Solved: OSPF missing routes on spoke in FlexVPN

EdgarMurray8920 · ‎12-30-2023

I'm traying to configure OSPF in a FlexVPN between the hub and the spoke. I see OSPF spokes routes on the hub, but none of the hub routes on the Spokes. I made some changes to the configuration as suggested in this post Solved: OSPF Routing with FlexVPN Tunnel | Dynamic Spoke / Static Hub - Cisco Community with no lock, so I rollback the changes. Here is my configuration.

Spoke

router ospf 1
router-id 172.30.1.4
auto-cost reference-bandwidth 1000000
network 10.6.48.0 0.0.0.255 area 0
network 172.30.1.0 0.0.0.0 area 0
network 192.168.43.0 0.0.0.255 area 0
network 192.168.48.0 0.0.0.255 area 0

interface Tunnel0
 ip address 172.30.1.4 255.255.255.0
 ip nhrp network-id 1
 ip nhrp shortcut virtual-template 1
 ip nhrp redirect
 tunnel source GigabitEthernet0/0/1
 tunnel destination 192.168.50.1
 tunnel protection ipsec profile IPSEC_PROFILE
end

interface Virtual-Template1 type tunnel
 ip unnumbered GigabitEthernet0/0/1
 ip nhrp network-id 1
 ip nhrp shortcut virtual-template 1
 ip nhrp redirect
 tunnel source GigabitEthernet0/0/1
 tunnel protection ipsec profile IPSEC_PROFILE
end

show ip ospf database router 172.30.1.4

            OSPF Router with ID (172.30.1.4) (Process ID 1)

                Router Link States (Area 0)

  LS age: 140
  Options: (No TOS-capability, DC)
  LS Type: Router Links
  Link State ID: 172.30.1.4
  Advertising Router: 172.30.1.4
  LS Seq Number: 800000B6
  Checksum: 0xF60E
  Length: 84
  Number of Links: 5

    Link connected to: another Router (point-to-point)
     (Link ID) Neighboring Router ID: 172.30.1.1
     (Link Data) Router Interface address: 172.30.1.4
      Number of MTID metrics: 0
       TOS 0 Metrics: 65535

    Link connected to: a Stub Network
     (Link ID) Network/subnet number: 172.30.1.0
     (Link Data) Network Mask: 255.255.255.0
      Number of MTID metrics: 0
       TOS 0 Metrics: 65535

    Link connected to: a Stub Network
     (Link ID) Network/subnet number: 10.6.48.0
     (Link Data) Network Mask: 255.255.255.0
      Number of MTID metrics: 0
       TOS 0 Metrics: 1000

    Link connected to: a Stub Network
     (Link ID) Network/subnet number: 192.168.43.0
     (Link Data) Network Mask: 255.255.255.0
      Number of MTID metrics: 0
       TOS 0 Metrics: 1000

    Link connected to: a Stub Network
     (Link ID) Network/subnet number: 192.168.48.0
     (Link Data) Network Mask: 255.255.255.0
      Number of MTID metrics: 0
       TOS 0 Metrics: 1000

Hub

router ospf 1
 router-id 172.30.1.1
 auto-cost reference-bandwidth 100000
 redistribute bgp 65100 route-map Recursive-Deny-OSPF
 network 10.10.100.1 0.0.0.0 area 0
 network 172.30.1.1 0.0.0.0 area 0
 default-information originate

interface Virtual-Template1 type tunnel
 ip unnumbered Loopback0
 ip nhrp network-id 1
 ip nhrp redirect
 tunnel protection ipsec profile IPSEC_PROFILE
end

interface Loopback0
 description VIRTUAL-TEMPLATE IP ADDRESS FOR FLEX VPN
 ip address 172.30.1.1 255.255.255.0
end

show ip ospf database router 172.30.1.1

            OSPF Router with ID (172.30.1.1) (Process ID 1)

                Router Link States (Area 0)

  LS age: 906
  Options: (No TOS-capability, DC)
  LS Type: Router Links
  Link State ID: 172.30.1.1
  Advertising Router: 172.30.1.1
  LS Seq Number: 800000A7
  Checksum: 0x61CB
  Length: 48
  AS Boundary Router
  Number of Links: 2

    Link connected to: a Stub Network
     (Link ID) Network/subnet number: 172.30.1.1
     (Link Data) Network Mask: 255.255.255.255
      Number of MTID metrics: 0
       TOS 0 Metrics: 1

    Link connected to: another Router (point-to-point)
     (Link ID) Neighboring Router ID: 172.30.1.4
     (Link Data) Router Interface address: 0.0.0.24
      Number of MTID metrics: 0
       TOS 0 Metrics: 65535

Any help is welcome.

EdgarMurray8920 · ‎01-10-2024

I forgot to update with the solution. It turns out, I was referencing the wrong name in the redistribution. I was using the prefix-list name instead of the route-map. Once I corrected the error, routes started to appear.

View solution in original post

MHM Cisco World · ‎12-30-2023

what authz you use here?

Can I see config

MHM

EdgarMurray8920 · ‎12-30-2023

crypto ikev2 authorization policy test.local 
 route set interface
 route set access-list FLEXVPN_ROUTES




Standard IP access list FLEXVPN_ROUTES
    10 permit any

balaji.bandi · ‎12-30-2023

Quick one before i read all the information - is this subnet correct ? is this intention or typo ? interface has /24 address.

network 172.30.1.0 0.0.0.0 area 0

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

EdgarMurray8920 · ‎12-30-2023

That was a typo its network 172.30.1.0 0.0.0.255 area 0

balaji.bandi · ‎12-31-2023

That was a typo its network 172.30.1.0 0.0.0.255 area 0

what is the outcome after changing, still have issue ? can you post latest information after correction done ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

MHM Cisco World · ‎12-31-2023

Ospf with dmvpn is hard and with flexvpn I think it more hard

Now

Flexvpn is close to phaseIII of dmvpn'

So under hub virtual we use ip nhrp redirect and ip nhrp network id x

Under spoke tunnel we use ip nhrp shortcut virtual and ip nhrp network id

For authz we only accept route not set any route.

For opsf we need to change the network type from p2p to broadcast or p2mp in both hub and spoke.

Try above share show ip ospf neighbor

MHM

EdgarMurray8920 · ‎01-10-2024

It was difficult because later I wanted to have a backup tunnel to the MPLS redundancy router and I was having loops, but after 3 intense days, and more filtering in the prefix-list. I was able to solve things out. Maybe it's not perfect, but it is working

EdgarMurray8920 · ‎01-10-2024

I forgot to update with the solution. It turns out, I was referencing the wrong name in the redistribution. I was using the prefix-list name instead of the route-map. Once I corrected the error, routes started to appear.

MHM Cisco World · ‎01-10-2024

share the last config if you can

MHM