Hosting Multiple DMVPNs

From Baranoski.ca
Revision as of 22:17, 7 April 2015 by Casey (talk | contribs) (Created page with "It is possible to host multiple DMVPNs on the same router. This could be used for separating services, such as data and voice. It can also be used in an ISP environment ...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

It is possible to host multiple DMVPNs on the same router. This could be used for separating services, such as data and voice. It can also be used in an ISP environment for hosting multiple customers.

Firstly, your hub router(s) need a working internet connection. Each DMVPN will require its own publicly routable /32. Assign it to a loopback interface. It's convenient to set the loopback number to the customer account number, if applicable, or to some other sort of unique number. Be sure that the /32 is reachable from the internet. 

interface Loopback2112
 description WAN IP FOR CUSTOMER #2112
 ip address 192.0.2.1 255.255.255.255

This service will need its own encryption key. This key is then tied to the loopback interface. It is also set to match remote hosts with any IP (0.0.0.0/0) 

crypto keyring CUSTOMER2112
 local-address Loopback2112
 pre-shared-key address 0.0.0.0 0.0.0.0 key aw3s0m3crypt0k3y

Create a VRF for this service. The RD can be assigned from your global MPLS setup, if applicable, or can be anything if you are just running VRF Lite. 

ip vrf CUSTOMER2112
 description VRF FOR CUSTOMER #2112
 rd 2112:1
Retrieved from "https://baranoski.ca/index.php?title=Hosting_Multiple_DMVPNs&oldid=235"