Can you ping between the spokes and the hub? Can you ping from the hub to the spoke?
what is the output of show ip nhrp brief? What is the output of show dmvpn ? If the problem is still not obvious use debug nhrp error and debug nhrp packet to see why NHRP is failing to map the traffic. The issue is most likely occurring because the spokes know how to reach the hub but the hub is unable to reach the spokes. You are also breaking a rule with the overlapping loopbacks. Unless you are using these loopbacks for anycast MSDP peers you shouldn't have overlapping networks in your topology. Regards, Tyson Scott - CCIE #13513 R&S, Security, and SP Technical Instructor - IPexpert, Inc. Mailto: <mailto:[email protected]> [email protected] Telephone: +1.810.326.1444, ext. 208 Live Assistance, Please visit: <http://www.ipexpert.com/chat> www.ipexpert.com/chat eFax: +1.810.454.0130 IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, Audio Tools, Online Hardware Rental and Classroom Training for the Cisco CCIE (R&S, Voice, Security & Service Provider) certification(s) with training locations throughout the United States, Europe, South Asia and Australia. Be sure to visit our online communities at <http://www.ipexpert.com/communities> www.ipexpert.com/communities and our public website at <http://www.ipexpert.com/> www.ipexpert.com From: [email protected] [mailto:[email protected]] On Behalf Of Jimmy Larsson Sent: Wednesday, May 19, 2010 7:29 AM To: Piotr Matusiak Cc: OSL Security Subject: Re: [OSL | CCIE_Security] DMVPN problem Yes, interface Loopback256 ip address 10.9.122.2 255.255.255.0 end /J 2010/5/19 Piotr Matusiak <[email protected]> Hi Jimmy, Do you have 10.9.122.0/24 network behind each spoke? HTH, Piotr 2010/5/19 Jimmy Larsson <[email protected]> Hi Uding the topology of Lab 11 I am playing around with DMVPN. R2 is hub, R5, and R6 are spokes. The problem is that EIGRP neighborship flaps over and over. Any suggestions how to troubleshoot this? First thing that comes to my mind is mtu sizes. But I have added "ip mtu 1400" and "ip tcp adjust-mss 1360" to all three tunnel-interfaces. This is how it looks: R2 - Hub: interface Tunnel0 ip address 192.168.1.2 255.255.255.0 no ip redirects ip mtu 1400 no ip next-hop-self eigrp 256 ip nhrp map multicast dynamic ip nhrp network-id 200 ip tcp adjust-mss 1360 no ip split-horizon eigrp 256 tunnel source Serial0/1/0 tunnel mode gre multipoint tunnel key 200 ! router eigrp 256 network 10.9.122.0 0.0.0.255 network 192.168.1.0 no auto-summary end R5 - Spoke: interface Tunnel0 ip address 192.168.1.5 255.255.255.0 no ip redirects ip mtu 1400 ip nhrp map 192.168.1.2 8.9.56.2 ip nhrp map multicast 8.9.56.2 ip nhrp network-id 200 ip nhrp nhs 192.168.1.2 ip tcp adjust-mss 1360 tunnel source Serial0/1/0 tunnel mode gre multipoint tunnel key 200 ! router eigrp 256 network 10.9.122.0 0.0.0.255 network 192.168.1.0 no auto-summary end R6 - Spoke: interface Tunnel0 ip address 192.168.1.6 255.255.255.0 no ip redirects ip mtu 1400 ip nhrp map 192.168.1.2 8.9.56.2 ip nhrp map multicast 8.9.56.2 ip nhrp network-id 200 ip nhrp nhs 192.168.1.2 ip tcp adjust-mss 1360 tunnel source Serial0/1/0 tunnel mode gre multipoint tunnel key 200 ! router eigrp 256 network 10.9.122.0 0.0.0.255 network 192.168.1.0 no auto-summary end This is what happens: May 19 10:47:20.843: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 256: Neighbor 192.168.1.6 (Tunnel0) is down: retry limit exceeded May 19 10:47:21.667: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 256: Neighbor 192.168.1.5 (Tunnel0) is down: retry limit exceeded May 19 10:47:24.451: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 256: Neighbor 192.168.1.6 (Tunnel0) is up: new adjacency May 19 10:47:26.115: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 256: Neighbor 192.168.1.5 (Tunnel0) is up: new adjacency (over and over again...) As usual I dont only want help finding the error, but also how to think in this situation. What debugs or orhter testing should I do to progress on The Lab if this occurs? But I am preparing to get the answer "dude, that obvious! Youve missed a line *there*. You just need to see whats wrong in the config!" :) Br Jimmy -- ------- Jimmy Larsson Ryavagen 173 s-26030 Vallakra Sweden http://blogg.kvistofta.nu ------- _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com -- ------- Jimmy Larsson Ryavagen 173 s-26030 Vallakra Sweden http://blogg.kvistofta.nu -------
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
