[c-nsp] DMVPN - HUB VRF Aware - Spokes no VRFs

Luan Nguyen luan at netcraftsmen.net
Mon Nov 17 11:38:02 EST 2008


Usually, when I use VRF-Lite with hub site DMVPN, it's because I need to
backhaul all spokes traffic (send them a default route through the tunnel)
and don't want to use policy base routing at the spoke sites.
I have to put the LAN(s) and tunnel interface(s) on the spoke into a VRF and
leave the WAN in the global so the spoke could have 2 default routes, one
for the global to establish DMVPN/IPSEC connection to hubs and other spokes,
and one in the VRF to send all LAN traffic to the hub for say...central
Internet access.
Hubs' tunnels would usually be put into a VRF.

If you have a few customers and want to consolidate them into a single hub
router, then I would just add the tunnels into their own VRFs, the spokes
can be left alone.  Depends on the routing protocol you use, and what access
you want to give, you need to route inter/intra VRFs accordingly at the hub.

Regards,

Luan Nguyen
Chesapeake NetCraftsmen, LLC.
www.NetCraftsmen.net



-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Peter Danielsen
Sent: Monday, November 17, 2008 11:01 AM
To: cisco-nsp at puck.nether.net
Subject: [c-nsp] DMVPN - HUB VRF Aware - Spokes no VRFs


Hi, Iam trying to consolidat a number of DMVPN HUBs on an VRF Aware HUB, I
have some difficulties getting it to work, HUB is a 7200VXR - Spokes are
2841 All configuration examples I can find are with HUB and Spoke running
VRF-Lite, and I need to figure out how to build the HUB for VRF-Lite
support, I asume that Spoke configurations will not change, due to that the
only place i need vrf-lite support is on the HUB Any clues, Hints,
whitepapers, Thanks in advance /ped_dk
_________________________________________________________________
Explore the seven wonders of the world
http://search.msn.com/results.aspx?q=7+wonders+world&mkt=en-US&form=QBRE
_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/



More information about the cisco-nsp mailing list