Cisco DMVPN Redundancy - Vrf aware hub
In this configuration example, we have two hub routers which are also MPLS PE routers on an Internet Service Provider.And there are also two different DMVPN VPN Customers.
Configuration on Hub-1:
interface Tunnel100
ip vrf forwarding vrf-b
ip address 172.16.10.1 255.255.255.248
ip mtu 1400
ip nhrp authentication 100100
ip nhrp map multicast dynamic
ip nhrp network-id 100100
ip nhrp holdtime 600
ip ospf network broadcast
ip ospf cost 10
ip ospf priority 255
ip ospf mtu-ignore
delay 1000
qos pre-classify
tunnel source Loopback0
tunnel mode gre multipoint
tunnel key 100100
tunnel protection ipsec profile cisco shared
interface Tunnel101
ip vrf forwarding vrf-a
ip address 172.16.10.9 255.255.255.248
ip mtu 1400
ip nhrp authentication 100101
ip nhrp map multicast dynamic
ip nhrp network-id 100101
ip nhrp holdtime 600
ip ospf network broadcast
ip ospf cost 10
ip ospf priority 255
ip ospf mtu-ignore
delay 1000
qos pre-classify
tunnel source Loopback0
tunnel mode gre multipoint
tunnel key 100101
tunnel protection ipsec profile cisco shared
router ospf 101 vrf vrf-a
network 172.16.10.0 0.0.0.255 area 0
router ospf 100 vrf vrf-b
network 172.16.10.0 0.0.0.255 area 0
Configuration on Hub-2:
interface Tunnel200
ip vrf forwarding vrf-b
ip address 172.16.10.17 255.255.255.248
ip mtu 1400
ip nhrp authentication 123200
ip nhrp map multicast dynamic
ip nhrp network-id 123200
ip nhrp holdtime 600
ip ospf network broadcast
ip ospf cost 100
ip ospf priority 255
ip ospf mtu-ignore
delay 1000
qos pre-classify
tunnel source Loopback0
tunnel mode gre multipoint
tunnel key 100200
tunnel protection ipsec profile cisco shared
interface Tunnel201
ip vrf forwarding vrf-a
ip address 172.16.10.25 255.255.255.248
ip mtu 1400
ip nhrp authentication 123201
ip nhrp map multicast dynamic
ip nhrp network-id 123201
ip nhrp holdtime 600
ip ospf network broadcast
ip ospf cost 100
ip ospf priority 255
ip ospf mtu-ignore
delay 1000
qos pre-classify
tunnel source Loopback0
tunnel mode gre multipoint
tunnel key 100201
tunnel protection ipsec profile cisco shared
router ospf 101 vrf vrf-a
network 172.16.10.0 0.0.0.255 area 0
router ospf 100 vrf vrf-b
network 172.16.10.0 0.0.0.255 area 0
Configuration for vrf-a Customer:
interface Tunnel101
ip address 172.16.10.10 255.255.255.248
ip mtu 1400
ip nhrp authentication 100101
ip nhrp map 172.16.10.9 1.1.1.1
ip nhrp map multicast 1.1.1.1
ip nhrp network-id 100101
ip nhrp nhs 172.16.10.9
ip tcp adjust-mss 1362
ip ospf network broadcast
ip ospf cost 100
ip ospf priority 0
qos pre-classify
tunnel source FastEthernet0/0
tunnel mode gre multipoint
tunnel key 100101
tunnel protection ipsec profile cisco shared
interface Tunnel201
ip address 172.16.10.26 255.255.255.248
ip mtu 1400
ip nhrp authentication 100201
ip nhrp map 172.16.10.25 1.1.1.2
ip nhrp map multicast 1.1.1.2
ip nhrp network-id 100201
ip nhrp nhs 172.16.10.25
ip tcp adjust-mss 1362
ip ospf network broadcast
ip ospf cost 200
ip ospf priority 0
qos pre-classify
tunnel source FastEthernet0/0
tunnel mode gre multipoint
tunnel key 100201
tunnel protection ipsec profile cisco shared
router ospf 101
network 172.16.10.0 0.0.0.255 area 0
In this configuration example, we have two hub routers which are also MPLS PE routers on an Internet Service Provider.And there are also two different DMVPN VPN Customers.
