Most stable mainline release for DMVPN?

Unanswered Question
Jun 7th, 2010
User Badges:

Hi People,

We are currently running DMVPN on advanced security 12.4.11T2 on hub and spokes and we want to go to a newer IOS since this is deferred.

Should I go to a T or a mainline release?

the latest releases are

12.4-25c (mainline)

12.4.24T3 (ED) or 12.4.22T5(MD) T release.

I would appreciate your opinion.



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Marcin Latosiewicz Mon, 06/07/2010 - 07:29
User Badges:
  • Cisco Employee,


I would definetly go for a MD release, unless there are some features you need in newer trains.

I have very good feedback with 12.4(15)T train - and would go for the latest revision, it's also MD.

12.4(2x)T trains include new CEF code that is now a bit better (bugwise) in latest revisions - and some nice features like per-tunnel QoS.


m.benhassine Tue, 07/13/2010 - 06:31
User Badges:


It seems that the releases supporting, as for example the "Per Tunnel QoS" feature, depends on the hardware as well.

According to a recent experience, the per tunnel QoS (ip nhrp group...) is not supported in the 12.4(24)T3 (an ED) and 12.4(22)T5 (an MD) installed on an ISR2821! It seems too incredible but I verified it!

However the feature navigator indicates the 3825 or 3845 to support the "per tunnel QoS"!

What do you think?


Marcin Latosiewicz Wed, 07/14/2010 - 01:38
User Badges:
  • Cisco Employee,

It might be a problem with compilation process... potentially.

The only restrictions I see for per tunnels qos are:

Restrictions for Per-Tunnel QoS for DMVPN

You cannot configure a per-tunnel QoS  policy on a tunnel interface and a separate  QoS policy on the outbound physical interface at the same time.

You can attach a per-tunnel QoS policy  on the tunnel only in the egress direction.

If above is fulfiled I would open a TAC case to have this one verified.


m.benhassine Wed, 07/14/2010 - 10:38
User Badges:

Indeed, according to Cisco docs, the only restrictions are those you mentioned.

Another prerequisite is to activate "cef" on the router before it would be possible to configure the "Per Tunnel QoS", and in my case, ip cef was activated!

But what have you meant by "a problem with compilation process"?

Untill this moment I've found no potential mistake in handling the upgrade process from a previous versions 12.4(20)T3. All was correctly undertoken.

Marcin Latosiewicz Wed, 07/14/2010 - 12:08
User Badges:
  • Cisco Employee,

It sometimes happens that some features are not compiled into certain images.

If this is unintentional or design/supportability issue that's another topic.

Open a TAC case if you verified in FN that this feature should be available on given platform.

Michael Sullenberger Thu, 08/12/2010 - 12:33
User Badges:
  • Cisco Employee,

I currently recommend 12.4(15)T13, 12.4(24)T3 as the most stable releases for DMVPN.

If you don't need the new features that are available in 12.4(24)T3 then you can stay with 12.4(15)T13.



This Discussion

Related Content