cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1318
Views
0
Helpful
2
Replies

DMVPN Spoke to Spoke traffic

Joshuabowers
Level 1
Level 1

My DMVPN spokes are not creating tunnels to other spokes when I ping the local lans on eth1/7.  It seems like site 5 is handling all the traffic that is spoke to spoke. should DMVPN allow spoke to spoke traffic?

 

I attached my router configs.

 

Site_5#sh dmvpn
Legend: Attrb --> S - Static, D - Dynamic, I - Incomplete
N - NATed, L - Local, X - No Socket
# Ent --> Number of NHRP entries with same NBMA peer
NHS Status: E --> Expecting Replies, R --> Responding, W --> Waiting
UpDn Time --> Up or Down Time for a Tunnel
==========================================================================

Interface: Tunnel0, IPv4 NHRP Details
Type:Hub, NHRP Peers:3,

# Ent Peer NBMA Addr Peer Tunnel Add State UpDn Tm Attrb
----- --------------- --------------- ----- -------- -----
1 2.2.2.2 192.168.0.2 UP 00:57:16 D
1 3.3.3.6 192.168.0.3 UP 00:57:17 D
1 3.3.3.10 192.168.0.4 UP 00:57:12 D

 

 

Site_7#sh dmvpn
Legend: Attrb --> S - Static, D - Dynamic, I - Incomplete
N - NATed, L - Local, X - No Socket
# Ent --> Number of NHRP entries with same NBMA peer
NHS Status: E --> Expecting Replies, R --> Responding, W --> Waiting
UpDn Time --> Up or Down Time for a Tunnel
==========================================================================

Interface: Tunnel0, IPv4 NHRP Details
Type:Spoke, NHRP Peers:1,

# Ent Peer NBMA Addr Peer Tunnel Add State UpDn Tm Attrb
----- --------------- --------------- ----- -------- -----
1 1.1.1.2 192.168.0.1 UP 00:56:53 S

1 Accepted Solution

Accepted Solutions

Hi, Yes DMVPN should allow dynamic spoke-to-spoke creation. I am not that familar with using ospf on DMVPN but you should use ospf network type broadcast instead of point-to-multipoint, as traffic would still be routed via the hub. Check out DMVPN Phase 2 or 3 for further information.

 

You should also modify your ipsec transform set and use transport mode instead of tunnel mode (which is default).

View solution in original post

2 Replies 2

Hi, Yes DMVPN should allow dynamic spoke-to-spoke creation. I am not that familar with using ospf on DMVPN but you should use ospf network type broadcast instead of point-to-multipoint, as traffic would still be routed via the hub. Check out DMVPN Phase 2 or 3 for further information.

 

You should also modify your ipsec transform set and use transport mode instead of tunnel mode (which is default).

Thank you.

I googled the broadcast command and this config seemed to work.

I did a ping and the other spoke router showed up in the other spoke router sh dmvpn command.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: