Is the attached topology something that would work for a DMVPN setup? The idea of a multipoint seems to be its scalability, however I’m having trouble finding any documentation on this specifically. The Dual Hub Dual Cloud discussion seems to infer that this setup is doable, and I’m wondering if anyone out there has had experience with such…I’m going to start labbing it out, but wasn’t sure if I was barking up the wrong tree…thanks for any advice!
Thanks, I was looking at that page earlier when I decided to post. There were a few things on those config examples that weren’t making sense, like the Eth0/0 interfaces, the networks don’t match up. It was making me question whether there were typos. Guess I’ll lab it and see what I can discover…
Hi William,
I took a closer look and I agree, the Eth0/0 interfaces don’t make sense. It looks incomplete.
Hierarchial DMVPN is possible so perhaps the DMVPN configs of that example are still enough to build a working solution. I hope you can make it work 
Rene
So I’ve been messing with this. I have the hub router config easy, but I noticed a few nuances i found interesting. If I use a loopback as the source interface on the hub, I only seem to be able to create a phase 1, if my spoke routers all use the NBMA addresses for the NHRP map commands, and I set a dst address on the spokes as that loopback (let me know if you want me to copy an example in)…
If I want a phase 3 I have to remove the dst on the spokes, set the tunnel type to gre multipoint, but that alone wasn’t enough to bring up the tunnels. Again, with the loopback as the source on the hub, I needed to change those public (NBMA addresses) on the spokes to all reference that same loopback address, rather than the public IP’s, then everything comes up no issue.
The other thing is I initially went into this thinking phase 3 was the desired state, and it’s some form of an upgrade, and phase 1 is to be avoided. But that really doesn’t bear out in real life. It seems in a situation where your spokes don’t need to speak to each other that a phase 1 is totally sufficient.
Hello William
Thanks for sharing your experiences with your hierarchical DMVPN deployment. It’s always helpful!
You’re absolutely right! It can seem like the naming of DMVPN Phases 1, 2, and 3 suggests a progression or improvement, with each newer phase being the preferred choice. However, that’s not necessarily true. If your network design requirements permit it, Phase 1 is a perfectly valid and acceptable option.
I hope this has been helpful!
Laz
1 Like