DMVPN - RIPv2

Unanswered Question
May 11th, 2007

I believe that I posted it under wrong thread (general) yesterday. Please let me know if anyone has any answer.

I am planning to use RIPv2. I tried to build new tunnels last night and ran into few issues. I need your help in order to fix these issues.

I have two HUB routers (NYC and Connecticut)and there are 6 branch offices, which will run as spokes.

NYC and Connecticut routers have one connection to internet using T1. But, all of branch offices have two connections to internet one via cable and another via DSL. I am planning to create redundant tunnels from spokes to HUB routers. For example, spoke in Florida will have two tunnels coming to NY and two to NJ. One of these tunnels will use Cable and anthor DSL connection to respective offices. To add additional redudancy, NY and NJ are interconnected, so if either of main offices' main link is down, traffic may come to this office via other office.

Now I am confused, how will packet from florida office destined for NY office select route. These redundant tunnels will have routes available to NY both via Cable and DSL, so which route is preffered? Is there a way using RIPv2 to make one route as higher priority than other?

Here is Tunnel Setup from Florida to NY:

HUB:

interface tunnel100

ip address 172.30.1.1 255.255.255.0

ip mtu 1460

ip nhrp authentication test

ip nhrp map multicast dynamic

ip nhrp network-id 80

ip nhrp holdtime 300

ip rip authentication mode md5

ip rip authentication key-chain ripdmvpn

tunnel source FastEthernet 0/0

tunnel key 304050

tunnel mode gre multipoint

tunnel protection ipsec profile TESTVPN

no ip split-horizon

interface tunnel200

ip address 172.30.2.1 255.255.255.0

ip mtu 1460

ip nhrp authentication test

ip nhrp map multicast dynamic

ip nhrp network-id 80

ip nhrp holdtime 300

ip rip authentication mode md5

ip rip authentication key-chain ripdmvpn

tunnel source FastEthernet 0/1

tunnel key 304050

tunnel mode gre multipoint

tunnel protection ipsec profile TESTVPN

no ip split-horizon

router rip

version 2

network 172.16.128.0

network 172.30.1.0

network 172.30.2.0

network 10.0.3.0

no auto-summary

SPOKE in Folrida:

interface tunnel100

ip address 172.30.1.11 255.255.255.0

ip mtu 1460

ip nhrp authentication test

ip nhrp map 172.30.1.1 209.200.156.19

ip nhrp map multicast 209.200.156.19

ip nhrp nhs 172.30.1.1

ip nhrp network-id 80

ip nhrp holdtime 300

ip rip authentication mode md5

ip rip authentication key-chain ripdmvpn

tunnel source serial 0/0

tunnel key 304050

tunnel destination 209.200.156.19

tunnel protection ipsec profile TESTVPN

no ip split-horizon

router rip

version 2

network 172.16.6.0

network 10.0.2.0

network 172.30.1.0

network 172.30.2.0

no auto-summary

interface tunnel200

ip address 172.30.2.11 255.255.255.0

ip mtu 1460

ip nhrp authentication test

ip nhrp map 172.30.2.1 209.190.156.19

ip nhrp map multicast 209.190.156.19

ip nhrp nhs 172.30.2.1

ip nhrp network-id 80

ip nhrp holdtime 300

ip rip authentication mode md5

ip rip authentication key-chain ripdmvpn

tunnel source serial 0/0

tunnel key 304050

tunnel destination 209.190.156.19

tunnel protection ipsec profile TESTVPN

no ip split-horizon

Please let me know if this configuration will work. Also, how do I prefer one route over other, when it is learned via RIPv2? As always, your anticipated prompt response is highly appreciated.

Thank you.

Choudary

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
vmoopeung Thu, 05/17/2007 - 10:14

I think your config is fine. To prefer one route over other you can use "ip policy route-map" command. Following link may help you

http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/products_command_reference_chapter09186a00801d2ddf.html#wp1105278

Other way will be to use offset lists.

http://www.cisco.com/en/US/products/sw/iosswrel/ps1831/products_configuration_guide_chapter09186a00800d97f7.html#wp1000992

robert.d.mccart... Fri, 05/18/2007 - 07:41

You may want to look at using weighted static routes on your spokes. As a spoke

you have two ways out and you want to control

the direction of your traffic

ip route 10.10.10.0 0.0.0.255 172.30.1.1 75

ip route 10.10.10.0 0.0.0.255 172.30.2.1 80

Spoke routers tend to work better with statics

Actions

This Discussion