2900 series

3 Gigabit Ethernet ports onboard.

4 port switch card.

One of the Gigabit Ethernet port (GigabitEthernet0/1) is use as the wan interface for TELCO1

The 4 port switch card is use for lan interface.

I plan to use a free Gigabit Ethernet port (GigabitEthernet0/2) for the second TELCO2

Interface GigabitEthernet0/1 ------------------------------------ Telco1

description Ip_Dsl Interface$ETH-WAN$

ip address 10.xx.xx.11 255.255.255.0

duplex auto

speed auto

media-type rj45 auto-failover

!

Interface GigabitEthernet0/2 ------------------------------------ telco2

no ip address

shutdown

duplex auto

speed auto

SPOKE ROUTERS

---------------------

CISC0 2811 series

2 fast Ethernet ports onboard.

4 port switch card

One of the Fast Ethernet port (FastEthernet0/0) is use as the wan interface for TELCO1

The 4 port switch card is use for the lan interface.

I plan to use a free Fastethenet port (FastEthernet0/1) for the second TELCO2.

interface FastEthernet0/0

description Corriverton Lan Interface$ETH-LAN$

ip address 10.xx.xx.16 255.255.255.0 ----------------------------------- telco1

no ip redirects

no ip unreachables

no ip proxy-arp

ip route-cache flow

duplex auto

speed auto

no mop enabled

!

interface FastEthernet0/1------------------------------------------------- telco2

description $ETH-WAN$

no ip address

shutdown

duplex auto

speed auto

CURRENT DMMVPN TUNNEL SETUP for HUB

-------------------------------------

interface Tunnel0

description Ip_Dsl Tunnel to remote Locations

bandwidth 2048

ip address 172.168.XXX.11 255.255.255.0

no ip redirects

ip mtu 1500

ip nhrp authentication testvpn

ip nhrp map multicast dynamic

ip nhrp network-id 100000

ip nhrp holdtime 360

ip tcp adjust-mss 1360

no ip split-horizon eigrp 1

delay 1000

keepalive 5 2

tunnel source GigabitEthernet0/1 ---------------------------------- (telco1)

tunnel mode gre multipoint

tunnel key 100000

tunnel protection ipsec profile CiscoCP_Profile

CURRENT DMVPN TUNNEL SETUP FOR REMOTE BRANCH

-------------------------------------------------------

interface Tunnel0

description Tunnel to Head Office

bandwidth 1000

ip address 172.168.xxx.16 255.255.255.0

ip mtu 1500

ip nhrp authentication testvpn

ip nhrp map 172.168.XXX.11 10.xx.xx.11

ip nhrp map multicast 10.xx.xx.11

ip nhrp network-id 100000

ip nhrp holdtime 360

ip nhrp nhs 172.168.XXX.11

ip tcp adjust-mss 1360

no ip split-horizon eigrp 1

delay 1000

keepalive 5 2

tunnel source FastEthernet0/1 ------------------------------------------ (telco1)

tunnel mode gre multipoint

tunnel key 100000

tunnel protection ipsec profile CiscoCP_Profile1

Question

----------

I want to use the same DMVPN tunnel from central office to remote Branch for the failover to second telco (telco2)

How do i incorporate second tunnel source in both the hub and remote branch dmvpn tunnel config ?

Note the entire config for both hub and spoke was done using cisco sdm.

This gui utility does not support setting up multiple dmvpn on the same router,hence instead of configing a another dmvpn for

the second telco (telco) communication I am trying to use the existing dmvpn for both primary and failover communication.

Regards

Jomo

Jeff Van Houten · ‎03-05-2012

First, is the second telco providing Internet access?

Second, look for doc id 41940 on the. Cisco site.

Sent from Cisco Technical Support iPad App

jomo frank · ‎03-06-2012

Hello Jeff,

The second telco will not be providing internet access, all the respective telcos will be providing just a connection from

Remote Location to Central office--- Internet etc is handle by a different arrangment.

Regards

Jomo

Jeff Van Houten · ‎03-06-2012

the doc Id I sent earlier will cover it regardless.

Sent from Cisco Technical Support iPad App

jomo frank · ‎03-06-2012

Hello Jeff,

I went thru the document and cannot fiind any reference how to include the second lan interface on the router

which is telco 2 connection.

Is there any way I can add FastEthernet0/2 ---------------------------- telco 2 to the config.

I know for Hub failover you have to add the following to spoke tunnel

ip nhrp map

ip nhrp map multicast

ip nhrp nrp

and you will be able to connect to primary and secondary hub.

I am thinking if a similar entries can be made on the the tunnel config to point to FastEthenet 0/1 and FastEtherbet0/2

interface Tunnel0

description Tunnel to Head Office

bandwidth 1000

ip address 172.168.xxx.16 255.255.255.0

ip mtu 1500

ip nhrp authentication testvpn

ip nhrp map 172.168.XXX.11 10.xx.xx.11

ip nhrp map multicast 10.xx.xx.11

ip nhrp network-id 100000

ip nhrp holdtime 360

ip nhrp nhs 172.168.XXX.11

ip tcp adjust-mss 1360

no ip split-horizon eigrp 1

delay 1000

keepalive 5 2

tunnel source FastEthernet0/1

tunnel mode gre multipoint

tunnel key 100000

tunnel protection ipsec profile CiscoCP_Profile1

Regards

Jomo

Jeff Van Houten · ‎03-06-2012

I’m not looking right at it, but I believe you are expected to create a new tunnel and bind that to the new interface. Look at the last few pages of the document that discusses failover DMVPN.

Line redundacy for data comminucation between Remote Branch and Central Office