Configuring DMVPN using EIGRP/OSPF By Khawar Butt

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
the product writing protocols generally it's eigrp that be run I also want to take a look at how it's run with OSPF some of the intricacies that you have with OSPF running on dmvpn we'll take a look at that we'll take a look at all the three phases phase 1 phase 2 phase 3 but before we get started let's understand what dmvpn brings to the table why do I want to do the MV pen versus a normal point-to-point GRE with IPSec on top of it to set a connection between two sites well when you do a deal when we do a normal site to site VPN let me just draw out my pen up so let's say I have a couple of sites that I want to set up over the Internet make a VPN to connect the two sides to each other and I have two sites very simple configuration I'll set up a GRU point-to-point setup it's not encrypted it does allow me to tunnel my networks my private networks from with a 10110 to let's say 10 2 to 0 to the tunnel the way you do that is you set up a small config on your tunnel interface give the tunnel tunnel an IP address that becomes the virtual network that is connecting Radha one router to to each other just do slash 24 although on the iOS you wouldn't need to run though 255 255 type of setup here I would put the public address of router 1 let's say one ninety two dot one dot 10.1 and the public address of router 2 is 22 and I would say tunnels or a destination the source would be one ninety two dot one dot 10.1 this would be a point-to-point setup so at this point I basically I ran a cable logically virtually from between Radha one and Radha two to connect them up to each other they're both connected on the same network which is 192 168 1 dot 0 because they're now virtually connected to each other I can run a routing protocol to route 10110 over 10 - 2 0 to each other the problem with this type of setup is that it is a point-to-point type of setup in the sense that if I wanted to connect multiple sites and I want to scale this I would not be able to do that I can but it would be a big task to set up at a twenty sites to each other connecting over the internet so that's where n GRE comes in M GRE allows us the ability to connect these multiple sites to each other that are connected on the Internet rather than over a separate point-to-point tunnel between each other I can create a single Network single tunnel interface having multiple points on it so logically we're all connected to a multi-point network you guys can hear me okay right Catherine because uh it's giving me a message saying that people might have problems hearing you yeah alright this one yeah I'm clear alright good good it's popping up a message on my screen saying that uh come closer zip it laughs all right ignore that you're good all right good so in a multi-point up a set up you would basically have one network 192 168 1.0 same uh I'm using the same network over here dot one let's say dot 2.3.4 and all five so I would have five different sites connect to each other over the same network if you guys are old enough to know there was a technology by the name of frame relay that existed maybe still does it's the same type of setup where you have a single multi-point network where you would need to do a mapping to figure out if I want to get to a particular destination what is the public address of it in frame relay we would do the mapping to map over ad LC to an IP address over here we're doing a public to private IP mapping this is called MGR let me just do it real quick so you guys understand how it works it's static MGR you that I'm going to do over here so in my network over here let's get rid of this drawing of mine in my network over here what I have is I've already set this off basic configuration router 6 is my internet I have five sites connected to it one ninety two dot one dot ten twenty thirty forty and fifty are the public addresses of these different sites each network each router behind it has a couple of loop backs I'm using as my internal networks and I want to be able to connect up to each other over the internet using a private networking so one of the ways to do it to connect these five sites into a single network was static mg re let's take a look at how to do that so if I go onto my router router one actually let me do it a note that because I can easily copy paste it after that so note baton router one what I would do is I would set up a tunnel interface like a normal point-to-point tunnel interface with subtle differences so this would be my tunnel IP now I would need to specify what my sources there's two different ways of specifying the source you can either specify the source manually my public address so any packet that leads this particular tunnel interface will use this as a source address on the outer head of the public header at the same time generally when I do a point-to-point after setup I would specify a tunnel destination let's say this guy over here but you know in a point-to-point setup I can only do a single destination on a tunnel interface which by default sets up GRE point-to-point I can only do one destination in this case I have multiple destination so if I want to go to 192 168 1 2 what is the destination for that I want to go to 192 168 1.3 what's the destination for that so the first thing that I need to do is change my mode over here I cannot specify a single destination I need multiple destinations so the first thing that I'll change is the mode the default mode if you don't change it on the tunnel interface is GRE to point so the first thing that I'll do is change my mode to tunnel mode GRE multi point the next thing that I need to do is