Hello Rob,
based on your previous post you are misunderstanding concept of different phases.
- Hub is configured with “tunnel mode gre multipoint” in every DMVPN Phase (1, 2, 3).
- Spokes are configured differently based on Phase you want to go with.
Phase 1 is configured with “tunnel destination ip” on spokes. In DMVPN Phase 1 traffic between spokes goes always through the hub. This is definition of Phase 1.
Phase 2 is configured with “tunnel mode gre multipoint” on spokes. Phase 2 allows direct spoke to spoke communication, thus traffic does not need to go through the hub anymore.
Phase 3 is also configured with “tunnel mode gre multipoint” on spokes. Besides that you add “ip nhrp redirect” to the hub configuration and “ip nhrp shortcut” to spoke configuration. Phase 3 allows direct spoke to spoke traffic.
Both, Phase 2 and Phase 3, allows direct spoke to spoke traffic but the difference is how these phases are approaching direct spoke to spoke communication.
- Phase 2 is done by tweaking routing protocol.
- Phase 3 is done by tweaking NHRP protocol.
With Phase 2 you have to modify routing protocol behavior to suit your needs, for example split horzion rule for distance vector protocols, EIGRP next-hop-self, OSPF network type, configure iBGP route-reflector and such stuff. Specifically observe what is next-hop for route in RIB on spokes.
With Phase 3 you allow hub to send nhrp redirects, kind of a similar to icmp redirects. When you enable “ip hnrp shortcut” on spokes look for “H” routes in RIB.
When you are mapping nhrp multicast to ip address on spokes you have to use “public” NBMA address there (NOT tunnel address of hub, but address on physical interface of hub), thus in your example:
should be:
ip nhrp map multicast 1.1.1.1
DMVPN is hard concept when you see it for first time and takes long time to master.
The best way how to get familiar with all this is to lab the hell out of it. Networklessons are providing really good material for DMVPN, you can find it in CCIE section. Trust me and go over all this material, lab it up. It takes time, but its worth it. Dont you want to become DMVPN ninja anyway?