Monday, 28 September 2015

Cisco DMVP over Frame Relay

Hello again,
One of my friends is trying to simulate DMVPN using Frame Relay. He had some issues to finish his lab. In this post, I'm gonna try to do this . So Let's begin :)
First of all we'll use GNS3 for achieving this lab. The components are:

  1. One Frame Relay Switch ( representing the Internet Cloud)
  2. Three Cisco Routers (37x) router 
  3. Three connecting cables for connecting the routers with the frame relay 



Now, the steps are

  • creating virtual circuits or Permanent Virtual Circuits (PVC)  inside the frame relay to map the traffic between R1, R2 & R3 . So how many PCVs do we need? Yes, two PVCs! R1>R2 and R1>R3 and the traffic between R2 & R3 will be passed through R1 which is the spoke.
  • The Mapping of the interfaces show look like this








  • Cool. Now, connect port 1, port 2 & Port 3 with  s0/1 interfaces of R1, R2 & R3 respectively. The topology should look like this 

      • Now, we need to configure each interface to work with frame relay and map the traffics of each interface to the specific DLCI interfaces. To do this, write the following commands under inter s1/0. Notice that !I’m assuming that all router use the interface s1/0 to ! ! connect to the Internet 
      DMVPN
      Under the interface s1/0 command, define the encapsulation to be frame relay and map each ip address wirh its specified dlci   port as below:
      This is for R1
      interface Serial1/0
       ip address 9.9.9.1 255.255.255.0
       encapsulation frame-relay
       serial restart-delay 0
       clock rate 64000
       frame-relay map ip 9.9.9.3 103 broadcast
       frame-relay map ip 9.9.9.2 102 broadcast
      This is for R2
      interface Serial1/0
       ip address 9.9.9.2 255.255.255.0
       encapsulation frame-relay
       serial restart-delay 0
       clock rate 64000
       frame-relay map ip 9.9.9.1 201 broadcast
       frame-relay map ip 9.9.9.3 201 broadcast
      This is for R3
      interface Serial1/0
       ip address 9.9.9.3 255.255.255.0
       encapsulation frame-relay
       serial restart-delay 0
       clock rate 64000
       frame-relay map ip 9.9.9.2 301 broadcast
       frame-relay map ip 9.9.9.1 301 broadcast

      now, let’s configure the tunnel interfaces. We gonna use the tunnel 0 for all routers. Starting with R1, which will be the hub router for the DMVPN and it’s slightly different from R2 and R3. The commands are

      R1(config)#interface tunnel 0

      ! Firt we need to assign an ip address to the interface !tunnl0

      R1(config-if)# ip address 192.168.1.1 255.255.255.0

      ! second we will specify the source intrerface of this !tunnel, notice that for the hub router we can specify either the physical interface or the ip address, bcz the !ip address is not gonna be changed.

      R1(config-if)# tunnel source Serial1/0

      ! now, let’s enter the ip nhrp parameters
      ! the following two lines are for the hub only

      R1(config-if)# ip nhrp shortcut

      ! since we use point to multipoint topology, we need to specify that this gre is multipoint

      R1(config-if)# tunnel mode gre multipoint

      ! redirect means that the hub router will inform the !other two router that they can pass traffic between each ! other without passing it through the R1

      R1(config-if)# ip nhrp redirect
      R1(config-if)# ip nhrp authentication cisco123
      R1(config-if)# ip nhrp map multicast dynamic
      R1(config-if)# ip nhrp network-id 1

      ! To specify the MTU size, it is preffered to use the! !value of 1400
      R1(config-if)# ip mtu 1400

      ! The following command prevents the R1 to be always the ! next hop for R2 & R3. Means that the traffic goes to R2 ! from R3 should have R3 as its next hop and vice versa ! ! in eigrp routing table.  

       R1(config-if)# no ip next-hop-self eigrp 1

       ! next we need to disable split horizon feature in case ! we use one of the distance vector protocols

      R1(config-if)# no ip split-horizon eigrp 1

      ! specify the tunnel key. And u should use a strong key ! ! in the real environment. However, for the test lab we ! ! gonna use an easy key. This key must match on all ! ! ! ! routers

      R1(config-if)# tunnel key 123

      Now we’ve done with the hub router. Let’s move into the other router, and see what is the difference between the hub and the spoke routers

      R2(config)# interface Tunnel0
      R2(config-if)# ip address 192.168.1.2 255.255.255.0
      R2(config-if)# no ip redirects
      R2(config-if)# ip mtu 1400
      R2(config-if)# ip nhrp authentication cisco123

      ! nhrp must have the public ip address for the hub router

      R2(config-if)# ip nhrp map multicast 9.9.9.1
      R2(config-if)# ip nhrp network-id 1

      ! we need to specify the tunnel ip address for the hub 
      ! ! router using the keyword nhs = next hop server

      R2(config-if)# ip nhrp nhs 192.168.1.1

      ! also, we need to specify the public ip address for the 
      ! hub router and map the tunnel ip address to it.

      R2(config-if)# ip nhrp map 192.168.1.1 9.9.9.1

      ! tunnel source in the spoke routers must be the physical 
      ! interfaces, not the ip addresses. This is bcz the DMVPN 
      ! is based on the assumption that the spoke router don’t  
      ! have to have a permanent ip address

      R2(config-if)# tunnel source Serial1/0
      R2(config-if)# tunnel mode gre multipoint
      R2(config-if)# tunnel key 123


      ! that’s all for R2, and for any other router works as a spoke, all configurations are similar except the !tunnel ip address which must be a unique.