Pages

Monday, January 25, 2016

Naked DMVPN


To have full connectivity between headquarter and remote routers.

! R1 HUB no IPsec yet
show ip int brief

conf t
int tunnel 0
tunnel source gig 1/0
tunnel mode gre multipoint: instead of specifying destination we specify dynamic multipoint vpn
tunnel key 6783: should match on any incoming traffic


NHRP config :
ip nhrp network-id 1: network should match
ip nhrp authentication cisco123
ip nhrp map multicast dynamic: learn NBMA address dynamically
ip nhrp shortcut
ip nhrp redirect
Above two commands are part of phase 3

ip address 172.16.0.1 255.255.255.0 : GRE address

tunnel path-mtu-discovery
no tunnel path-mtu-discovery

ip mtu 1400
ip tcp adjust-mss 1360
end

! Spoke R2:
conf t
interface tunnel 0
tunnel mode gre multipoint
tunnel source gig 1/0
tunnel key 6783

ip nhrp network-id 1
ip nhrp authentication cisco123
ip nhrp shortcut
ip nhrp nhs 172.16.0.1
ip nhrp map 172.16.0.1 15.0.0.1
ip nhrp map multicast 15.0.0.1

ip address 172.16.0.2 255.255.255.0
ip mtu 1400
ip tcp adjust-mss 1360
end

! R3
conf t
interface tunnel 0
tunnel mode gre multipoint
tunnel source gig 1/0
tunnel key 6783

ip nhrp network-id 1
ip nhrp authentication cisco123
ip nhrp nhs 172.16.0.1
ip nhrp map 172.16.0.1 15.0.0.1
ip nhrp map multicast 15.0.0.1
ip nhrp shortcut

ip address 172.16.0.3 255.255.255.0
ip mtu 1400
ip tcp adjust-mss 1360
end

! R4
conf t
interface tunnel 0
tunnel mode gre multipoint
tunnel source gig 1/0
tunnel key 6783

ip nhrp network-id 1
ip nhrp authentication cisco123
ip nhrp nhs 172.16.0.1
ip nhrp map 172.16.0.1 15.0.0.1
ip nhrp map multicast 15.0.0.1
ip nhrp shortcut

ip address 172.16.0.4 255.255.255.0
ip mtu 1400
ip tcp adjust-mss 1360
end

! R1 hub routing
show ip nhrp

To advertise networks:
R1#conf t
router eigrp 777
no auto-summary
network 10.0.0.0
network 172.16.0.0
exit


To disable split-horizon on eigrp:
interface tunnel 0
no ip next-hop-self eigrp 777 : to disable next-hop-self
no ip split-horizon eigrp 777
end

show ip protocols

!On R2-R3-R4
conf t
router eigrp 777
no auto-summary
network 10.0.0.0
network 172.16.0.0
end

!  R1
show ip eigrp neighbors
show ip route eigrp

! R2
show ip route eigrp

show ip route 10.4.4.4

show ip nhrp summary

show ip nhrp

debug nhrp

ping 10.4.4.4 repeat 1 source g 2/0

undebug all

show ip nhrp brief


Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)