Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1124
Views
0
Helpful
4
Replies

DMVPN Redundancy with two hubs in two regions - Design Help

tomek0001
Level 4
Level 4

‎03-10-2009 01:17 PM - edited ‎02-21-2020 04:10 PM

Hello

I'm trying to figure out how to implement DMVPN in two regions with two hubs in each regions, one as primary and the other as backup. Please see attached diagram for clarity.

My setup is two regions; each region has a primary hub and a secondary. Each spoke has two tunnel one for their respective region's hub and one to the other region's hub. The backup path is controlled using added delay on the tunnel interface to increase EIGRP metric for routes learn. There are two DMVPN networks blue and green.

What I would like to do it use the secondary hub in each region, but without creating another tunnel.

I'm using Phase 3 DMVPN (summary routes and nhrp redirect).

Does anyone have any suggestion how to implement it? If I just add the Hub 2 to each network using the

Int tun(x)

'ip nhrp map (hub2ip tunnel) (hub2 ip ext)'

'ip nhrp nhs (hub2)'

.. how would it know which nhs to use since? Would it just use both of them? Is there a metric to control that? (I know you can control it by which dest subnet should use which nhs (i.e: ip nhrp nhs (hub2) 10.0.0.0/9 and ip nhrp nhs (hub2) 10.128.0.0/9) to load balance it, but i'm trying to setup it up as a failover backup and not to load balance).

Any ideas or suggestions would be greatly appreciated.

Thank you,

Labels:
Preview file
38 KB
0 Helpful
4 Replies 4

nedian123
Level 1
Level 1

‎03-18-2009 11:22 AM

You will control it through IGP metrics. Check out the attached for design details.

Regards,

Akhtar

Note: Pls. dont forget to rate if this helps.

Preview file
2331 KB
0 Helpful

tomek0001
Level 4
Level 4
In response to nedian123

‎03-18-2009 11:46 AM

Can you give me an example how I could control it through metrics, since it will have one tunnel to both destinations and applying delay addition will effect both routes.

thanks

0 Helpful

nedian123
Level 1
Level 1
In response to tomek0001

‎03-18-2009 12:51 PM

Can you share your topology to see what can be done. Depending on the topology we will see where the metric can be changed either on the intermediate devices or else you might have to create to Tunnels to achieve primary & backup scenario.

0 Helpful

nedian123
Level 1
Level 1
In response to tomek0001

‎03-18-2009 11:37 PM

I have gone through your topology. I would recommend you to create 2 DMVPN clouds i.e. 2 tunnels from every branch & then control through IGP metric.

Regards,

Akhtar.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents