×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

DMVPN Traceroute hits hub then spoke !!

Answered Question
Oct 19th, 2013
User Badges:

Hi Folk , Greetings ..


I have followed the lab posted underhttps://supportforums.cisco.com/docs/DOC-29434 exactly bit by bit and also illustrated below for brevity , but the problem when I do traceroute from one spoke to another spoke , then traffic reaches hub then go to destination spoke I don't see any direct communication from spoke to spoke . I'm wondoring whether if it must not reach the hub and must go directly from spoke to spoke which I want to achieve ....


physical-dmvpn.png


HUB Configuration ..

interface Tunnel0

bandwidth 10000

ip address 10.1.1.1 255.255.255.0

no ip redirects

ip mtu 1400

ip hold-time eigrp 1 35

no ip next-hop-self eigrp 1

ip nhrp map multicast dynamic

ip nhrp network-id 1

ip nhrp holdtime 360

ip nhrp cache non-authoritative

ip nhrp shortcut

ip nhrp redirect

ip tcp adjust-mss 1360

no ip split-horizon eigrp 1

tunnel source FastEthernet0/0

tunnel mode gre multipoint

tunnel protection ipsec profile DMVPN

!


All spokes configuration

interface Tunnel0

bandwidth 10000

ip address 10.1.1.xx  255.255.255.0

no ip redirects

ip mtu 1400

ip hold-time eigrp 1 35

no ip next-hop-self eigrp 1

ip nhrp map multicast dynamic

ip nhrp map 10.1.1.1 192.168.1.100

ip nhrp map multicast 192.168.1.100

ip nhrp network-id 1

ip nhrp nhs 10.1.1.1

ip nhrp cache non-authoritative

ip nhrp shortcut

ip nhrp redirect

ip tcp adjust-mss 1360

no ip split-horizon eigrp 1

tunnel source FastEthernet0/0

tunnel mode gre multipoint

tunnel protection ipsec profile DMVPN

!


Any help will be highly appreciated ..

Correct Answer by Jeff Van Houten about 3 years 10 months ago

Can the external interfaces of the spokes (not the tunnel interfaces) communicate with each other directly? The external interfaces must be able to establish the IPSec peer with each other for multicast DMVPN to work.

Sent from Cisco Technical Support iPad App

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Jeff Van Houten Sat, 10/19/2013 - 10:06
User Badges:
  • Silver, 250 points or more

Can the external interfaces of the spokes (not the tunnel interfaces) communicate with each other directly? The external interfaces must be able to establish the IPSec peer with each other for multicast DMVPN to work.

Sent from Cisco Technical Support iPad App

Majed Saeed Sat, 10/19/2013 - 12:38
User Badges:

Thank you Jeff for posting . Issue has been resolved after adding static routes pointing to each physical external interface ( not the tunnel ) on all spoke routers as below . Indeed my problem that I followed above document exactly and the same was't mentioned any routes should be pointed towards external interfaces .


R2

ip route 192.168.3.3 255.255.255.255 192.168.2.1

ip route 192.168.4.4 255.255.255.255 192.168.2.1


R3

ip route 192.168.2.2 255.255.255.255 192.168.3.1

ip route 192.168.4.4 255.255.255.255 192.168.3.1


R4

ip route 192.168.2.2 255.255.255.255 192.168.4.1

ip route 192.168.3.3 255.255.255.255 192.168.4.1

Jeff Van Houten Sat, 10/19/2013 - 13:12
User Badges:
  • Silver, 250 points or more

I'm glad you got it worked out.

Sent from Cisco Technical Support iPad App

Actions

This Discussion