4.1.d Implement and troubleshoot DMVPN [single hub]

download this topology:

down arrow smaller

dmvpn

here is a sample configuration of a topology for use with gns3… the ip addressing is already in place, as well as the static routes, but none of the tunnel, routing, or nhrp configuration…

dmvpn

the hub statics:

hub(config)#do sh run | i ip route
ip route 200.1.20.0 255.255.255.0 200.1.10.1
ip route 200.1.30.0 255.255.255.0 200.1.10.1

the branch statics, and defaults:

branch2(config)#do sh run | i ip route
ip route 0.0.0.0 0.0.0.0 200.1.20.1
ip route 200.1.10.100 255.255.255.255 200.1.20.1

branch3(config)#do sh run | i ip route
ip route 0.0.0.0 0.0.0.0 200.1.30.1
ip route 200.1.10.100 255.255.255.255 200.1.30.1

note the statics to the hub… if only a default route is used you will get errors, although you will populate the dynamic routes and be able to ping…

branch3(config)#no ip route 200.1.10.100 255.255.255.255 200.1.30.1
branch3(config)#
*Jan 11 16:16:05.411: %ADJ-5-PARENT: Midchain parent maintenance for IP midchain out of Tunnel0, addr 10.1.1.1 – looped chain attempting to stack

the cloud:

simply…

cloud#sh ip int brie | i Serial
Serial1/0              unassigned      YES NVRAM  administratively down down
Serial1/1              200.1.10.1      YES NVRAM  up                    up
Serial1/2              200.1.20.1      YES NVRAM  up                    up
Serial1/3              200.1.30.1      YES NVRAM  up                    up

other than the directly connected interfaces, there is no other configuration, it’s just a hardware conduit…

the hub tunnel configuration:

interface Tunnel0
ip address 10.1.1.1 255.255.255.0
ip mtu 1416
ip nhrp map multicast dynamic
ip nhrp network-id 1
tunnel source 200.1.10.100
tunnel mode gre multipoint

branch 2 tunnel

interface Tunnel0
ip address 10.1.1.2 255.255.255.0
ip mtu 1416
ip nhrp map 10.1.1.1 200.1.10.100
ip nhrp map multicast 200.1.10.100
ip nhrp network-id 1
ip nhrp nhs 10.1.1.1
tunnel source 200.1.20.2
tunnel mode gre multipoint

branch 3 tunnel:

interface Tunnel0
ip address 10.1.1.3 255.255.255.0
ip mtu 1416
ip nhrp map 10.1.1.1 200.1.10.100
ip nhrp map multicast 200.1.10.100
ip nhrp network-id 1
ip nhrp nhs 10.1.1.1
tunnel source 200.1.30.3
tunnel mode gre multipoint

and now the routing…

these three statements go on the hub and the branch tunnel interfaces to support eigrp…

ip hold-time eigrp 1 60
no ip next-hop-self eigrp 1
no ip split-horizon eigrp 1

then add the dynamic routing…

hub(config-if)#do sh run | b router
router eigrp 1
network 1.1.1.0 0.0.0.255
network 10.1.1.0 0.0.0.255
network 200.1.10.0

branch2(config-if)#do sh run | b router
router eigrp 1
network 2.2.2.0 0.0.0.255
network 10.1.1.0 0.0.0.255
network 200.1.20.0

branch3(config-if)#do sh run | b router
router eigrp 1
network 3.3.3.0 0.0.0.255
network 10.1.1.0 0.0.0.255
network 200.1.30.0

check your work:

hub#sh ip route | b 1.0.
1.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C        1.1.1.0/24 is directly connected, Loopback0
L        1.1.1.1/32 is directly connected, Loopback0
2.0.0.0/24 is subnetted, 1 subnets
D        2.2.2.0 [90/27008000] via 10.1.1.2, 00:19:44, Tunnel0
      3.0.0.0/24 is subnetted, 1 subnets
D        3.3.3.0 [90/27008000] via 10.1.1.3, 00:19:44, Tunnel0
      10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C        10.1.1.0/24 is directly connected, Tunnel0
L        10.1.1.1/32 is directly connected, Tunnel0
200.1.10.0/24 is variably subnetted, 2 subnets, 2 masks
C        200.1.10.0/24 is directly connected, Serial1/1
L        200.1.10.100/32 is directly connected, Serial1/1
S     200.1.20.0/24 [1/0] via 200.1.10.1
S     200.1.30.0/24 [1/0] via 200.1.10.1

branch2(config-if)#do sh ip route | b Gate
Gateway of last resort is 200.1.20.1 to network 0.0.0.0

S*    0.0.0.0/0 [1/0] via 200.1.20.1
1.0.0.0/24 is subnetted, 1 subnets
D        1.1.1.0 [90/27008000] via 10.1.1.1, 00:47:42, Tunnel0
      2.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C        2.2.2.0/24 is directly connected, Loopback0
L        2.2.2.2/32 is directly connected, Loopback0
3.0.0.0/24 is subnetted, 1 subnets
D        3.3.3.0 [90/28288000] via 10.1.1.3, 00:20:44, Tunnel0
      10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C        10.1.1.0/24 is directly connected, Tunnel0
L        10.1.1.2/32 is directly connected, Tunnel0
200.1.10.0/24 is variably subnetted, 2 subnets, 2 masks
D        200.1.10.0/24 [90/27392000] via 10.1.1.1, 00:47:42, Tunnel0
S        200.1.10.100/32 [1/0] via 200.1.20.1
200.1.20.0/24 is variably subnetted, 2 subnets, 2 masks
C        200.1.20.0/24 is directly connected, Serial1/2
L        200.1.20.2/32 is directly connected, Serial1/2

hub#sh dmvpn
Legend: Attrb –> S – Static, D – Dynamic, I – Incomplete
N – NATed, L – Local, X – No Socket
# Ent –> Number of NHRP entries with same NBMA peer
NHS Status: E –> Expecting Replies, R –> Responding, W –> Waiting
UpDn Time –> Up or Down Time for a Tunnel
==========================================================================

Interface: Tunnel0, IPv4 NHRP Details
Type:Hub, NHRP Peers:2,

# Ent  Peer NBMA Addr Peer Tunnel Add State  UpDn Tm Attrb
—– ————— ————— —– ——– —–
1 200.1.20.2             10.1.1.2    UP 01:21:38     D
1 200.1.30.3             10.1.1.3    UP 01:10:15     D

branch2#ping 3.3.3.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/23/28 ms

IPSEC tomorrow…