DMVPN - EIGRP

Download

DMVPN EIGRP

Dynamic Multipoint Virtual Private Network (DMVPN) with Enhanced Interior Gateway Routing Protocol (EIGRP) is a networking solution that combines the benefits of DMVPN and EIGRP to facilitate scalable and dynamic communication within a network. In a DMVPN EIGRP deployment, EIGRP serves as the routing protocol for exchanging routing information between DMVPN spokes and the central hub. This enables efficient and automatic establishment of tunnels between spokes in a hub-and-spoke topology. DMVPN EIGRP leverages EIGRP's features, such as low-overhead routing updates and rapid convergence, to provide optimal routing and resource utilization. This solution is particularly useful in scenarios where a large number of remote sites require secure and adaptable connectivity, making DMVPN EIGRP a robust choice for dynamic and scalable enterprise networks.

Lab:

DMVPN Topology

Task 1: Configure EIGRP over DMVPN Process

Step 1: In the configuration mode of router configure EIGRP over DMVPN by following command:

R1: 
router eigrp 100 
network 192.168.0.0 255.255.0.0. 
network 11.0.0.0 255.0.0.0 
exit

R2: 
router eigrp 100 
network 192.168.0.0 
network 22.0.0.0 255.0.0.0 
exit

R3: 
router eigrp 100 
network 192.168.0.0 
network 33.0.0.0 255.0.0.0 
exit

R4: 
router eigrp 100 
network 192.168.0.0 
network 44.0.0.0 255.0.0.0 
exit

Task 2: EIGRP over DMVPN Verification

Step 1: Verify routing table and EIGRP routes entries

R2# show ip route 
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP 
 D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
 N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
 
Gateway of last resort is 172.16.2.1 to network 0.0.0.0 

 172.16.0.0/30 is subnetted, 1 subnets 
C 172.16.2.0 is directly connected, FastEthernet0/0 
 22.0.0.0/8 is variably subnetted, 2 subnets, 2 masks 
C 22.22.22.0/24 is directly connected, Loopback1 
D 22.0.0.0/8 is a summary, 00:02:33, Null0 
D 11.0.0.0/8 [90/27008000] via 192.168.0.1, 00:02:45, Tunnel0 
C 192.168.0.0/24 is directly connected, Tunnel0 
S* 0.0.0.0/0 [1/0] via 172.16.2.1

Spoke router 2 is not receiving routes from other Spoke routers. This is due to ip splithorizon enable on hub router, thus not allowing the hub to send routes via same interface

R3# show ip route 
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP 
 D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
 N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
 E1 - OSPF external type 1, E2 - OSPF external type 2 

Gateway of last resort is 172.16.3.1 to network 0.0.0.0 

 33.0.0.0/24 is subnetted, 1 subnets 
C 33.33.33.0 is directly connected, Loopback1 
 172.16.0.0/30 is subnetted, 1 subnets 
C 172.16.3.0 is directly connected, FastEthernet0/0 
 11.0.0.0/24 is subnetted, 1 subnets 
D 11.11.11.0 [90/27008000] via 192.168.0.1, 00:00:10, Tunnel0 
C 192.168.0.0/24 is directly connected, Tunnel0 
S* 0.0.0.0/0 [1/0] via 172.16.3.1

Spoke router 3 is not receiving routes from other Spoke routers. This is due to ip splithorizon enable on hub router, thus not allowing the hub to send routes via same interface

R1: 
interface tunnel 0 
no ip split-horizon eigrp 100 
exit

To receive routes from one Spoke router to other spoke router, disable Split Horizon by configuring following command 'no ip split-horizon eigrp 100' on Hub router

R2#show ip route 
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP 
 D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
 N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
 E1 - OSPF external type 1, E2 - OSPF external type 2 
 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 
 ia - IS-IS inter area, * - candidate default, U - per-user static route 
 o - ODR, P - periodic downloaded static route 

Gateway of last resort is 172.16.2.1 to network 0.0.0.0 

 33.0.0.0/24 is subnetted, 1 subnets 
D 33.33.33.0 [90/28288000] via 192.168.0.1, 00:00:36, Tunnel0
 172.16.0.0/30 is subnetted, 1 subnets 
C 172.16.2.0 is directly connected, FastEthernet0/0 
 22.0.0.0/24 is subnetted, 1 subnets 
C 22.22.22.0 is directly connected, Loopback1 
 11.0.0.0/24 is subnetted, 1 subnets 
D 11.11.11.0 [90/27008000] via 192.168.0.1, 00:05:43, Tunnel0 
C 192.168.0.0/24 is directly connected, Tunnel0 
 44.0.0.0/24 is subnetted, 1 subnets 
D 44.44.44.0 [90/28288000] via 192.168.0.1, 00:00:36, Tunnel0 
S* 0.0.0.0/0 [1/0] via 172.16.2.1

Routes learned from Hub as well as every Spoke router dynamically using EIGRP

R4#show ip route 
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP 
 D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
 N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
 E1 - OSPF external type 1, E2 - OSPF external type 2 
 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 
 ia - IS-IS inter area, * - candidate default, U - per-user static route 
 o - ODR, P - periodic downloaded static route 

