DMVPN between Spokes in different DMVPN Clouds

Bouchaib EL-GHOREFY · ‎02-12-2016

Hello,

I would like to know if it is possible to build dynamic tunnels between Spokes in different DMVPN Clouds with different Hubs? the diagram below shows the topology.

Regards

Philip D'Ath · ‎02-14-2016

I'm guessing it should be possible, but there are a lot of gotcha's. For example, do all the spokes share a common subnet for their tunnel interfaces, so they can do an NHRP lookup, for a connection to the spoke in the other cloud, and actually be layer 3 consistent?

Personally, I would either migrate to have a single DMVPN system, or simply route the traffic between the hubs, rather than having it go spoke to spoke between clouds.

Bouchaib EL-GHOREFY · ‎02-22-2016

Thank you Philip for the reply,
We need spoke-to-spoke to avoid the load on Hub routers, I am trying to migrate to a single Hierarchical DMVPN Design by integrating the HQ Router as a Central Hub, but the problem is that the routing is established by OSPF with every branch as an ospf area.

Is there a way to build a hierarchical DMVPN with multi areas? if no what is the possible solution for this topology?

Many thank's.

Philip D'Ath · ‎02-22-2016

Take a look at the Cisco DMVPN Validated Design Guide.

http://www.cisco.com/c/dam/en/us/td/docs/solutions/CVD/Aug2014/CVD-VPNWANDesignGuide-AUG14.pdf

If you have new enough kit (running at least 15.4M4) then change to using iWAN.

http://www.cisco.com/c/dam/en/us/td/docs/solutions/CVD/Jan2015/CVD-IWANDesignGuide-JAN15.pdf

I personally hate OSPF for things like this. I adds considerably complexity in my book. I would go with EIGRP, and my second choice would be BGP (the iWAN guide shows how to do it using BGP).