I need to get a protocol that to figure out if I want to get to a particular destination for example if I want to reach 192 168 1 dot 2 on the tunnel what is the corresponding destination public address so I need to write that down manually over here this is done not by ng re but a supporting protocol called next top resolution protocol or NH RP so the first thing that I need to do over here is I need to enable NH RP under the tunnel interface that is done by using the network ID command network ID command is just to enable NH RP on the interface the ID that you specify over here is locally significant so it can be any ID a lot of people ask me do I need to match this ID between the different interfaces no you don't it's a local think about it being like your router OSPF process ID command which is locally significant unless you go into MPLS VPNs where it does have a significance between the different devices but normal routing it is locally significant same thing with the NH RP network ID it's just your name n HRP on that tunnel interface so once I do that then I'll just just use normal n HRP mapping commands to specify if I want to reach 192 168 1 dot to the public address is 22 if I want to reach 1.3 the public address is 30.3 this these are the public addresses for the corresponding devices over here now this is not scalable but this is M GRE I want you guys to understand that so that we can move into dmvpn so this would be how I would set up a simple M GRE tunnel to connect the different sites to each other so now if a packet comes in into my routing table says I want to reach 192 168 let's say 1.4 I'm sitting on router 1 it checks a routing table that sees that 192 168 1.0 is directly connected via the tunnel and you guys can see that in your routing table so though it's through the tunnel let me check the tunnel when you go to the tunnel it says my mapping is done by n HR P it checks the NH RP mapping table in which I've static be mapped at 192 168 1.4 is mapped to 40.4 which is this guy over here alright so in essence when the packet comes in let's say I want to ping from router 1 I'm pinging router for so 1.1 I'm pinging this guy over here when the packet comes in what I'm going to do over here is I'm going to put my source whatever my channel source is in the outer header over here and I am going to do a mapping for 192 168 1.4 and look at the mapping over here to see what do I put in the outer header corresponding to the inner destination so in the inner destination I see 192 168 1.4 and that's what the mapping is used for to figure out what to put on the outside header packet is created and sent across all right this is M GRU so let's do that let's see if it works over here and then we'll set take a look at the disadvantages of doing something like that so copy it I'll go to router 1 and paste it you while it's coming up I will go ahead and do the same thing for rather to almost the same thing all I do is change my IP address and the other thing that I would also do just to make it a little bit more scalable has just changed the source rather than putting the IP address manually I'll say get the IP address from de0 zero interface so whatever the IP address of the easier interface is that's what I want you to use I'll change the mapping I don't need a mapping for myself I do need a mapping for 10.1 the rest three four and five are the same so I'll copy this and I'll go to router 2 and paste it now if you want to check you can check your mapping table over here show IP and HRP it tells you that if you want to reach 192 168 1.1 the outside address the public address is 192 dot one dot 10.1 so if I go in and type try to pink 192 168 1.1 which the router in the middle this is the internet router all it has is just the public addresses if you check the routing table all it has as public addresses it doesn't have any 192 168 but if I go over here and try to ping it what's going to happen over here is we'll go through the whole process it's going to say I want to ping 192 168 1.1 actually I am - I'm sitting on - and I want to ping 192 168 1.1 let's figure out the outer header the outer header based on my tunnel sources the IP address of 0 0 which is this guy now the destination when I check my routing table let's do that first when I check my local routing table over here it says 192 168 1.0 which is the public address is reachable via the tunnel interface if I check my tunnel interface over here it says it is a M GRE tunnel all right so if it's an M GRE tunnel it needs to do the resolution check CM n HRP table in the NH RP table says oh if I want to reach 192 168 1.1 I need to put this as the public address put it over here based on that and it makes a connection so let's try to do that and see if it's successful boom so I can go from rada to - router 1 the packets going like this the you guys can see my drawing of the at the bottom of the screen that has the red that which is the outside header the blue the inside header that's the fact that's the way the packet goes although it's a clear text packet the the middle router which is router 6 just looks at this for forwarding the outer header everybody ok with this yes now let's go ahead and finish the whole config up if you take a look at it what do I do on our three you let me finish it we'll talk about that the question Nino s was the coloring of the secured CRT so on our three I'm going to do the same thing yes there absolutely is because it's a it's I would say it adds a header of about of 40 to 50 bytes so you might want to change your MTU to two to make it a little bit more efficient so over here 1.3 I need a mapping for one I need doing a mapping for two but I don't need a mapping