About
LearnDesk
Learn  
Topics
Topics
Topics
Topics
Topics
Topics
Topics
Teach
  Teach Online
  Schedule
  Items
  Billing
  Users
  Marketing
  Analytics
  Settings
  Change School
Account
 

CCIE - Practical Implementation of DMVPN between Remote Sites

CCIE -Practical Implementation Of DMVPN between Remote Sites
Building Topology and DMVPN Phase I with Static Mapping
Preview
DMVPN PHASE I with Dynamic Mapping
DMVPN PHASE II with Static Mapping
DMVPN PHASE II with Dynamic Mapping
DMVPN PHASE III

Building Topology and DMVPN Phase I with Static Mapping

CCIE - Practical Implementation of DMVPN between Remote Sites CCIE -Practical Implementation Of DMVPN between Remote Sites
By: Cataclipse Computing Solutions
30 minutes
Share the link to this page
Copied
  Twitter
  Email
Add the class to your calendar
Print
  Completed
In this video, the author starts by building the topology between remote routers and will introduce DMVPN using the static mapping between the hub and spokes. This video will walk the viewer step by step in implementing DMVPN with Static mappings between the routers.

Transcript

Hi, Hello everyone. This is your host Habib Korea. In this lab, I'm going to talk about dmvpn. And I'm going to show you how to establish dmvpn connectivity across four sites. r1 will be our hub, r two r three r four are our spokes when it comes to dmvpn it's defined as dynamic multi point virtual private network. And it actually began by introducing the hub and spoke topologies.

And in this type of a design, there will be multiple combination of different protocols that we will use. One is the MGR II, which is known as which is multipoint generic routing encapsulation and is mainly used at the hub and that is your master router or basically it's the headquarters router, or the data center router. And gr E is used at the spokes. And that's basically the remote sites. So let's go ahead and start the lab. One of the important things you guys have to know is that there are phases when we construct dmvpn.

And I will be demonstrating phase one. And this will basically provide the confidence in designing dmvpn topology. And hopefully, there will be more videos that will come up from this to much more different topologies and we will design multiple dmvpn with MGR, tunnels and so forth. We will start first by going into the cloud switch. The cloud switch is basically simulating an internet cloud from an AI from an ISP or multiple ISP is to all the different sites. And it's going to be the ISP connection or the internet connection to all the other to all the offices.

And usually we don't care about what type of internet connection the offices are going to have. As long as we have the hand off Ethernet cables to the routers, and we know the what is the public IP address that they have assigned to our interfaces. And in our case, I'm assuming it's 10 100 100 dot zero slash 24. That's the network I'm looking at right now. And it could be any public IP address from the ISP subnet. Then we have our own private network which starts from 172 dot 16 dot one dot one slash 24 network.

So, basically we will be using 172 dot 16 dot Asterix, Asterix slash 24 for other for all the different sites to create our network. So we will be using you know in our topology with dmvpn by assigning tunnel interfaces to each router and yeah so, so let's log into the main switch first of all which is the cloud internet switch. Now we are assuming that this is the ISP cloud and we will be connecting gateway connecting gateway IP addresses to the to the routers the switch will have all these interface endpoints that we will be connecting the routers to and we will we will make the routers connect to those interfaces by pointing the gateway towards the ISP cloud or Switch. Let me console into this switch First of all, hopefully you guys can see the console to this switch here the screen. Let's wait for it to boot.

It's coming up. Okay, we're starting to configure it right now. We're gonna go enable config t interface range. Awesome soon as we get into the privilege mode, we will learn We already know the interfaces that we are assigning the the IP address so it's going to be interface range g zero slash 123 and also cake one slash zero. And also we are doing no switch port and those interfaces. By putting non switch ports we are basically telling the switch that these are going to be a routed ports.

Now, once we do know switch port, we should be able to assign them an IP address. Let's exit that. We are going to go to each interface and assign it an IP address as you can see interface gi zero slash one interface to zero slash one IP address we'll assign it to 172 dot 16 dot one dot 10 255-225-5255 dot zero, that interface gi zero slash two IP address 172 dot 16 dot two dot 10 slash, slash 24 then interface gi zero slash three IP address 171 7216 dot three dot 10 also a slash 24 which is 25522552255 dot zero interface Interesting interface j one slash zero sorry took time to realize which interface it was IP address 172 dot 16 dot four dot 10 my mistake. I suggest that again we have to also enable IP routing Let's save the configuration We just want to rename r three to r four and R for two or three, just to be consistent.

