Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1120
Views
0
Helpful
3
Replies

Single DMVPN with Two HUB

NAGISWAREN2
Level 1
Level 1

‎04-22-2012 08:23 PM - edited ‎02-21-2020 06:01 PM

Hi All,

Im doing some lab test on GNS3 for DMVPN before go into real implementation. in here, we have Single DMVPN cloud with 2 HUBs. Note here, those two HUB not for redundancy purpose. They both located at different location and both serving different Web application to branches. So instead of creating 2 DMVPN cloud (1 for each HUB), I combined them in single DMVPN. Both Hub will talk each other via Point-toPoint Link. I purposely not include HUB1 to HUB2 connection in DMVPN. I have no problem on connectivity between SOPKE to Both HUB or SPOKE to SOPKE. Everything jus worked fine. But SOPKE sees two NHS server, and send request for NHRP mapping for to both of HUB , and both HUB also replies to the request. In such case, SPOKE2 sees SPOKE1 LAN IP via 2 available path, but gateway is SAME.Below is the output on SOPKE2. Why is it in this way? Can I make it HUB1 is the only NHS server, while having static NHRP mapping for HUB2 in SOPKE routers.?

SOPKE1 : 10.0.0.3 LAN: 172.16.30.0

SOPKE2: 10.0.0.4 LAN : 172.16.40.0

HUB1 : 10.0.0.1 LAN : 172.16.10.0

HUB2: 10.0.0.2 LAN : 172.16.20.0

SPOKE2#sho ip route eigrp

     172.16.0.0/24 is subnetted, 4 subnets

D       172.16.30.0 [90/310172416] via 10.0.0.3, 00:01:57, Tunnel0

                           [90/310172416] via 10.0.0.3, 00:01:57, Tunnel0

D       172.16.20.0 [90/297372416] via 10.0.0.2, 00:07:41, Tunnel0

D       172.16.10.0 [90/297372416] via 10.0.0.1, 00:01:57, Tunnel0

SPOKE2#sho ip eig topo

P 10.0.0.0/24, 1 successors, FD is 297244416

        via Connected, Tunnel0

        via 10.0.0.1 (310044416/15299840), Tunnel0

P 172.16.40.0/24, 1 successors, FD is 128256

        via Connected, Loopback0

P 172.16.30.0/24, 2 successors, FD is 310172416

       10.0.0.3 via 10.0.0.1 (310172416/15427840), Tunnel0

       10.0.0.3 via 10.0.0.2 (310172416/297372416), Tunnel0

P 172.16.20.0/24, 1 successors, FD is 297372416

        via 10.0.0.2 (297372416/128256), Tunnel0

P 172.16.10.0/24, 1 successors, FD is 297372416

        via 10.0.0.1 (297372416/128256), Tunnel0

Here is my HUB1 config:

HUB1#sho run int tun0

Building configuration...

Current configuration : 315 bytes

!

interface Tunnel0

bandwidth 1024

ip address 10.0.0.1 255.255.255.0

no ip redirects

no ip next-hop-self eigrp 100

ip nhrp authentication cisco

ip nhrp map multicast dynamic

ip nhrp network-id 123

no ip split-horizon eigrp 100

tunnel source FastEthernet0/0

tunnel mode gre multipoint

tunnel key 123

end

HUB2 Config:

HUB2#sho run int tun 0

Building configuration...

Current configuration : 299 bytes

!

interface Tunnel0

ip address 10.0.0.2 255.255.255.0

no ip redirects

no ip next-hop-self eigrp 100

ip nhrp authentication cisco

ip nhrp map multicast dynamic

ip nhrp network-id 123

no ip split-horizon eigrp 100

tunnel source FastEthernet0/0

tunnel mode gre multipoint

tunnel key 123

end

Here is one of SPOKE config:

SPOKE2#sho run int tun0

Building configuration...

Current configuration : 446 bytes

!

interface Tunnel0

ip address 10.0.0.4 255.255.255.0

no ip redirects

ip nhrp authentication cisco

ip nhrp map 10.0.0.1 192.168.10.1

ip nhrp map multicast 192.168.10.2

ip nhrp map 10.0.0.2 192.168.10.2

ip nhrp map multicast 192.168.10.1

ip nhrp network-id 123

ip nhrp holdtime 60

ip nhrp nhs 10.0.0.1

ip nhrp nhs 10.0.0.2

ip nhrp registration timeout 30

tunnel source FastEthernet0/0

tunnel mode gre multipoint

tunnel key 123

end

-------------------------------------------------------

Regards, Nagis
Labels:
0 Helpful
3 Replies 3

Marcin Latosiewicz
Cisco Employee
Cisco Employee

‎04-22-2012 11:23 PM

Please remember that NHS registration is the means by which hub known how to contact spoke.

Regarding "why"... both hubs learn about 172.16.30.0/24 from spoke 1. Since both of them have split horizon disabled, they will both advertise it back on tunnel interface.

That's why you see spoke1 LAN in eigrp topology available via 10.0.0.3 but in routing table you have them available via 10.0.0.1 and 10.0.0.2.

0 Helpful

NAGISWAREN2
Level 1
Level 1
In response to Marcin Latosiewicz

‎04-23-2012 01:19 AM

I understand why is it showing two available path to another SPOKE. So how do make it only HUB1 become NHS server while still having static NHRP mapping to HUB2. Enable Split-horizon on HUB2 will disable route update back to spoke, but its still serving as NHS server. How to achieve this?

Regards, Nagis
0 Helpful

Marcin Latosiewicz
Cisco Employee
Cisco Employee
In response to NAGISWAREN2

‎04-23-2012 01:27 AM

If you're looking for a solution based on routing protocol it all depends on your requirements.

Advertising a summary via hub2 and unsuppressing some of the prefixes you want could be workaround.

0 Helpful
Customers Also Viewed These Support Documents