for myself so on three I'll change that copy it and paste it over here so my router 3 should also now be able to communicate to the other guys so one is reachable 2 is reachable again through the mapping let's finish the other one 1.4 so the only thing that I'm changing over here is the IP of the tunnel and then I change the mappings I change the mapping for my own to the one that was from the previous one and I should be almost done I need one more so I can ping one ninety two one one two and three by the way this is M GRE this is not dmvpn because it's all manual so one two three four now I don't need one two three actually I am no I'm five now right so I need four and I need three that order but that's okay so now I have the ability to ping all the different devices on the same network over here so they're all reachable all right what's a problem with this the whole purpose of doing this multi-point GRE tunnel was scalability yes I don't have multiple tunnels now but in the same tunnel if you take a look at the configuration I need to have a mapping for each device not only that the other problem with this type of setup is that I do need all the sites to have a static public address because I need to map it over so the destination address that you see 10.1 20.2 and all that it cannot change so everybody over here all the sites that you have that are connecting to this multi-point tunnel need to have static public IP addresses so that's the other drawback that you guys have so if you have certain sites small sites that do not have the ability to have a static IP s that's going to be an issue that's where DME pin comes in how does the MEP and work with dmvpn what I'm going to do is actually I can just use this online whiteboard in dmvpn what happens is it's the same type of setup but the thing is the the mappings are done dynamically and the dmvpn type of setup it's still a em GRE tunnel it's a multi-point tunnel but what I do is I designate one of the routers as what is known as the next top server NHS it's like a dynamic DNS server ddns like it's not the same it's like it it's a resolution server what it does is it basically allows the other devices lets a router to router three router for and router five to come up and register their mappings to this dynamically so what I'm going to do on two three four and five I'm going to tell them hey listen your next top server is 192 168 1.1 and in order to reach it you need to go to [Music] 192 1.10.10 dress is on the outside interphase your public address I want you to go and register yourself to write one and tell router one what is your public address so as soon as I configure r2 with the NHS and map it it is going to go up to router one and tell them hey listen you know what my IP address is on the tunnel 192 168 1 dot 2 and the way you reach it is this guy please register me this guy's going to do the same thing for is going to do the same thing and v is going to do the same thing you guys get the gist right just put it in anyways so now the NHS has all the mappings created dynamically just like dynamic DNS it gets an IP address from the DHCP server it goes and registers with the D DNS server the D DNS server now has all the dynamic mappings so this allows us to capabilities number one on each of the spoke routers or these devices over here the clients I don't need to do all the mappings for everybody I just do a mapping for the next top server the central server yet at this point you have a single point of failure you do have the ability to have multiple next up servers to get around that problem but my focus right now is rather than the redundancy part of it is the working part of it but yes you do have the ability to have multiple next up servers the NHS NHS servers so if just in case it goes down you still have the mappings now over here I have one mapping even if the other spokes for dynamic they would have mapped their dynamically assign ISP address the public address to the next stop server so he knows all the addresses now so now let's say router two on struck two out of three in his mapping table he just has one entry what he does it says hey listen NHS I have a packet that I need to send to 192 168 1 dot that safe or you happen to have the IP address for 192 168 1.4 sends a request over here gets a resolution creates the NH RP mapping dynamically and keep set by default for two hours so for the next two hours I don't need to go to the next stop server to be able to reach either one of the two three devices so now I've scaled down the availability issue that I had is gone because now I only want to point to the next up server and the next stop server will resolve all the addresses forming you get my point this is done dynamically hence the dynamic multi-point VPN type of setup all right rather than doing it statically how do I do this let's take a look at the config on the next stop server itself and then the clients what do I do on the client side all right much more dynamic in the sense that number one I don't need to do a lot of manual work on the other devices plus if in case I have sites that have dynamic IP addresses as five of them by their ISP I don't have an issue with that okay so I am going to take a look at the old config this was for empty re now let's do a dmvpn config over here I'm going to go to the the one that I'm going to make into the anak NHS server in here I'm going to get rid of the older tunnel so everything that I can figure out the tunnel is gone and then I'm going to configure a new tunnel interface over here IP address 192 168 1.1 tunnel source I'm going to meet make it like that tunnel mode GRE multi point once I've done with that I need to enable n HRP over