That's how we assign the IP addresses on the interfaces. Now we will go to each router and configure the physical IP Address only on the interfaces of each router. So we'll go to r1 first. It's coming up comm t interface, fa zero slash zero IP address 172 dot 16 dot one dot 1-255-255-2255 to zero, we have to give it no shut exit IP Route Zero dot zero dot zero dot zero dot zero dot zero 172 dot 16 dot one dot 10. That's the IP for the default gateway to this switch. Let's save the configuration let's go to our to it's coming up let's bring it to the center of the screen calm interface FA zero slash zero IP address 172 dot 16 dot two dot two to 500 25522550 that's two no shot, exit.

And the IP route the default IP route is zero dot zero dot zero dot 01 72 dot 16 dot two dot 10. That's the default gateway for this router. Now let's go to our three. That's coming up. Let's bring it to the center here. They will do exactly the same thing as we did in art.

So go to the privileged mode interface fa 00 give it an IP address 172 dot 16 dot three dot 32552552255 dot zero and we give it no shot. And let's add the IP route. Zero dot zero dot zero dot 00 dot zero dot zero dot zero. And that 172 dot 16 dot 310 is the gateway address for this router and exit and let's save the configuration. Let's go to our four consoling Tara All right now coming up. Let's go to privilege mode.

Change the hostname to our four interface FA zero slash zero IP address 172 16 dot four dot 42552552255 dot zero no shut. Exit. Let's add the IP Route Zero dot zero dot zero dot 00 dot zero dot zero dot 01 7216 dot four dot 10 is the default gateway for this router Exit. Now the idea is now we created the physical connectivity for these routers. Now we will try to see if we can ping all of them. So basically let's check from r1.

If we can ping 172 dot 16 dot two dot two is the artist physically interface. Our three is pinging four dot four. Let's see if it's kind of pink. It's not pinging. Let's try again. It's not pinging.

Let's check why it's not pinging. This is part of the lab to troubleshoot. Why we are not able to pink, the gateway. We'll just check the configuration of our four. Just to make sure our interfaces are up here. That's so the interface FA zero slash zero is up.

That's good. And the default route is given properly. So let's ping the default. Try IP address. I'm just trying to see why it's not pinging yet. This is again part of the lab.

Let's go to this. And let's go to the cloud switch. We do show running config interface gi one slash zero, which is the interface that's connected to r four. And as you can see, we did not configure that interface at all. And that is the reason why it was not pinging interface gi one slice zero. Now those duplex mix, match mismatch discovery with regard to the speed that is that can be ignored because the interfaces of the routers are are basically hundred megabits per second whereas this switch is providing one gig interface speed.

So that's fine. We're giving an IP address to the to the interface gi one slash 01 72 dot 16 dot four dot 10 dot 110. Oh yeah, so we gave we gave it 172 dot 16 dot four dot 10. That's the interface IP address. Let's save the configuration. The connectivity should work fine despite the duplex mismatch in the bandwidth.

Now let's try to ping r four from r one and I can see it's pinging. Now we will start the dmvpn connectivity between r one r two r three and are for. So little bit about dmvpn. It's a combination of MGR E and H Rp. IPsec can be applied as an optional to encrypt the tunnel traffic. So in this first lab, I'm going to do Point to Point connectivity from the spokes to r1 multi point connectivity from r1 to all the spokes.

In order for this spokes to communicate with each other, the traffic will flow through the main router, which is our one, and it's the hub router, which is basically what God tunneling does. And this is known as the phase one of dmvpn. So let's continue with the lab. And hopefully you can understand it much better by following the step by step implementation. We'll get to know how the tunnel mappings work. So let's start basically we will first configure r1 as it is the main router.

Okay, so one thing we will do is choose an interval Face tunnel. I'll choose one and I'll give it an IP address. So interface IP addresses 10 dot 100 dot 100 dot 1-255-225-5255 dot zero and the tunnel source 172 dot 16 dot one dot one that's the FA zero slash zero physical address and then turn on mode. gr e multipoint Now we will use the next hop resolution protocol which is IP and H RP network ID are provided a network ID. We'll call it hundred you can call it anything but hundred is fine IP and HRP and will map we have to map that to all the other sites 10 to 100 100 to 172 dot 16 dot two dot. That's arches physical IP address.

IP and HRP map. Now let's do the same thing for our three 16 dot three dot three. And there's one more site IP and HRP map 10 dot 100 200 dot four 172 16 dot four dot four that is done now, exit let's verify by doing show IP and HRP I can see the tunnel one is up. This was save the configuration. So here the hub configuration is now complete. And if I do show running config interface tunnel one I can see the question figuration is how it's supposed to look for the hub router.

