DMVPN using RIPv2

choudary · ‎05-10-2007

I am planning to use RIPv2. I tried to build new tunnels last night and ran into few issues. I need your help in order to fix these issues.

I have two HUB routers (NYC and Connecticut)and there are 6 branch offices, which will run as spokes.

NYC and Connecticut routers have one connection to internet using T1. But, all of branch offices have two connections to internet one via cable and another via DSL. I am planning to create redundant tunnels from spokes to HUB routers. For example, spoke in Florida will have two tunnels coming to NY and two to NJ. One of these tunnels will use Cable and anthor DSL connection to respective offices. To add additional redudancy, NY and NJ are interconnected, so if either of main offices' main link is down, traffic may come to this office via other office.

Now I am confused, how will packet from florida office destined for NY office select route. These redundant tunnels will have routes available to NY both via Cable and DSL, so which route is preffered? Is there a way using RIPv2 to make one route as higher priority than other?

Here is Tunnel Setup from Florida to NY:

HUB:

interface tunnel100

ip address 172.30.1.1 255.255.255.0

ip mtu 1460

ip nhrp authentication test

ip nhrp map multicast dynamic

ip nhrp network-id 80

ip nhrp holdtime 300

ip rip authentication mode md5

ip rip authentication key-chain ripdmvpn

tunnel source FastEthernet 0/0

tunnel key 304050

tunnel mode gre multipoint

tunnel protection ipsec profile TESTVPN

no ip split-horizon

interface tunnel200

ip address 172.30.2.1 255.255.255.0

ip mtu 1460

ip nhrp authentication test

ip nhrp map multicast dynamic

ip nhrp network-id 80

ip nhrp holdtime 300

ip rip authentication mode md5

ip rip authentication key-chain ripdmvpn

tunnel source FastEthernet 0/1

tunnel key 304050

tunnel mode gre multipoint

tunnel protection ipsec profile TESTVPN

no ip split-horizon

router rip

version 2

network 172.16.128.0

network 172.30.1.0

network 172.30.2.0

network 10.0.3.0

no auto-summary

SPOKE in Folrida:

interface tunnel100

ip address 172.30.1.11 255.255.255.0

ip mtu 1460

ip nhrp authentication test

ip nhrp map 172.30.1.1 209.200.156.19

ip nhrp map multicast 209.200.156.19

ip nhrp nhs 172.30.1.1

ip nhrp network-id 80

ip nhrp holdtime 300

ip rip authentication mode md5

ip rip authentication key-chain ripdmvpn

tunnel source serial 0/0

tunnel key 304050

tunnel destination 209.200.156.19

tunnel protection ipsec profile TESTVPN

no ip split-horizon

router rip

version 2

network 172.16.6.0

network 10.0.2.0

network 172.30.1.0

network 172.30.2.0

no auto-summary

interface tunnel200

ip address 172.30.2.11 255.255.255.0

ip mtu 1460

ip nhrp authentication test

ip nhrp map 172.30.2.1 209.190.156.19

ip nhrp map multicast 209.190.156.19

ip nhrp nhs 172.30.2.1

ip nhrp network-id 80

ip nhrp holdtime 300

ip rip authentication mode md5

ip rip authentication key-chain ripdmvpn

tunnel source serial 0/0

tunnel key 304050

tunnel destination 209.190.156.19

tunnel protection ipsec profile TESTVPN

no ip split-horizon

Please let me know if this configuration will work. Also, how do I prefer one route over other, when it is learned via RIPv2? As always, your anticipated prompt response is highly appreciated.

Thank you.

Choudary

mchin345 · ‎05-16-2007

Try this:

remove the "ip nhrp map multicast dynamic" from the tunnel200