Gateway of last resort is 172.16.4.1 to network 0.0.0.0 

 33.0.0.0/24 is subnetted, 1 subnets 
D 33.33.33.0 [90/28288000] via 192.168.0.1, 00:28:36, Tunnel0
 172.16.0.0/30 is subnetted, 1 subnets 
C 172.16.4.0 is directly connected, FastEthernet0/0 
 22.0.0.0/24 is subnetted, 1 subnets 
D 22.22.22.0 [90/28288000] via 192.168.0.1, 00:25:04, Tunnel0 
 11.0.0.0/24 is subnetted, 1 subnets 
D 11.11.11.0 [90/27008000] via 192.168.0.1, 00:33:43, Tunnel0 
C 192.168.0.0/24 is directly connected, Tunnel0 
 44.0.0.0/24 is subnetted, 1 subnets 
C 44.44.44.0 is directly connected, Loopback1 
S* 0.0.0.0/0 [1/0] via 172.16.4.1

Routes learned from Hub as well as every Spoke router dynamically using EIGRP

Step 2: Verify DMVPN Tunnel creation

R1: 
R1#show dmvpn 
Legend: Attrb --> S - Static, D - Dynamic, I - Incomplete 
 N - NATed, L - Local, X - No Socket 
 # Ent --> Number of NHRP entries with same NBMA peer 
 NHS Status: E --> Expecting Replies, R --> Responding 
 UpDn Time --> Up or Down Time for a Tunnel 
======================================================================= 

Interface: Tunnel0, IPv4 NHRP Details 
Type:Hub, NHRP Peers:3, 
 # Ent Peer       NBMA Addr    Peer Tunnel   Add State UpDn Tm Attrb 
----- --------------- --------------- ----- -------- -----
 1    172.16.2.2 192.168.0.2   UP   00:28:47  D 
 1    172.16.3.2 192.168.0.3   UP   00:13:36  D 
 1    172.16.4.2 192.168.0.4   UP   00:16:46  D

R2#show dmvpn 
Legend: Attrb --> S - Static, D - Dynamic, I - Incomplete 
 N - NATed, L - Local, X - No Socket 
 # Ent --> Number of NHRP entries with same NBMA peer 
 NHS Status: E --> Expecting Replies, R --> Responding 
 UpDn Time --> Up or Down Time for a Tunnel 
======================================================================= 

Interface: Tunnel0, IPv4 NHRP Details 
Type:Spoke, NHRP Peers:1, 
 # Ent Peer NBMA Addr Peer Tunnel Add State UpDn Tm Attrb 
----- --------------- --------------- ----- -------- -----
 1    172.16.1.2 192.168.0.1     UP 00:34:07 S

R4#show dmvpn 
Legend: Attrb --> S - Static, D - Dynamic, I - Incomplete 
 N - NATed, L - Local, X - No Socket 
======================================================================= 

Interface: Tunnel0, IPv4 NHRP Details 
Type:Spoke, NHRP Peers:1, 

 # Ent Peer NBMA Addr Peer Tunnel Add State UpDn Tm Attrb 
----- --------------- --------------- ----- -------- -----
 1 172.16.1.2 192.168.0.1 UP 00:01:20 S 

R4#traceroute 192.168.0.2 source loopback 1 
Type escape sequence to abort. 
Tracing the route to 192.168.0.2 

 1 192.168.0.1 396 msec 508 msec 
 192.168.0.2 392 msec

Spoke router R4 is able to reach R2 via Hub router. A packet destined from R4 to R2 would need to be routed through R1, to exit the R4 tunnel and the get re-encapsulated to enter the R2 tunne

R4#sh dmvpn 
Legend: Attrb --> S - Static, D - Dynamic, I - Incomplete 
 N - NATed, L - Local, X - No Socket 
 # Ent --> Number of NHRP entries with same NBMA peer 
 NHS Status: E --> Expecting Replies, R --> Responding 
 UpDn Time --> Up or Down Time for a Tunnel 
======================================================================= 

Interface: Tunnel0, IPv4 NHRP Details 
Type:Spoke, NHRP Peers:2, 

 # Ent Peer NBMA  Addr Peer Tunnel Add State UpDn Tm Attrb 
----- --------------- --------------- ----- -------- -----
 1    172.16.1.2  192.168.0.1 UP 00:02:12 S 
 1    172.16.2.2  192.168.0.2 UP 00:00:12 D

Notice that the tunnel to R4 has been flagged as dynamic, in contrast to the static tunnel to the hub/NHS.

R4#traceroute 192.168.0.2 source loopback 1 
Type escape sequence to abort. 
Tracing the route to 192.168.0.2 

1 192.168.0.2 396 msec 508 msec

Once the dynamically tunnel is formed between spoke to spoke router, DMVPN allows to Spoke to Spoke directly communication at next hop thus bypassing the Hub router completely

R2#show dmvpn 
Legend: Attrb --> S - Static, D - Dynamic, I - Incomplete 
 N - NATed, L - Local, X - No Socket 
 # Ent --> Number of NHRP entries with same NBMA peer 
 NHS Status: E --> Expecting Replies, R --> Responding 
 UpDn Time --> Up or Down Time for a Tunnel 
======================================================================= 

Interface: Tunnel0, IPv4 NHRP Details 
Type:Spoke, NHRP Peers:2, 

 # Ent Peer NBMA Addr Peer Tunnel Add State UpDn Tm Attrb 
----- --------------- --------------- ----- -------- -----
 1 172.16.1.2 192.168.0.1 UP 00:03:03 S 
 1 172.16.4.2 192.168.0.4 UP 00:00:45 D

Notice that the tunnel to R4 has been flagged as dynamic, in contrast to the static tunnel to the hub/NHS.

R2#traceroute 192.168.0.4 source loopback 1 
Type escape sequence to abort. 
Tracing the route to 192.168.0.4 

1 192.168.0.4 396 msec 508 msec

Once the dynamically tunnel is formed between spoke to spoke router, DMVPN allows to Spoke to Spoke directly communication at next hop thus bypassing the Hub router completely