RE: OT: DMVPN

From: Chris Cole (CCole@EPLUS.com)
Date: Thu Mar 23 2006 - 17:57:58 GMT-3

• Next message: Eric.Stuhl@ferguson.com: "RE: OT: Configuring 2600 for Cable Modem Router"
• Previous message: Victor Cappuccio: "Re: Next hop IP address required"
• Maybe in reply to: Chris Broadway: "OT: DMVPN"
• Next in thread: Chris Broadway: "Re: OT: DMVPN"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Is split horizon disabled?

  _____

From: Chris Broadway [mailto:midatlanticnet@gmail.com]
Sent: Thursday, March 23, 2006 1:00 PM
To: Chris Cole
Cc: Mark Lasarko; groupstudy@american-hero.com; ccielab@groupstudy.com
Subject: Re: OT: DMVPN

All,

I am still drowning on this. Here is a quick recap. The tunnels from
the spoke to the hub come up. When I add EIGRP to the equation, I get
this error on the spokes and never see a neighbor relationship on the
hub:

This one is from

*Mar 22 18:46:41.712: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor
50.50.50.2 <http://50.50.50.2/> (Tunnel0) is down: retry limit exceeded

*Mar 22 18:46:45.564: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor
50.50.50.2 <http://50.50.50.2/> (Tunnel0) is up: new adjacency

If I removed EIGRP and use static routes pointing to the tunnel IP of
the other spoke, Everything seems to work and a trace verifies that the
tunnel is spoke to spoke and not through the hub.

Here is an example of the topology:

INT IP= 10.10.8.2/24

Tun INT IP= 50.50.50.2/24

HUB router 26cea

|

|

|

                                                                    /
\

                                                                 /
\

                                                               /
\

                                                             /
\

                                                        /
\

                                    INT IP=10.10.5.2/24
INT IP=10.10.7.2/24\ <http://10.10.7.2/24/>

                                  Tun INT IP=50.50.50.1/24
Tun INT IP=50.50.50.3/24

                                                LAN ip= 9.9.9.9/32
LAN ip 11.11.11.11/32

                                                 SPOKE 28ceb
Spoke 26cec

At first it looked like the EIGRP was bouncing because the tunnel
bounced...I could not find any evidence that the tunnel was bouncing.
Here is an example of the static routing I used instead of EIGRP:

From the lower left hand spoke:

ip route 10.10.0.0 <http://10.10.0.0/> 255.255.0.0
<http://255.255.0.0/> 10.10.5.1 <http://10.10.5.1/>

ip route 11.11.11.11 <http://11.11.11.11/> 255.255.255.255
<http://255.255.255.255/> 50.50.50.3 <http://50.50.50.3/>

From the lower right spoke:

ip route 9.9.9.9 <http://9.9.9.9/> 255.255.255.255
<http://255.255.255.255/> 50.50.50.1 <http://50.50.50.1/>

ip route 10.10.0.0 <http://10.10.0.0/> 255.255.0.0
<http://255.255.0.0/> 10.10.7.1 <http://10.10.7.1/>

From the hub:

ip route 10.10.0.0 <http://10.10.0.0/> 255.255.0.0
<http://255.255.0.0/> 10.10.8.1 <http://10.10.8.1/>

Here is a ping and trace from spoke to spoke:

2610XM_CE_C#ping 9.9.9.9 <http://9.9.9.9/>

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 9.9.9.9 <http://9.9.9.9/> , timeout is
2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 4/6/8 ms

2610XM_CE_C#traceroute 9.9.9.9 <http://9.9.9.9/>

Type escape sequence to abort.

Tracing the route to 9.9.9.9 <http://9.9.9.9/>

  1 50.50.50.1 <http://50.50.50.1/> 8 msec * 4 msec

There is no tunnel ipsec protection on any tunnel interface.

So the question remains, why is this not working when I remove the
static routes and use EIGRP?

-Chris

• Next message: Eric.Stuhl@ferguson.com: "RE: OT: Configuring 2600 for Cable Modem Router"
• Previous message: Victor Cappuccio: "Re: Next hop IP address required"
• Maybe in reply to: Chris Broadway: "OT: DMVPN"
• Next in thread: Chris Broadway: "Re: OT: DMVPN"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Apr 01 2006 - 10:07:40 GMT-3