Hello all,
I'm having a stump here trying to wrap my head around DMVPN topics. Particularly a real world deployment. Let's assume you have a hub with three spokes. Each of the four spokes are connected to the local ISP via eBGP. I've inserted a picture for visualization.
*Note: I've disguised a central router as the "internet"*
With this configuration, i'm using EIGRP to advertise both my internal networks and tunnel network.
With BGP out of the equation, my VPN works perfectly fine. The problem is, i need to access the internet. So, naturally i configure eBGP and advertise my internal network and NBMA address (public ip address attached to the ethernet interface). Naturally, eBGP will populate the routing table, as it has the lower administrative distance than EIGRP. This essentially makes my VPN useless.
This is where my confusion sets in, what does a real world design look like? How do i define network traffic going to the internet or network traffic going to my other spokes? I cannot visualize or figure out what a real world deployment looks like. The only thing i can find is labs *without* an actual internet connection. Should i use a static "0.0.0.0 0.0.0.0 (next hop)" route to get to the internet? This way all traffic is directed to the internet, EXCEPT the longer matches via EIGRP?
I've got the configs down, i just want to be able to make it work in real life. Any kind of explanation or clarity is appreciated. I hope this is written clear enough.
No comments:
Post a Comment