Dual DMVPN Problem

Unanswered Question
Jan 26th, 2006
User Badges:

Hi, we've just implemented a Dual DMVPN solution and have approx 3 * spoke pilot sites running at the moment for testing (all ADSL/SDSL).


We have the DMVPN setup with GRE tunnels and using EIGRP across the dual tunnels. Each remote site also has ISDN backup using the Dialer-Watch feature. All seems to be working ok with tunnel failover and routing etc.


However, we have noticed that our Spoke routers lose their EIGRP neigbours (to the Hubs) around the same time every 5-7 days and all initiate an ISDN backup call at the same time. The logs show the Hub EIGRP neighbour being lost for approx 1-3 minutes.


This seems to indicate that the Hubs are renegotiating something at this time every 5-7 days causing the spoke routers to lose their 'watched route' and bring up the BRI Dialer.


Are there any settings we need to make at the DMVPN Hubs to stop this happening..?


Do we need to change the EIGRP timers.?


Currently, EIGRP is set to the default timers of Hello's = 5 secs and Holdtime = 15 secs.


Appreciate any help here.


Thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
emadaris Mon, 03/06/2006 - 11:06
User Badges:

I was experiencing this same issue a couple of weeks ago with my every growing DMVPN enviroment. If you are using Tunnel Interfaces (GRE), make sure you have a bandwidth statement on "that" interface at the both the hub and spoke. TAC recommended using 256k at the spoke and 1000k at the hub. The reason behind this is that by default, a tunnel interface has a bandwidth of 9.66k, which EIGRP will only use a small percentage of that by design. By increasing the bandwidth, you are allowing EIGRP to comminicate over the GRE tunnel efficently without queuing up the EIGRP packets.



john.pepper Fri, 04/21/2006 - 08:40
User Badges:

Hi, thanks for the reply and sorry for the delay in responding to your message.


Yeah, I did see this around them time and we set our bandwidth statements - pretty much straight away. However, the problem is still there.


I think this maybe someting to do with packet based load-sharing on our ISP links. We have 2 * C&W 34mb circuits that are load-sharing. From what I've read, the IPSec traffic gets replayed on our Hub routers as the packets can arrive out-of-sequence, thereby casuing a delay and eigrp neighbours are lost for a short time. I have also adjusted the eigrp holdtime & keepalive but still much the same. We're about to upgrade to STM-1 (155) ISP circuits soon so I'm hoping that will solve the problem.. If not I'll raiase another TAC case.


Cheers....John

pallette Wed, 09/20/2006 - 20:24
User Badges:

John,


Did you ever get this resolved?



Regards

Actions

This Discussion