I've configured a network with PE's and CE's what I have is EIGRP running between PE's and EBGP between PE and CE's. can't reach router loopback address of other CE's. Routing on the PE's works to all locations without a problem. I have DMVPN running between PE's but this is'nt impacting the routing in anyway because the PE's can reach other and all LAN and loopback subnets.
Between CE and PE i redistribute EIGRP into BGP and BGP into EIGRP.
The problem seems to be the routing between CE-CE.
from CE-1 pinging loopback 192.168.3.1
from CE-1 pinging loopback 192.168.10.1
All other routing works well.
Can anyone point me in the right direction configurations attached,
All i need is to have full routing from the CE's. I don't know why the PE's are dropping packets destined for other CE's.
Here the senario that you post i think you are trying to run VRF-Lite over the PE's.
You have configured TEST_VRF1 for Cust & configured same VRF for DMVPN Tunnel. althrough should i consider that you want to run Excrypted traffic of that customer over PE's.
Here in you tunnel config please check :
interface Tunnel1 ip vrf forwarding TEST_VRF1 ip address 192.168.4.1 255.255.255.0 no ip redirects ip mtu 1532 no ip next-hop-self eigrp 90 ip nhrp map multicast dynamic ip nhrp network-id 123 no ip split-horizon eigrp 90 tunnel source FastEthernet1/0 tunnel mode gre multipoint tunnel protection ipsec profile Secure_Tunnel
interface FastEthernet1/0 description *** Link to Core Switch ****** ip address 192.168.2.26 255.255.255.0 duplex auto speed auto
Tunnel source is fa1/0 & That tunnel is in VRF , But the source traffic is in Global routing table. So i think that it will not work , Config you VRF to use global routing table so that the tunnel source will work properly .
Note : I have not simulated the senario . But still in overview i think is can be issue. Please check
In order for the PE to import all CE routes which was previously learned by bgp between the PE-CE, you will still need bgp between the PEs rather thanEigrp or any other routing protocol .
The fact is that the Route-targets are only carried by BGP protocol with the extended community, your redistribution between Eigrp and BGP will not carry those route targets and would thefore not carry the routes.
I suggest you have a VPNv4 session between all your PEs . This should solve your problem.
Another question is that why do you have DMVPN between PEs rather than your CEs?
The Cisco EPN system incorporates a network architecture designed to consolidate multiples services on a single Multiprotocol Label Switching (MPLS) transport network. This network is designed primarily based on Application Engineered...
Internet security is important with the increasing attacks that are happening every day. Many internet and browsing security solutions exist, but some are not very easy to use or maybe the question is how can I enable them?
Cisco Software Manager Server
This document describes the programmatic interfaces, RESTful APIs, which are supported by Cisco Software Manager Server (CSM Server).
CSM Server supports a set of finite RESTful APIs. The fir...