DMVPN Design query

Unanswered Question
Jan 3rd, 2006
User Badges:

I'm in a process of designing a DMVPN solution with 3 hubs and 40-50 Spokes.


Each HUB (Primary Centre, DR Centre & Head Office) has two routers each.


Spoke routers are not expected to talk to each other. Only communication allowed is with the 3 Hub Location networks.


Hence i would have to deploy DMVPN Hub/Spoke topology.


I have gone thru the DMVPN Design Guide : SRND: April 2005.


It suggests that in Hub-Spoke DMVPN Topology, Create different DMVPN Groups for each Hub location Router with mGRE Configuration, and deploy Plain Vanilla GRE at Spoke Locations.


Using this philosophy. As i have 6 Hub Routers (2 HUB Location x 2 Routers). I would end up with

6 DMVPN Groups in the Network

single mGRE Tunnel at a Hub Router

6 GRE Tunnels at Spoke Locations.


Is there a better way to implement this topology, or this design would be ok.


Also FYKI, i would be implementing OSPF as the Routing Protocol within GRE Tunnels.


Kindly address any issues/optimizations in the above design.


Rgds

Sumedh

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
johansens Tue, 01/03/2006 - 03:24
User Badges:
  • Silver, 250 points or more

Hi there Sumedh,


I would do almost this.. just some small changes:

- run 6 mGRE tunnels (spoke-side) at Spoke Locations.. because you'll need the nhrp-stuff as well.


- Implement EIGRP as the routing protocol within the GRE tunnels.. there are some limitations when using OSPF (will be fixed in DMVPN Phase 3). (Cisco did recommend using a distance vector protocol once.. but they added support for OSPF after this.. and now they even support ODR!! ;)


Check this link as well:

"Dynamic Multipoint VPN FAQ"

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_q_and_a_item0900aecd802e2cf5.shtml


Did it help?

ric_nsgdata Tue, 01/03/2006 - 21:31
User Badges:

Thanks...


Atleast you indicated that i'm heading in right direction.


Regarding the changes you suggested.


I would not implement mGRE at Spoke locations as i require only HUB-SPOKE Topology.

And Yes i'm going to have NHRP at Spoke locations in combination with GRE as this would help the HUB Location to dynamically create IPSEC Profiles and Map NBMA Address to Tunnel Address


On the Routing Protocol, OSPF Limitations are there on a Spoke-to-Spoke Topology with the nos of DR/BDR i can have in an DMVPN Group. But in HUB-SPOKE Topology, i'm going to have only one OSPF DR Router i.e. the HUB Router. Rest all Spoke locations i'm going to configure "ip ospf Priority 0", so that they become ineligible for DR/BDR Election in that DMVPN Group.


Also, the Route Summarization feature is currently not availablke in EIGRP as well as OSPF in DMVPN Phase 1 Implementation.


and Yes it did help, thanks for the advise.

Actions

This Discussion