Pag

LAB 2: DMVPN – Initial

Disclaimer

This Configuration Guide is designed to assist members to enhance their skills in

respective technology area. While every effort has been made to ensure that all
material is as complete and accurate as possible, the enclosed material is presented
on an “as is” basis. Neither the authors nor Forum assume any liability or
responsibility to any person or entity with respect to loss or damages incurred from
the information contained in this guide. This Lab Guide was developed by
RSTForum. Any similarities between material presented in this configuration guide

and any other material is completely coincidental.

DMVPN – Initial Configuration

Pag
e

LAB 2: Diagram

Note: This Lab was developed on Cisco IOS Version15.2(4) M1 ADVENTERPRISEK9-M.

Pag
e

LAB 2: Initial DMVPN Configuration

Step 1: Enable loopback and physical interfaces on R1, R2, R3, R4 and R5.

R1:
interface FastEthernet0/0
ip address [Link] [Link]
no shutdown
exit

interface Loopback1
ip address [Link] [Link]
exit

R2:
interface FastEthernet1/0
ip address [Link] [Link]
no shutdown
exit

interface Loopback1
ip address [Link] [Link]
exit

R3:
interface FastEthernet2/0
ip address [Link] [Link]
no shutdown
exit

interface Loopback1
ip address [Link] [Link]
exit

R4:
interface FastEthernet3/0
ip address [Link] [Link]
no shutdown
Pag
e

exit
interface Loopback1
ip address [Link] [Link]
exit

R5:
interface FastEthernet0/0
ip address [Link] [Link]
no shutdown
exit

interface FastEthernet1/0
ip address [Link] [Link]
no shutdown
exit

interface FastEthernet2/0
ip address [Link] [Link]
no shutdown
exit

interface FastEthernet3/0
ip address [Link] [Link]
no shutdown
exit

Step2: Assign default route pointing towards internet.

R1:
ip route [Link] [Link] [Link]

R2:
ip route [Link] [Link] [Link]

R3:
ip route [Link] [Link] [Link]

R4:
ip route [Link] [Link] [Link]

Step3: Configure DMVPN

R1:
Pag
e

interface Tunnel 0
ip address [Link] [Link] //logical ip address
ip nhrp map multicast dynamic //enable multicast traffic
ip nhrp network-id 5 //assign same network-id else tunnel
will not form
tunnel source [Link] //physical address of HUB interface
tunnel mode gre multipoint //select gre mode
ip mtu 1400 //change mtu for DMVPN header
exit

(Here tunnel does not have an explicit destination specified because

multipoint tunnels are built dynamically from the spokes to the hub router;
the hub router does not need to be preconfigured with spoke addresses.)

R2:
interface Tunnel 0
ip address [Link] [Link]
ip nhrp network-id 5
tunnel source [Link]
ip nhrp map [Link] [Link] //pointing towards NHS server
ip nhrp map multicast [Link] //allow multicast traffic from R2
(spoke) to R1 (Hub)
ip nhrp nhs [Link] //designates R1 as the NHS
tunnel mode gre multipoint
ip mtu 1400
exit

R3:
interface Tunnel 0
ip address [Link] [Link]
ip nhrp network-id 5
tunnel source [Link]
ip nhrp map [Link] [Link]
ip nhrp map multicast [Link]
ip nhrp nhs [Link]
tunnel mode gre multipoint
ip mtu 1400
exit

R4:
interface Tunnel 0
ip address [Link] [Link]
ip nhrp network-id 5
tunnel source [Link]
Pag
e

ip nhrp map [Link] [Link]

ip nhrp map multicast [Link]
ip nhrp nhs [Link]
tunnel mode gre multipoint
ip mtu 1400
exit

Step4: Verification

R1#show dmvpn
! ( Shows details of dmvpn tunnel)

Legend: Attrb --> S - Static, D - Dynamic, I - Incomplete

N - NATed, L - Local, X - No Socket
# Ent --> Number of NHRP entries with same NBMA peer
NHS Status: E --> Expecting Replies, R --> Responding, W --> Waiting
UpDn Time --> Up or Down Time for a Tunnel
==============================================
========================
Interface: Tunnel0, IPv4 NHRP Details
Type:Hub, NHRP Peers:3,

# Ent Peer NBMA Addr Peer Tunnel Add State UpDn Tm Attrb
----- --------------- --------------- ----- -------- -----
1 [Link] [Link] UP [Link] D
1 [Link] [Link] UP [Link] D
1 [Link] [Link] UP [Link] D

(Hub and spoke setup would require three separate tunnels spanning from R1
to each of the spoke routers. Hub router R1 has dynamically from the tunnel
with every spoke using mGRE multipoint tunnel mode. Multipoint GRE tunnel
allows for more than two endpoints and is treated as a non-broadcast multi-
access (NBMA) network. Conversely mGRE allows all four routers to have a
single tunnel interface in the same ip subnet ([Link]/24). This NBMA
configuration is enabled by Next Hop Resolution Protocol, which allows
multipoint tunnels to be built dynamically.)