Now we will move on to r two, r three as well as R for its console. And our two is our first spoke router or first remote router interface tunnel one give it an IP address 10 to 100 to 102 255-255-2255 10, zero 10 all source, fa turn off sources usually 10 dot 200 dot 100 dot two. That's what we are assigning which is the IP address of the physical interface. And then the tunnel destination is the source IP address of the tunnel one in r1 or the hub. let's configure Dan HRP now an HIV network ID we'll call it 102 ip n HRP map. Here we are mapping the nh RP towards our one exit Do show IP n HRP and we can see there's a tunnel we can see the destination as well.

And nvm a that stands for non broadcast multi access which is the outside public IP address of r1. We'll continue with the same configuration for our three interface tunnel one IP address 10 100 103 2552 2552255 dot zero. That's the subnet mask of the tunnel interface for our three then we'll choose the tunnel source. Now the tunnel source could be an IP address or the interface. I just wanted to show you the variation in our two we use the IP address for the interface and here we are using the physical interface. So tunnel destination is our one's physical IP address will assign a network ID of 103.

IP and HRP map will map it to the physical 172 dot 16 dot one dot one which is the physical interface So far one and as you know 172 dot 16 dot one dot one is the N BMA address for our one going to our for now except we can configure the same type. The same way we configured our three and our two interface tunnel one IP address 10 dot 200 dot 200 dot 42552552550 interface, yes tunnel source FA zero slash zero that could have been an IP address as well. It's the same thing and to face tunnel destination 172 dot 16 dot one dot one IP and HRP network ID 104 ip nh RP map 10 dot 100 to 100 dot one 172 dot 16 dot one dot one exit exit. And let's save the configuration. Let's verify show IP n HRP and we do have a tunnel and it's pointing to towards the NVMe address of r1.

Now let's verify if there's a dmvpn. Created in r1. Show dmvpn and as you can see we have the tunnel is up we have access to all the sites up and we can see all the routers are mapped using their private IP addresses and the tunnel address is overlaying the the private IP addresses. Now you can assume that right now all the sides are already connected. Now having done this we can now apply different routing protocols and the routing tables can be exchanged. can apply OSPF eigrp rip For convergence, this design is really common and it's used in many organizations that have two to three sites.

This design also helps you to create your own internal cloud for the organization and connect all the sites together. I hope this was very beneficial to you.

Previous
Next
Home
Search
Saved
Trending Classes
Filter
The latest and the best classes on LearnDesk
Filter by Interest
Close
All Topics
Academics
Business
Creative
Health and Fitness
LifeStyle
Personal Development
Software
Admissions
Engineering
Hardware
Hospitality
Humanities
Chinese
Languages
Maths
Other
Pharma
Research
Science
Social Science
Teaching
Test Preparation
K-12
School
Accounting
Advertising
Analysis
Analytics
Business Communication
eCommerce
Entrepreneurship
Finance
Finance - India
Freelancing
Internet of Things
Digital Transformation
Human Resources
Industry
Management
Marketing
Media
Operations
Other
Project Management
Public Relations
Real Estate
Sales
Strategy
Arts & Crafts
Audio Editing
Audio Production
Dance
Design
Film Production
Music
Photography
Video Production
Writing
Dieting
Fitness
Food Safety
Games
Medical
Medical Professionals
Meditation
Mental Health
Pregnancy
Safety & First Aid
Self Defense
Sports
Beauty & Makeup
Food
Fashion
Gaming
Home Improvement
Parenting
Pet Care & Training
Relationships
Sustainable Living
Travel
Career Development
Learning
Religion and Spirituality
Self-Improvement
Accounting
Amazon Web Services
App Development
Continuous Integration
Backup Software
Business Automation
Computational Fluid Dynamics
Business Intelligence
Computer Aided Design (CAD)
Content Management System
Customer Relationship Management
Database
Data Mining
E-Commerce
Enterprise Asset Management
Enterprise Resource Planning
Game Development
Google Cloud
Linux
Artificial Intelligence
Machine Learning
Master Data Management
Microsoft
Music Software
Network and Security
Open Source
Operating System
Other
Process Management
Productivity Software
Programming Languages
Robotics
Supply Chain Management
Testing
Teaching
Web Development

Sign Up

Sign Up

Share

Share with friends, get 20% off
Invite your friends to LearnDesk learning marketplace. For each purchase they make, you get 20% off (upto $10) on your next purchase.