DMVPN – Quick review (non-labbed) of configs needed for OSPF as the Branches IGP with BGP running over the WAN!

Posted on by Loopy

DMVPN2

There will actually be no labbing of this one, as the same configurations will still apply to building tunnel interfaces, with just a few tweaks for the Routing Protocols swapped.

What type of OSPF Area is used, why it is used, and additional OSPF configs

Being that these Branches are going to have a single exit point (ABR Router) to the outside world, so they do not need to receive Type 5 or Type 7 LSA’s (Redistributed Networks) as its going out the same way it comes into a an OSPF Stub Network!

For OSPF Stub Areas to work, all routers including the ABR / WAN Router here would need the following config:

router ospf 1
area 101 stub

Given the “Multipoint” configuration of the Tunnel OSPF will act like its running over an NBMA network (slow convergence) unless you get on the tunnel, configure it as a “Broadcast” network type, and also add the IP OSPF Area # to the Tunnel Interface:

int tu0
ip ospf network broadcast
ip ospf 1 area 101

This particular configuration will be for the Hub or NHS, as all Branch Routers will need the additional command of “ip ospf pri 0” on the Tunnel Interface to prevent it from becoming the DR, as the Hub will always be the in communication with all sites so it should be the only OSPF Router sending out updates!

In terms of BGP as the WAN Protocol, there are no real extra considerations

Being that BGP was made to be the Protocol of the Internet, there are not any sort of gotchas that I am aware of with DMVPN, the same eBGP vs iBGP would apply to configuration (over a common WAN it would of course be iBGP).

I don’t believe “next-hop-self” would need to be configured in that “ISP” router as all iBGP Peers will be within one hop of the ISP Router, and we wouldn’t want to force extra hops into DMVPN or I assume that would quite well mess up the spoke-to-spoke communication with an unnecessary relay hop on the ISP Router.

If I find anything else I’ll update this post, otherwise just wanted to make a quick note of how to configure the protocols if OSPF was being used as the Branches IGP.

That felt like a drive by blogging, quick spray of facts and I’m gone!

Will take a look at something called QoS “Pre-Classify” in the DMVPN network next, sounds fun, see you there 🙂

 

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s