R2#show dmvpn
! (Shows details of dmvpn tunnel)

Legend: Attrb --> S - Static, D - Dynamic, I - Incomplete

N - NATed, L - Local, X - No Socket
# Ent --> Number of NHRP entries with same NBMA peer
NHS Status: E --> Expecting Replies, R --> Responding, W --> Waiting
Pag
e

UpDn Time --> Up or Down Time for a Tunnel

==============================================
========================
Interface: Tunnel0, IPv4 NHRP Details
Type:Spoke, NHRP Peers:1,

# Ent Peer NBMA Addr Peer Tunnel Add State UpDn Tm Attrb
----- --------------- --------------- ----- -------- -----
1 [Link] [Link] UP [Link] S

(Initially every spoke router will form only static tunnel with only Hub router
as multicast traffic is only allowed from spokes to the hub, not from spoke to
spoke.)

R3#show dmvpn
Legend: Attrb --> S - Static, D - Dynamic, I - Incomplete
N - NATed, L - Local, X - No Socket
# Ent --> Number of NHRP entries with same NBMA peer
NHS Status: E --> Expecting Replies, R --> Responding, W --> Waiting
UpDn Time --> Up or Down Time for a Tunnel
==============================================
========================
Interface: Tunnel0, IPv4 NHRP Details
Type:Spoke, NHRP Peers:1,

# Ent Peer NBMA Addr Peer Tunnel Add State UpDn Tm Attrb
----- --------------- --------------- ----- -------- -----
1 [Link] [Link] UP [Link] S

R4#show dmvpn
Legend: Attrb --> S - Static, D - Dynamic, I - Incomplete
N - NATed, L - Local, X - No Socket
# Ent --> Number of NHRP entries with same NBMA peer
NHS Status: E --> Expecting Replies, R --> Responding, W --> Waiting
UpDn Time --> Up or Down Time for a Tunnel
==============================================
========================
Interface: Tunnel0, IPv4 NHRP Details
Type:Spoke, NHRP Peers:1,

# Ent Peer NBMA Addr Peer Tunnel Add State UpDn Tm Attrb
----- --------------- --------------- ----- -------- -----
1 [Link] [Link] UP [Link] S
Pag
e

R1#show ip nhrp
! (Shows Next Hop Resolution Protocol details)

[Link]/32 via [Link]

Tunnel0 created [Link], expire [Link]
Type: dynamic, Flags: unique registered used
NBMA address: [Link]
[Link]/32 via [Link]
Tunnel0 created [Link], expire [Link]
Type: dynamic, Flags: unique registered used
NBMA address: [Link]
[Link]/32 via [Link]
Tunnel0 created [Link], expire [Link]
Type: dynamic, Flags: unique registered used
NBMA address: [Link]

(NHRP clients ie spoke routers issue requests to the next hop server ie hub
router to obtain the physical address of another spoke router. NHRP facilitates
dynamic tunnel establishment, providing tunnel-to-physical interface address
resolution.)

R1#show run interface tunnel 0

! (Shows tunnel configuration on interface)

Building configuration...
Current configuration : 200 bytes
!
interface Tunnel0
ip address [Link] [Link]
no ip redirects
ip mtu 1400
ip nhrp map multicast dynamic
ip nhrp network-id 5
tunnel source [Link]
tunnel mode gre multipoint
end

R2#ping [Link]
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to [Link], timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max=348/539/822 ms

R4#traceroute [Link]
Pag
e

Type escape sequence to abort.

Tracing the route to [Link]

1 [Link] 287 msec 476 msec

2 [Link] 300 msec

(Spoke router R4 is able to reach R2 via Hub router. A packet destined from
R4 to R2 would need to be routed through R1 to exit R4 tunnel and the get re-
encapsulation to enter R2 tunnel.)