here specify that and that's pretty much all I need to do on the next stop server everything else will be done dynamically now I'm not running routing right now I'll show you how to do routing as well but for right now just to connect the four sites or five sites to each other in a dynamic manner so how do I do that so on the next stop server this is all I need to do because everybody else will register to me dynamically let's do this on router one notice the first command over here is I'm getting rid of the old tunnel so I won't have any of these configs anymore so copy it you go to router one so the old tunnel is gone if I look at my mapping right now I don't have any mapping it's blank but on the other side on the client-side router to through out of five no interface Connell one interface tunnel one IP address Pitou tunnel source easier slide zero tunnel mode GRE multi-point IP n HRP network ID and then the commands for NHS my NHS server is the tunnel IP of the the NHS not the public IP the tunnel IP because any trap is run through the tunnel how do I reach it in order to reach 192 168 1.1 this is the public IP of it so when I do need to do my registration because I've been configured with NHS it tells my tunnel interface as soon as you come up you get an IP address assigned to it please go and register that with the the next stop server and this is what the command does and in order to reach it this is where I go and reach it so copy it again if you look at the top it says note interface tunnel one so it's getting rid of the old tunnel config and putting the new thing in as soon as I do that my tongue comes up I do have one mapping that is done and if you take a look at it that tunnel mapping is for the next top server it is done manually if you guys remember router one had no mapping because I did not do any static mapping over here now it should have one registration which was done dynamically where 192 168 1 dot 2 registered itself as 20.2 so now if I do want to go to this guy I will be able to go there let's do the same thing on r3 so I'll just do it individually so you guys can have these notes later on oops again don't forget to get rid of the old tunnel because the other tunnel has a whole bunch of other config the rest remains the same because everything is pointing towards the next top server the NHS so router 3 down the map down the configure on router 3 which is pointing to the next drop server if I go over here and I do it IP and HRP you will see that I have mappings mount manual mapping screen now so now router 3 again right now only has one mapping towards the neck next top server it does not have a mapping for 2 yet it will create a dynamically on a need basis but before I do that let me finish up on all the other configs just change the IP the rest of the config is exactly the same on all the other clients spokes whatever you want to call them one mapping over here which is for the D NHS here I as new devices come up they do the mappings of me now this is extremely scalable you just need to have a BP router at the the hub site the next top server because it is going to have all the mappings depending on how many sites you want to connect up one of the networks I set up I had about 200 sites worldwide it was a MNC multinational company and it had about 200 sites that were connecting over here I have all my mappings done all right now let's go to router 5 and I want to let's say I want to communicate - righto - if I take a look at my mapping I only have one mapping let's say I want to go to 192 168 1 dot - I don't have a mapping for it rather than doing a ping I'll do a trace route over here because I want you guys to see what happens over here when I do a trace over here it says hey I want to go to 192 168 1 dot - if you check the routing table over here again 192 168 1 dot 0 is connected via what the tunnel interface goes through the same process check the NH RP mappings that doesn't have any mapping but it knows there's a next top server configured so how do I go to the next top server I tell it listen you know what I want to get to 192 168 1 dot - do you happen to know the public IP of it as yes I do sends down the registration oh sorry the resolution tells it hey listen if you want to get to 192 168 1 dot to the public IP is 20.2 go there directly don't come to me go there directly but the first packet will go to where towards the next top server it's like a default gateway of sorts or NH RP so I'll do a trace for to 192 168 1 2 I don't have a mapping yet over here so as soon as I do that you'll notice the first trace goes to one but it's a single off because it's automatically going to send him a resolution and it goes direct to 192 168 1 dot 2 it's not two hops doesn't show you to hop in the traceroute it just shows you a single hop if you take a look at your NH RP table right now I have a new mapping created for 192 168 1 dot 2 which was created dynamically does that make sense guys everybody okay with this and it stayed there for about roughly two hours now if I do another trade route I am NOT going to go to the next top server I'm going to go direct because I have a mapping for 192 168 1 . to take a look it's direct everybody okay with this you guys understand that yeah I only see the funds for everyone now at this point I have not done any routing I've disconnected the different devices to each other not actually the whole purpose of doing this was to actually be able to do routing so that my internal networks over here can connect to each other all right but at this point at least what I have accomplished over here is that all the devices right now are logically connected to this tunnel network 192 168 1.0 they