jAkademy

This Blog is related to Network and System Administration articles and configuration of different devices mostly on Cisco and Microsoft Platform.

Thursday, August 6, 2015

DMVPN Configuration on Cisco Router

DMVPN stands for Dynamic Multiple Virtual Private Network. If you are not familiar with DMVPN then Click Here to get introduce with this quite amazing feature. This article is focused just on how to cofigure DMVPN on a Cisco router

Configuration Scenario

Configuration on R1 (HUB Router)

config t
interface fa 0/1d
ip address 10.1.1.1 255.255.255.0
!
interface tunnel 0
tunnel source se 0/0
!se0/0 public facing interface
ip address 192.168.0.1 255.255.255.0
tunnel mode gre multipoint
tunnel key  1234
ip nhrp network-id 1
ip nhrp authentication asdfasdf
ip nhrp map multicast dynamic
tunnel path-mtu-discovery
ip mtu 1400

ip tcp adjust-mss 1360

Important Points to note


  1. Unlike p2p GRE, the tunnel does not have an explicit destination specified. i.e. no "tunnel destination a.b.c.d" command 
  2. The tunnel mode has been designated as multipoint GRE.
  3. The second thing is that network-id uniquely identifies the network. It must be same on all router otherwise tunnel will not form with the router having different network-id.
  4. tunnel key and ip nhrp authentication must also be same on all device in order to join the group.
  5. Third thing to note is IP nhrp multicast dynamic enables forwarding of multicast traffic across the the tunnel to dynamic spokes.

Configuration on spoke

config t
interface fa 0/1
ip address 10.1.2.1 255.255.255.0
!
interface tunnel 0
tunnel source se 0/0
ip address 192.168.0.2 255.255.255.0
! This IP assigned to this tunnel interface
tunnel mode gre multipoint
tunnel key 1234
ip nhrp network-id 1
ip nhrp authentication asdfasdf
ip nhrp map multicast dynamic
ip nhrp nhs 192.168.0.1
ip nhrp map 192.168.0.1 51.10.1.2
ip nhrp map multicast 51.10.1.2
ip mtu 1400

ip tcp adjust-mss 1360

Noticeable points


  1. IP nhrp nhs 192.168.0.1 is the IP of NHS (the only functionality of the Hub)
  2. IP nhrp map 192.168.0.1 172.16.15.2 statically maps the nhs tunnel ip address to Hub’s physical address.The first is the nhs' tunnel interface IP address and the second is the global address of the nhs
  3. IP nhrp map multicast dynamic. This command also differs means that multicast traffic is allowed from spokes to hub but not allowed for spokes to spokes.

Verification

After completing the configuration you can verify the settings through

Show dmvpn

To check the dynamic tunnel formation.
First ping/traceroute the tunnel IP of that spoke and then show dmvp command
i.e from R2(spoke) ping the tunnel ip of R3 (spoke). in response to the ping a dynamic tunnel will be formed between the spokes.
you can verify the dynamic tunnel by the following method

traceroute 192.168.0.3
show dmvpn
show ip nhrp
Labels: , ,

No comments:

Post a Comment

We’re eager to see your comment. However, use of any abusive language is strictly prohibited . All the abusive words and posts will be deleted and Please Keep in mind that all comments are moderated manually by our human reviewers. Let’s enjoy a personal and evocative conversation. Thank You

Subscribe to: Post Comments (Atom)