Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
592
Views
0
Helpful
4
Replies

DMVPN tunnels are not coming up after the link goes down

Rohit Patil
Level 1
Level 1

‎12-22-2024 05:53 AM

DMVPN tunnels are not coming up after the link goes down

I have to bounce the tunnel interfaces on spoke side, then only the tunnel interfaces IP is pinging.
Testing: When the tunning is established, and I remove cable and plug it back in. the tunnel goes down and then the state of tunnel interface remains up/up but when pinging opposite end tunnel interface IP gives below error:

 

*TIMESTAMP %DMVPN-5-NHRP_NHC_DOWN: Tunnel7: Next Hop Client : (Tunnel: 10.x.x.3 NBMA: 10.20.20.6 ) for (Tunnel: 10.x.x.1 NBMA: 10.y.y.2) is DOWN, Reason: External(NHRP: no error) 

 

When I shut and no shut the tunnel interface at spoke side the tunnel passes traffic and I am able to ping.

Belo is the architecture diagram:

RohitPatil_0-1734875027750.png

Below are the configs for the tunnel:
-----

Underlay is pure IP address and static routing.



SPOKE 1 CONF:

interface Tunnel99
ip address 10.x.x.3 255.255.255.248
no ip redirects
ip nhrp authentication DMVPN
ip nhrp map 10.x.x.1 10.y.y.1
ip nhrp map multicast 10.y.y.1
ip nhrp network-id 8
ip nhrp nhs 10.x.x.1
tunnel source Port-channel9.9
tunnel mode gre multipoint
tunnel key 9801ss
tunnel protection ipsec profile Profile9
!
router eigrp 1
no auto-summary
network 10.x.x.0 0.0.0.7


===
HUB configs:

 

interface Tunnel99
ip address 10.x.x.1 255.255.255.248
no ip redirects
no ip split-horizon eigrp 1
ip nhrp authentication DMVPN
ip nhrp map multicast dynamic
ip nhrp network-id 99
tunnel source GigabitEthernet0/0/1
tunnel mode gre multipoint
tunnel key 9801ss
tunnel protection ipsec profile Profile9

 

 

 

 

 

0 Helpful
4 Replies 4

MHM Cisco World
VIP
VIP

‎12-22-2024 05:59 AM

If state nhrp <<- use this under spoke tunnel 

Also are spoke WAN get IP from SP via dhcp ??

MHM

0 Helpful

Rohit Patil
Level 1
Level 1
In response to MHM Cisco World

‎12-22-2024 08:10 AM

No, the ISP wan is l2, I have assigned static underlay and overlay ips.

Let me try this.

0 Helpful

ccieexpert
VIP
VIP

‎12-23-2024 05:01 AM

Please run the debugs on the spoke before you bring down the link and keep them running until it fails to come backup after the link is restored. also get the show command listed below.

https://www.cisco.com/c/en/us/support/docs/security-vpn/dynamic-multi-point-vpn-dmvpn/116957-technote-dmvpn-00.html

That will give us more insights into what is going on.

**Please rate as helpful if this was useful **

0 Helpful

paul driver
VIP
VIP

‎12-23-2024 05:21 AM

hello
Hub
int tun 99
no ip next-hop-self eigrp 1


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful
Customers Also Viewed These Support Documents