-
Notifications
You must be signed in to change notification settings - Fork 0
/
Cisco-DMVPN-Template-with-Multicast-Example copy.config
139 lines (138 loc) · 3.52 KB
/
Cisco-DMVPN-Template-with-Multicast-Example copy.config
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
!------------------------------------------------
!-- Encryption configuration for each device
!------------------------------------------------
!
crypto ikev2 keyring cisco-ikev2-keyring
peer dmvpn-node
address 0.0.0.0 0.0.0.0
pre-shared-key [[PRE-SHARED-KEY]]
!
!
crypto ikev2 profile cisco-ikev2-profile
match identity remote address 0.0.0.0
authentication local pre-share
authentication remote pre-share
keyring local cisco-ikev2-keyring
!
crypto ikev2 dpd 40 5 on-demand
!
crypto ipsec security-association replay window-size 512
!
crypto ipsec transform-set AES256-SHA256 esp-aes 256 esp-sha256-hmac
mode transport
!
crypto ipsec profile cisco-ipsec-ikev2
set transform-set AES256-SHA256
set ikev2-profile cisco-ikev2-profile
!
!
!------------------------------------------------
!-- HUB1
!------------------------------------------------
!
interface Tunnel100
bandwidth [[Bandwidth]]
ip address [[HUB1 Tunnel IP]] 255.255.255.0
no ip redirects
ip mtu 1400
ip pim nbma-mode
ip pim sparse-mode
ip ospf network broadcast
ip nhrp authentication cbt0713
ip nhrp map multicast dynamic
ip nhrp nhs [[HUB2 Tunnel IP]] nbma [[HUB2 MPLS IP]] multicast
ip nhrp network-id 1
ip tcp adjust-mss 1360
if-state nhrp
ip nhrp redirect
qos pre-classify
cdp enable
tunnel source [[HUB1 MPLS Interface]]
tunnel mode gre multipoint
tunnel protection ipsec profile cisco-ipsec-ikev2
!
router ospf 1
log-adjacency-changes
redistribute connected
network [[HUB1 Tunnel IP]] 0.0.0.0 area 0
!
!------------------------------------------------
!-- HUB2
!------------------------------------------------
!
interface Tunnel100
bandwidth [[Bandwidth]]
ip address [[HUB2 Tunnel IP]] 255.255.255.0
no ip redirects
ip mtu 1400
ip pim nbma-mode
ip pim sparse-mode
ip ospf network broadcast
ip nhrp authentication cbt0713
ip nhrp map multicast dynamic
ip nhrp nhs [[HUB1 Tunnel IP]] nbma [[HUB1 MPLS IP]] multicast
ip nhrp network-id 1
ip tcp adjust-mss 1360
if-state nhrp
ip nhrp redirect
qos pre-classify
cdp enable
tunnel source [[HUB2 MPLS Interface]]
tunnel mode gre multipoint
tunnel protection ipsec profile cisco-ipsec-ikev2
!
router ospf 1
log-adjacency-changes
redistribute connected
network [[HUB2 Tunnel IP]] 0.0.0.0 area 0
!
!------------------------------------------------
!-- Spoke
!------------------------------------------------
!
interface Tunnel100
bandwidth [[Bandwidth]]
ip address [[Spoke Tunnel IP]] 255.255.255.0
no ip redirects
ip mtu 1400
ip pim dr-priority 0
ip pim sparse-mode
ip ospf network broadcast
ip nhrp authentication cbt0713
ip nhrp network-id 1
ip nhrp holdtime 60
ip nhrp nhs [[HUB1 Tunnel IP]] nbma [[HUB1 MPLS IP]] multicast
ip nhrp nhs [[HUB2 Tunnel IP]] nbma [[HUB2 MPLS IP]] multicast
ip nhrp registration no-unique
ip nhrp registration timeout 30
ip nhrp shortcut
ip tcp adjust-mss 1360
if-state nhrp
cdp enable
tunnel source [[Spoke MPLS Interface]]
tunnel mode gre multipoint
tunnel protection ipsec profile cisco-ipsec-ikev2
!
router ospf 1
log-adjacency-changes
redistribute connected
network [[Spoke Tunnel IP]] 0.0.0.0 area 0
!
!------------------------------------------------
!-- Multicast for Voice
!------------------------------------------------
!
interface Loopback0
description Voice Loopback
ip address [[Loopback IP]] 255.255.255.255
ip pim sparse-mode
!
interface [[voice-interface]]
ip pim sparse-mode
!
ip access-list standard acl.mcast-groups
permit 239.1.0.0 0.0.255.255
!
ip pim bsr-candidate Loopback0 24
ip pim rp-candidate Loopback0 group-list acl.mcast-groups interval 10
!