05-11-2007 10:37 AM - edited 02-21-2020 03:02 PM
I believe that I posted it under wrong thread (general) yesterday. Please let me know if anyone has any answer.
I am planning to use RIPv2. I tried to build new tunnels last night and ran into few issues. I need your help in order to fix these issues.
I have two HUB routers (NYC and Connecticut)and there are 6 branch offices, which will run as spokes.
NYC and Connecticut routers have one connection to internet using T1. But, all of branch offices have two connections to internet one via cable and another via DSL. I am planning to create redundant tunnels from spokes to HUB routers. For example, spoke in Florida will have two tunnels coming to NY and two to NJ. One of these tunnels will use Cable and anthor DSL connection to respective offices. To add additional redudancy, NY and NJ are interconnected, so if either of main offices' main link is down, traffic may come to this office via other office.
Now I am confused, how will packet from florida office destined for NY office select route. These redundant tunnels will have routes available to NY both via Cable and DSL, so which route is preffered? Is there a way using RIPv2 to make one route as higher priority than other?
Here is Tunnel Setup from Florida to NY:
HUB:
interface tunnel100
ip address 172.30.1.1 255.255.255.0
ip mtu 1460
ip nhrp authentication test
ip nhrp map multicast dynamic
ip nhrp network-id 80
ip nhrp holdtime 300
ip rip authentication mode md5
ip rip authentication key-chain ripdmvpn
tunnel source FastEthernet 0/0
tunnel key 304050
tunnel mode gre multipoint
tunnel protection ipsec profile TESTVPN
no ip split-horizon
interface tunnel200
ip address 172.30.2.1 255.255.255.0
ip mtu 1460
ip nhrp authentication test
ip nhrp map multicast dynamic
ip nhrp network-id 80
ip nhrp holdtime 300
ip rip authentication mode md5
ip rip authentication key-chain ripdmvpn
tunnel source FastEthernet 0/1
tunnel key 304050
tunnel mode gre multipoint
tunnel protection ipsec profile TESTVPN
no ip split-horizon
router rip
version 2
network 172.16.128.0
network 172.30.1.0
network 172.30.2.0
network 10.0.3.0
no auto-summary
SPOKE in Folrida:
interface tunnel100
ip address 172.30.1.11 255.255.255.0
ip mtu 1460
ip nhrp authentication test
ip nhrp map 172.30.1.1 209.200.156.19
ip nhrp map multicast 209.200.156.19
ip nhrp nhs 172.30.1.1
ip nhrp network-id 80
ip nhrp holdtime 300
ip rip authentication mode md5
ip rip authentication key-chain ripdmvpn
tunnel source serial 0/0
tunnel key 304050
tunnel destination 209.200.156.19
tunnel protection ipsec profile TESTVPN
no ip split-horizon
router rip
version 2
network 172.16.6.0
network 10.0.2.0
network 172.30.1.0
network 172.30.2.0
no auto-summary
interface tunnel200
ip address 172.30.2.11 255.255.255.0
ip mtu 1460
ip nhrp authentication test
ip nhrp map 172.30.2.1 209.190.156.19
ip nhrp map multicast 209.190.156.19
ip nhrp nhs 172.30.2.1
ip nhrp network-id 80
ip nhrp holdtime 300
ip rip authentication mode md5
ip rip authentication key-chain ripdmvpn
tunnel source serial 0/0
tunnel key 304050
tunnel destination 209.190.156.19
tunnel protection ipsec profile TESTVPN
no ip split-horizon
Please let me know if this configuration will work. Also, how do I prefer one route over other, when it is learned via RIPv2? As always, your anticipated prompt response is highly appreciated.
Thank you.
Choudary
05-17-2007 10:14 AM
I think your config is fine. To prefer one route over other you can use "ip policy route-map" command. Following link may help you
Other way will be to use offset lists.
05-18-2007 07:41 AM
You may want to look at using weighted static routes on your spokes. As a spoke
you have two ways out and you want to control
the direction of your traffic
ip route 10.10.10.0 0.0.0.255 172.30.1.1 75
ip route 10.10.10.0 0.0.0.255 172.30.2.1 80
Spoke routers tend to work better with statics
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide