DMVPN = order of NHS entries on the spoke

Unanswered Question
Dec 14th, 2009

We have global DMVPN Phase 2 network based on 4 hubs (2 in North America and 2 in Australia)

Issue is related to Spoke nhs entries configuration order. Does it matter? If no how will nhs be choosen?

Here is initial configuration of spoke in AUS:

interface Tunnel21 - Tunnel to hubs

ip nhrp map X.X.X.2 HUB-2(AUS)
ip nhrp map X.X.X.1 HUB-1(AUS)
ip nhrp map X.X.X.3 HUB-3(NA)
ip nhrp map X.X.X..4 HUB-4(NA)
ip nhrp network-id 21
ip nhrp nhs HUB-1(AUS)
ip nhrp nhs HUB-2(AUS)

In this configuration spoke can only see hubs in AUS but not in NA, it sees all after I added:

ip nhrp nhs HUB-3(NA)
ip nhrp nhs  HUB-4(NA)

Generaly speaking on spoke we should configure nhs to all 4 hubs (otherwise spoke can not see other hubs)

Does it matter if we change the order of NHRP entries in configuration?

1) If yes spoke will use first entry and first nhs server to up spoke-spoke connection. If spoke is in AUS (wants to speak with AUS other spoke) and first NHS in NA than it will be latency in tunnel establishment. Packets will come to NA before tunnel will be up.

In this case we need to change order of nhrp statments based on location to have best performance for spoke-spoke tunnels.

I have read cisco documentation and can not find any related information.

2) If no, and spoke sends requests to all NHS servers in the same time (hubs share information in between to have same picture). Than the idea was to use only local entries for spoke. But it is not working in real world as spoke even can not see other non-local hubs.

Thanks for reading and input!

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Rick Morris Tue, 12/15/2009 - 07:18

From my understanding you appear to be correct.  Much like anything else in Cisco it works from Top down.  Whatever you have at the top of

the list will be prefered, unless you use metrics.  Either way I believe you will need to use different set-up for each location based on the need for the

nhrp look-up.  I guess the great part of DMVPN is that it is only the nhrp lookup being latent and not the actual tunnel since this is not hair-pin routing.

maxim_ratinov Tue, 12/15/2009 - 10:05

So how can I make sure Top-down rule works here?

I read all docs that Cisco has to offer and found nothing about this question.

Sure I will regionalize nhrp statements based on location, but I need to make sure it is the fact and not only our ideas )

Same way, I can not understand WHY spoke in AUS can not see in (show ip eigrp or show ip nhrp) and can not pint routers in America before I configure nhs for NA routers. As far as I understand spoke should receive this info from AUS hub and hubs are connected and see each other so AUS hub should provide this info to spoke - but it is not the case


This Discussion