Re: OT: DMVPN

From: Chris Broadway (midatlanticnet@gmail.com)
Date: Thu Mar 23 2006 - 15:00:19 GMT-3

• Next message: Kemal Yildirim \(Netron\): "RE: Backup interface"
• Previous message: simone.ciscolab@gmail.com: "Re: RE: Backup interface"
• Maybe in reply to: Chris Broadway: "OT: DMVPN"
• Next in thread: Chris Cole: "RE: OT: DMVPN"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

All,

I am still drowning on this. Here is a quick recap. The tunnels from the
spoke to the hub come up. When I add EIGRP to the equation, I get this
error on the spokes and never see a neighbor relationship on the hub:

This one is from

*Mar 22 18:46:41.712: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor
50.50.50.2(Tunnel0) is down: retry limit exceeded

*Mar 22 18:46:45.564: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor
50.50.50.2(Tunnel0) is up: new adjacency

If I removed EIGRP and use static routes pointing to the tunnel IP of the
other spoke, Everything seems to work and a trace verifies that the tunnel
is spoke to spoke and not through the hub.

Here is an example of the topology:

INT IP=10.10.8.2/24

Tun INT IP=50.50.50.2/24

HUB router 26cea

                                                                        |

                                                                        |

                                                                        |

                                                                    / \

                                                                 /
\

                                                               /
           \

                                                             /
    \

                                                        /
                        \

                                    INT IP=10.10.5.2/24
       INT IP=10.10.7.2/24\

                                 Tun INT IP=50.50.50.1/24
Tun
INT IP=50.50.50.3/24

                                                LAN ip= 9.9.9.9/32
LAN ip 11.11.11.11/32

                                                 SPOKE 28ceb
Spoke 26cec

At first it looked like the EIGRP was bouncing because the tunnel bouncedI
could not find any evidence that the tunnel was bouncing. Here is an
example of the static routing I used instead of EIGRP:

From the lower left hand spoke:

ip route 10.10.0.0 255.255.0.0 10.10.5.1

ip route 11.11.11.11 255.255.255.255 50.50.50.3

From the lower right spoke:

ip route 9.9.9.9 255.255.255.255 50.50.50.1

ip route 10.10.0.0 255.255.0.0 10.10.7.1

From the hub:

ip route 10.10.0.0 255.255.0.0 10.10.8.1

Here is a ping and trace from spoke to spoke:

2610XM_CE_C#ping 9.9.9.9

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 9.9.9.9, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 4/6/8 ms

2610XM_CE_C#traceroute 9.9.9.9

Type escape sequence to abort.

Tracing the route to 9.9.9.9

  1 50.50.50.1 8 msec * 4 msec

There is no tunnel ipsec protection on any tunnel interface.

So the question remains, why is this not working when I remove the static
routes and use EIGRP?

-Chris

• Next message: Kemal Yildirim \(Netron\): "RE: Backup interface"
• Previous message: simone.ciscolab@gmail.com: "Re: RE: Backup interface"
• Maybe in reply to: Chris Broadway: "OT: DMVPN"
• Next in thread: Chris Cole: "RE: OT: DMVPN"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Apr 01 2006 - 10:07:40 GMT-3