EIGRP DMVPN routing issue

Unanswered Question
Feb 10th, 2009

Hi,

I am having an issue with a route to an external DMVPN spoke. The external spoke can ping all internal devices and the DMVPN hub can ping all spokes and connected devices(including the external spoke). All internal spokes can ping each other over dynamically established tunnels. So it seems like the IPSEC/GRE portion of my configuration is correct. The problem lies with a few of the internal spokes trying to reach the external spoke.

Sanitized configs attached. Diagram is here http://img152.imageshack.us/img152/9043/layoutfs3.jpg

When I try to ping from I-SPOKE-1 to E-SPOKE-1, I receive the first ping response but all pings after that time out, and I receive the same condition from I-SPOKE-3 to E-SPOKE-1. The really strange part is that I-SPOKE-2 has complete connectivity, and can ping all devices including the external spoke. When I do a 'sh ip route' all internal spokes have the HUB listed as the next hop to the external spoke, so EIGRP seems to be propagating the correct info, but the HUB just isn't routing it properly. The part the really baffles me is Traceroute works end to end with every device… :-/

I have scrutinized every peace of the configurations and can't figure out what my problem is. If anyone has any ideas or links that might help it would be greatly appreciated.

Thanks in advance,

Joe

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Giuseppe Larosa Tue, 02/10/2009 - 10:34

Hello Joe,

the command

no ip split-horizon eigrp 90

is usually needed on hub not on spokes

to create dynamic spoke to spoke tunnels

on the hub you need also

no ip next-hop-self eigrp 90

you can check NHRP issues with

sh ip nhrp

debug nhrp

the fact that first packet is fine has some meaning NHRP activity has to be investigated.

Hope to help

Giuseppe

Actions

This Discussion