hello together,

i have a dmvpn configuration with dual hub and ospf.

i had one spoke and now added another spoke. but i dont want both spokes to open a tunnel with each other, i want all traffic going through the hub.

with "tunnel mode gre ip" on a spoke the spoke dont do anything, i dont see the 2 hubs as ospf neighbors anymore. the hubs are configured as follows:

interface Tunnel0
 
 bandwidth 100000
 ip address 172.16.5.1 255.255.255.0
 no ip redirects
 ip mtu 1400
 ip nhrp authentication test
 ip nhrp map multicast dynamic
 ip nhrp network-id 100000
 ip nhrp holdtime 600
 ip ospf network broadcast
 ip ospf priority 2
 delay 1000
 tunnel source GigabitEthernet0/0
 tunnel mode gre multipoint
 tunnel key 100000
 tunnel protection ipsec profile Profile
end

and the spokes:

interface Tunnel0
 description VPN
 bandwidth 1000
 ip address 172.16.5.13 255.255.255.0
 no ip redirects
 ip mtu 1400
 ip nat outside
 ip nhrp authentication test
 ip nhrp map multicast x.x.x.1 <-official ips of the hubs masked
 ip nhrp map 172.16.5.1 x.x.x.1
 ip nhrp map multicast x.x.x.2
 ip nhrp map 172.16.5.2 x.x.x.2
 ip nhrp network-id 100000
 ip nhrp holdtime 300
 ip nhrp nhs 172.16.5.1
 ip nhrp nhs 172.16.5.2
 ip virtual-reassembly in
 ip ospf network broadcast
 ip ospf priority 0
 ip ospf cost 5000
 delay 1000
 tunnel source Dialer1
 tunnel mode gre multipoint
 tunnel key 100000
 tunnel protection ipsec profile Profile

i have seen routes from one spoke at the other spoke so i made a routemap filtering that routes so that in routing table it takes default route to hub and not to spoke but they still try to open a tunnel with each other which is blocked by incomg acl so the traffic is flowing as intended but i dont want the spokes always trying to open a tunnel they shouldnt. i just want to have dmvpn phase 1