Configuration on Hub-1:
interface Tunnel100
ip vrf forwarding vrf-b
ip address 172.16.10.1 255.255.255.248
ip mtu 1400
ip nhrp authentication 100100
ip nhrp map multicast dynamic
ip nhrp network-id 100100
ip nhrp holdtime 600
ip ospf network broadcast
ip ospf cost 10
ip ospf priority 255
ip ospf mtu-ignore
delay 1000
qos pre-classify
tunnel source Loopback0
tunnel mode gre multipoint
tunnel key 100100
tunnel protection ipsec profile cisco shared
interface Tunnel101
ip vrf forwarding vrf-a
ip address 172.16.10.9 255.255.255.248
ip mtu 1400
ip nhrp authentication 100101
ip nhrp map multicast dynamic
ip nhrp network-id 100101
ip nhrp holdtime 600
ip ospf network broadcast
ip ospf cost 10
ip ospf priority 255
ip ospf mtu-ignore
delay 1000
qos pre-classify
tunnel source Loopback0
tunnel mode gre multipoint
tunnel key 100101
tunnel protection ipsec profile cisco shared
router ospf 101 vrf vrf-a
network 172.16.10.0 0.0.0.255 area 0
router ospf 100 vrf vrf-b
network 172.16.10.0 0.0.0.255 area 0
Configuration on Hub-2:
interface Tunnel200
ip vrf forwarding vrf-b
ip address 172.16.10.17 255.255.255.248
ip mtu 1400
ip nhrp authentication 123200
ip nhrp map multicast dynamic
ip nhrp network-id 123200
ip nhrp holdtime 600
ip ospf network broadcast
ip ospf cost 100
ip ospf priority 255
ip ospf mtu-ignore
delay 1000
qos pre-classify
tunnel source Loopback0
tunnel mode gre multipoint
tunnel key 100200
tunnel protection ipsec profile cisco shared
interface Tunnel201
ip vrf forwarding vrf-a
ip address 172.16.10.25 255.255.255.248
ip mtu 1400
ip nhrp authentication 123201
ip nhrp map multicast dynamic
ip nhrp network-id 123201
ip nhrp holdtime 600
ip ospf network broadcast
ip ospf cost 100
ip ospf priority 255
ip ospf mtu-ignore
delay 1000
qos pre-classify
tunnel source Loopback0
tunnel mode gre multipoint
tunnel key 100201
tunnel protection ipsec profile cisco shared
router ospf 101 vrf vrf-a
network 172.16.10.0 0.0.0.255 area 0
router ospf 100 vrf vrf-b
network 172.16.10.0 0.0.0.255 area 0
Configuration for vrf-a Customer:
interface Tunnel101
ip address 172.16.10.10 255.255.255.248
ip mtu 1400
ip nhrp authentication 100101
ip nhrp map 172.16.10.9 1.1.1.1
ip nhrp map multicast 1.1.1.1
ip nhrp network-id 100101
ip nhrp nhs 172.16.10.9
ip tcp adjust-mss 1362
ip ospf network broadcast
ip ospf cost 100
ip ospf priority 0
qos pre-classify
tunnel source FastEthernet0/0
tunnel mode gre multipoint
tunnel key 100101
tunnel protection ipsec profile cisco shared
interface Tunnel201
ip address 172.16.10.26 255.255.255.248
ip mtu 1400
ip nhrp authentication 100201
ip nhrp map 172.16.10.25 1.1.1.2
ip nhrp map multicast 1.1.1.2
ip nhrp network-id 100201
ip nhrp nhs 172.16.10.25
ip tcp adjust-mss 1362
ip ospf network broadcast
ip ospf cost 200
ip ospf priority 0
qos pre-classify
tunnel source FastEthernet0/0
tunnel mode gre multipoint
tunnel key 100201
tunnel protection ipsec profile cisco shared
router ospf 101
network 172.16.10.0 0.0.0.255 area 0
No comments:
Post a Comment