02-21-2018 12:36 PM - edited 03-12-2019 05:02 AM
My DMVPN spokes are not creating tunnels to other spokes when I ping the local lans on eth1/7. It seems like site 5 is handling all the traffic that is spoke to spoke. should DMVPN allow spoke to spoke traffic?
I attached my router configs.
Site_5#sh dmvpn
Legend: Attrb --> S - Static, D - Dynamic, I - Incomplete
N - NATed, L - Local, X - No Socket
# Ent --> Number of NHRP entries with same NBMA peer
NHS Status: E --> Expecting Replies, R --> Responding, W --> Waiting
UpDn Time --> Up or Down Time for a Tunnel
==========================================================================
Interface: Tunnel0, IPv4 NHRP Details
Type:Hub, NHRP Peers:3,
# Ent Peer NBMA Addr Peer Tunnel Add State UpDn Tm Attrb
----- --------------- --------------- ----- -------- -----
1 2.2.2.2 192.168.0.2 UP 00:57:16 D
1 3.3.3.6 192.168.0.3 UP 00:57:17 D
1 3.3.3.10 192.168.0.4 UP 00:57:12 D
Site_7#sh dmvpn
Legend: Attrb --> S - Static, D - Dynamic, I - Incomplete
N - NATed, L - Local, X - No Socket
# Ent --> Number of NHRP entries with same NBMA peer
NHS Status: E --> Expecting Replies, R --> Responding, W --> Waiting
UpDn Time --> Up or Down Time for a Tunnel
==========================================================================
Interface: Tunnel0, IPv4 NHRP Details
Type:Spoke, NHRP Peers:1,
# Ent Peer NBMA Addr Peer Tunnel Add State UpDn Tm Attrb
----- --------------- --------------- ----- -------- -----
1 1.1.1.2 192.168.0.1 UP 00:56:53 S
Solved! Go to Solution.
02-21-2018 01:14 PM - edited 02-21-2018 01:15 PM
Hi, Yes DMVPN should allow dynamic spoke-to-spoke creation. I am not that familar with using ospf on DMVPN but you should use ospf network type broadcast instead of point-to-multipoint, as traffic would still be routed via the hub. Check out DMVPN Phase 2 or 3 for further information.
You should also modify your ipsec transform set and use transport mode instead of tunnel mode (which is default).
02-21-2018 01:14 PM - edited 02-21-2018 01:15 PM
Hi, Yes DMVPN should allow dynamic spoke-to-spoke creation. I am not that familar with using ospf on DMVPN but you should use ospf network type broadcast instead of point-to-multipoint, as traffic would still be routed via the hub. Check out DMVPN Phase 2 or 3 for further information.
You should also modify your ipsec transform set and use transport mode instead of tunnel mode (which is default).
02-22-2018 06:40 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide