myITmicroblog

Today I’m going to test a phase 3 with EIGRP. To present all differences, pros, cons I have changed LAN’s IP addresses ( I strongly recommend to read my previous posts about different variances of DMVPN) : Before I start configuring the phase 3 I would like to show some limitations of the phase 2. As you know for phase 2 we can’t summarize what means every spoke needs to keep all spoke routers in its routing table to be able to establish spoke-to-spoke communication. Let’s test it on my example: R1:   ! interface Loopback0 ip address 100.11 . 11.11 255.255 . 255.0 ! router eigrp 1 network 10.10 . 10.0 0.0 . 0.255 network 100.11 . 11.0 0.0 . 0.255 no auto - summary ! R2:   ! interface Loopback0 ip address 100.22 . 22.22 255.255 . 255.0 ! router eigrp 1 network 10.10 . 10.0 0.0 . 0.255 network 100.22 . 22.0 0.0 . 0.255 no auto - summary ! R3:   ! interface Loopback0 ip address 100.33 . 33.33 255.255 . 255.0 ! router eigrp 1

The phase two allows me on spoke-to-spoke communication. Please read my previous post (EIGRP phase one): http://myitmicroblog.blogspot.com/2014/12/dmvpn-phase-one-eigrp.html You should know the phase two is not recommended because the phase three solves many issues like scalability. I will describe the differences between them in my next post. From the configuration perspective I need to change: R1 (hub):   interface Tunnel0 no ip next - hop - self eigrp 1 Let’s check the settings on R2 before we send traffic:   R2 #sh ip route eigrp 33.0 . 0.0 / 24 is subnetted , 1 subnets D 33.33 . 33.0 [ 90 / 310172416 ] via 10.10 . 10.3 , 00 : 22 : 35 , Tunnel0 D 11.0 . 0.0 / 8 [ 90 / 297372416 ] via 10.10 . 10.1 , 00 : 22 : 37 , Tunnel0 R2 # As you see the next hop for Lan3 (33.33.33.33) is R3 not R1 like with the phase one.   R2 #sh ip nhrp 10.10 . 10.1 / 32 via 10.10 . 10.1 , Tunnel0 created 01 : 40 : 18 , never expire Type : static

Today I would like to implement DMVPN with EIGRP. This protocol is very popular because of its scalability. Please read this post before you start because I’m not going to implement it from scratch: http://myitmicroblog.blogspot.com/2014/12/dmvpn-phase-one-ospf.html I assume you have your hub and spoke router configured (IP addressing, hub and spoke configuration, firewall rules). I have to add following configuration: R1: ! router eigrp 1 network 10.10 . 10.0 0.0 . 0.255 network 11.11 . 11.0 0.0 . 0.255 auto - summary ! interface Tunnel0 no ip split - horizon eigrp 1 ! R2:   ! router eigrp 1 network 10.10 . 10.0 0.0 . 0.255 network 22.22 . 22.0 0.0 . 0.255 no auto - summary ! interface Tunnel0 ip address 10.10 . 10.2 255.255 . 255.0 no ip redirects ip mtu 1400 ip nhrp authentication cisco ip nhrp map multicast 5.5 . 5.1 ip nhrp map 10.10 . 10.1 5.5 . 5.1 ip nhrp network - id 12 ip nhrp nhs 10.10 . 10.1 ip nhrp cache non - a

The third version of DMVPN is the improved version of phase 2. To be more specific there are two modes of the phase 3: early and new implementation. The main difference between them is not how it works but how you can check what is the real next-hop. The new commands (rather new parameter) is: sh ip route next - hop - override You can find there new sub-entries which show you the real next hop. The new version is available on: ASR1K, 15.2(1)T - ISR, 7200 and I don’t have chance to test it (on 7200 even with higher version it didn’t work, there was a problem with NHRP protocol). I was able to test only the early mode on 12.4. Both versions support spoke-to-spoke communication but the version 3 was improved NHRP shortcut and redirection feature. Let’s do some tests. R2#sh ver | i Ver Cisco IOS Software, 7200 Software (C7200-ADVIPSERVICESK9-M), Version 12.4(11)T1, RELEASE SOFTWARE (fc5) BOOTLDR: 7200 Software (C7200-ADVIPSERVICESK9-M), Version 12.4(11)T1, RELEASE SOFTWA