08-14-2008 05:04 AM - edited 02-21-2020 02:58 AM
Hi,
I wish to route a public IP range from one provider across another providers backbone. I want to route this range statically via a GRE tunnel.
However, the end-point (Customer spoke) is only DYNAMICALLY IP assigned a PUBLIC address.
Is it possible to create a tunnel between the two sites, where one is dynamic, the other static and where I can route an IP range through this tunnel if the spoke IP end-point is unknown?
Thanks!
Solved! Go to Solution.
08-14-2008 05:40 AM
Have you looked at DMVPN (One Hub and One Spoke)?
DMVPN uses NHRP to form spokes on the fly. The HUB does not need to know the public IP of the spokes at configuration time. The Tunnel/Public IP of the hub are hard coded in the spoke(s). Once it comes up the spoke registers itself to the hub dynamically (using the NHRP protocol).
Regards
Farrukh
08-14-2008 05:40 AM
Have you looked at DMVPN (One Hub and One Spoke)?
DMVPN uses NHRP to form spokes on the fly. The HUB does not need to know the public IP of the spokes at configuration time. The Tunnel/Public IP of the hub are hard coded in the spoke(s). Once it comes up the spoke registers itself to the hub dynamically (using the NHRP protocol).
Regards
Farrukh
08-16-2008 12:22 PM
Hi,
You can use the DMVPN feature.
Use the Router with Fixed IP as the DMVPN Hub and the Router with dynamic IP as the spoke.
DMVPN is based on GRE, However I would suggest to encrypt the GRE traffic using IPSEC, but this is not necessary.
Once the DMVPN tunnel is setup, you can route your IP subnets via this tunnel interface.
08-16-2008 10:41 PM
Hi guys,
Thanks for the responses. I have used DMVPN since it was bleeding nose tech 4 or 5 years ago. I don't need to encrypt. The interface in this case is only p-p so I don't require a multi-point GRE interface (I remove that from the config). I guess my question is therefore, are there any other encap technologies that allow me to efficiently encap IP in IP without encryption to route a public IP range from one provider over another providers network? The caveat being that the spoke is dynamically assigned.
Anyone familiar with getVPN? Does this do this? Or is this pure crypto technology?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: