Hi,
In a home lab, I created following very basic DMVPN Hub & Spoke Topology, and unable to make my tunnel up, appreicate any support, not sure is there anything missing?
scenrio:
Hub and Spoke connected to an ISP router, on Hub & Spoke are under VRF London (Gig and Tunnel interfaces)
Static route vrf London from hub to IPs - hub and spoke able to ping via vrf to eachother.
EIGRP configured only for tunnel network (on hub and spoke)
on hub: NHRP: Unable to send Registration - no NHSes configured
on spoke (debug dmvpn): I can see NHRP sending packets to Hub but hub is not responding.
Hub config:
DMVPN-HUB#show run interface tun0
interface Tunnel0
vrf forwarding London
ip address 172.16.1.1 255.255.255.0
no ip redirects
ip mtu 1400
no ip next-hop-self eigrp 100
no ip split-horizon eigrp 100
ip nhrp authentication cisco
ip nhrp network-id 1
ip tcp adjust-mss 1360
tunnel source GigabitEthernet0/0
tunnel mode gre multipoint
tunnel key 123
end
Spoke Config:
DMVPN-Spoke#show run inter tun0
!
interface Tunnel0
vrf forwarding London
ip address 172.16.1.2 255.255.255.0
no ip redirects
ip nhrp authentication cisco
ip nhrp map multicast 10.0.0.1
ip nhrp map 172.16.1.1 10.0.0.1
ip nhrp network-id 1
ip nhrp nhs 172.16.1.1
tunnel source GigabitEthernet0/0
tunnel mode gre multipoint
tunnel key 123
end
DMVPN-HUB#show run | s router eigrp
router eigrp 100
!
address-family ipv4 vrf London autonomous-system 100
network 1.1.1.1 0.0.0.0
network 172.16.1.0 0.0.0.255
exit-address-family
DMVPN-Spoke#show run | s router eigrp
router eigrp 100
!
address-family ipv4 vrf London autonomous-system 100
network 2.2.2.2 0.0.0.0
network 172.16.1.0 0.0.0.255
exit-address-family
DMVPN-HUB#show run | s vrf d
vrf definition London
rd 100:100
!
address-family ipv4
exit-address-family
DMVPN-Spoke#show run | s vrf d
vrf definition London
rd 100:100
!
address-family ipv4
exit-address-family
DMVPN-Spoke#show dmvpn
Legend: Attrb --> S - Static, D - Dynamic, I - Incomplete
N - NATed, L - Local, X - No Socket
T1 - Route Installed, T2 - Nexthop-override
C - CTS Capable, I2 - Temporary
# Ent --> Number of NHRP entries with same NBMA peer
NHS Status: E --> Expecting Replies, R --> Responding, W --> Waiting
UpDn Time --> Up or Down Time for a Tunnel
==========================================================================
Interface: Tunnel0, IPv4 NHRP Details
Type:Spoke, NHRP Peers:1,
# Ent Peer NBMA Addr Peer Tunnel Add State UpDn Tm Attrb
----- --------------- --------------- ----- -------- -----
1 10.0.0.1 172.16.1.1 NHRP 00:22:49 S
DMVPN-Spoke#show ip nhrp
172.16.1.1/32 (London) via 172.16.1.1
Tunnel0 created 00:24:50, never expire
Type: static, Flags:
NBMA address: 10.0.0.1
DMVPN-HUB#show ip nhrp
DMVPN-HUB#
DMVPN-HUB#show dmvpn
Legend: Attrb --> S - Static, D - Dynamic, I - Incomplete
N - NATed, L - Local, X - No Socket
T1 - Route Installed, T2 - Nexthop-override
C - CTS Capable, I2 - Temporary
# Ent --> Number of NHRP entries with same NBMA peer
NHS Status: E --> Expecting Replies, R --> Responding, W --> Waiting
UpDn Time --> Up or Down Time for a Tunnel
==========================================================================
DMVPN-HUB#
DMVPN-HUB#show ip route vrf London
Routing Table: London
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is 10.0.0.2 to network 0.0.0.0
S* 0.0.0.0/0 [1/0] via 10.0.0.2
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.0.0.0/24 is directly connected, GigabitEthernet0/0
L 10.0.0.1/32 is directly connected, GigabitEthernet0/0
172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 172.16.1.0/24 is directly connected, Tunnel0
L 172.16.1.1/32 is directly connected, Tunnel0
DMVPN-HUB#
DMVPN-Spoke#show ip route vrf London
Routing Table: London
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is 20.0.0.2 to network 0.0.0.0
S* 0.0.0.0/0 [1/0] via 20.0.0.2
20.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 20.0.0.0/24 is directly connected, GigabitEthernet0/0
L 20.0.0.1/32 is directly connected, GigabitEthernet0/0
172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 172.16.1.0/24 is directly connected, Tunnel0
L 172.16.1.2/32 is directly connected, Tunnel0
DMVPN-Spoke#
Thanks
Accepted Solutions
Yes, Hub and Spoke are pingable via VRF (NBMA IPs):
DMVPN-HUB#ping vrf London 20.0.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 20.0.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/6/10 ms
DMVPN-Spoke#ping vrf London 10.0.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 5/5/6 ms
------------------
Debug DMVPN on Spoke:
Debug on DMVPN-Hub (Tun0 shut / no shut - Unable to send Registration - No NHSec configured)
