DMVPN Configuration

DMVPN is point-to-point layer3 overlay VPN:
logical hub and spoke topology

Multipoint GRE tunnel
NHRP
IPSec Crypto Profile

DMVPN HUB/ NHRP Server
DMVPN Spoke/ NHRP Client

NHRP Messages
- Registration Request
- Resolution request
- Redirect

R1(config-if)#
interface Tunnel0
 ip address 10.1.1.1 255.255.255.0
 no ip redirects
 ip nhrp authentication cisco
 ip nhrp map multicast dynamic
 ip nhrp network-id 100
 no ip split-horizon
 tunnel source FastEthernet0/0
 tunnel mode gre multipoint
 tunnel key 100
!
interface FastEthernet0/0
 ip address 12.1.1.1 255.255.255.0
 duplex auto
 speed auto

R2(config-if)#
interface Tunnel0
 ip address 10.1.1.2 255.255.255.0
 ip nhrp authentication cisco
 ip nhrp map 10.1.1.1 12.1.1.1
 ip nhrp map multicast 12.1.1.1
 ip nhrp network-id 100
 ip nhrp nhs 10.1.1.1
 tunnel source FastEthernet0/0
 tunnel destination 12.1.1.1
 tunnel key 100
!
interface FastEthernet0/0
 ip address 12.1.1.2 255.255.255.0
 duplex auto
 speed auto

R3(config-if)#
!
interface Tunnel0
 ip address 10.1.1.3 255.255.255.0
 ip nhrp authentication cisco
 ip nhrp map 10.1.1.1 12.1.1.1
 ip nhrp map multicast 12.1.1.1
 ip nhrp network-id 100
 ip nhrp nhs 10.1.1.1
 tunnel source FastEthernet0/0
 tunnel destination 12.1.1.1
 tunnel key 100
!
interface FastEthernet0/0
 ip address 12.1.1.3 255.255.255.0
 duplex auto
 speed auto

router rip
 version 2
 network 1.0.0.0
 network 10.0.0.0
 no auto-summary












Now change the configuration of the spoke router to gre mode multipoint the spoke router will now be able to talk to each other directly without routing the packet via HUB.

R3(config-if)#
!
interface Tunnel0
no tunnel destination 12.1.1.1
 tunnel mode gre multipoint




DMVPN Phase-3
#ip nhrp redirect :- configured on the hub, which informs to the spoke that it can communicate to other intended spoke directly.

#ip nhrp shortcut :- configured on the spoke which is responsible to rewrite the CEF entry after getting the redirect message from hub.