are able to communicate to each other directly they're not going through the next top server they're using the next top server more like a resolution device like a DNS server how do I go to google.com once they find out how to go to Google calm the DNS server they go directly to the end device so it's more like a control plane type of mechanism that's happening between the the hub and the the clients and the next hub server but I'm not done the main thing as I said my objective over here was to be able to communicate and have the routes from the internal networks propagate to each other so I need to run a routing protocol but there's an issue with that the issue with the routing protocol over here is when any type of routing protocol generally the IDPs when they communicate what's the packet look like whether it's ready I PRP OSPF any of them their packet is going to look like this multicast when I send the yellow packet out to establish my neighbor relationship and EIGRP our OSB a trip doesn't have a hello packet but the entire update is multicast it's going to say 192 168 1 dot X whatever your device is now over here on the outside let's say I'm sitting on two just as an example hang on - and I want to send an update who do I send the update - one ninety two dot one dot 20.2 is my source what's my destination where is the mapping for this did I do a mapping for it the next stop server is not going to resolve multicast mappings it only resolves unicast mappings so when I see a multicast address over here I need to tell my router how what address do I need to put put over here I'll get to that in a hub-and-spoke environment does all the traffic go through the hub we'll get to that talk about that's the phase 1 phase 2 phase 3 part of it good question just hold on to it that will be answered as we go so source is this what's the destination for my multicast update I don't have a mapping for the multicast so what I need to do I need to designate my next top server as my routing hub rather than establishing a name relationship with everybody I am going to establish my writing neighbor relationship or adjacency only with the hub again from a redundancy perspective you might want to have two of them at least but from the perspective of scalability you don't want to do it with everybody because otherwise I would need to maintain name relationships and everybody so what I'm going to do on all the different spokes is I'm going to do a map a special map that says if a multicast packet comes in send the multicast update to the hub so when it sees this type of packet for a routing protocol like ERP or OSPF or for that matter if it is going to send the update to the next drop server which now also becomes my routing hub so everybody will establish in a relationship with so for the problem problem is on the hub what type of mapping do I do over here everybody points to the hub on the hub what I tell it is hey listen if you have a multicast packet come in that needs to go out send it to each one as a unicast that has registered to me dynamically send it to all my clients so check the NH RP mapping table for anything that has registered dynamically it's going to take that packet and send that multipath and multicast packet creates multiple packets and sends a multicast update to each one of those clients so on the hub the next top server I don't do a map multicast to a specific address I do it to this entry in my NH RP table that has been registered as dynamic so let me just show you that real quick over here if I go to router one all my mappings over here are based on what dynamic so what I'm going to do over here on the next top server on the hub side the routing side is what I'm going to do is I'm going to specify oops this is the wrong one this guy over here IPN HRP map multicast dynamic you get my point so it will send its hello packet to everybody that has registered to me dynamically so to all the clients on the the device at the client side I'm going to do the mapping only towards what map multicast towards 10.1 so if a multicast packet needs to be resolved I'm going to resolve the to only to that particular guide let's redo the the hub with a map multicast dynamic on the client force a registration by getting rid of the town put back in otherwise sometimes you need to bounce the interface if I was doing it from scratch rather than explaining it I would have done it upfront so I would do the same thing over here on the other devices so this is what a simple dmvpn Network setup looks like right now I should be able to run a routing protocol as well you and the last one over here you so I have a map multicast dynamic so if I run a routing protocol I know where to send the updates to let's go ahead and run the routing protocols in so the first routing protocol I want to take a look at over here is e IG RP so the next set of the lecture is for running eh RP on this tunnel interface I made my tunnel ready for running a multicast based routing protocol everybody okay with it so far you understand what I have done in terms of the config every single command and the significance of every command in there do you guys understand that why are you putting it in all right brilliant so let's move forward and run around in protocol so running erp as the routing protocol on the the dmvpn top on every router that i have created over here I have some to loop backs that I'm created I've created over here so from Radha wants perspective on 10 1 1 1011 router 2 very simple config because it's just got interfaces on it on our six so ten to over here 10 333 over there then 44544 and five and 55 on this guy router for is a very simple configure the topology over here write a 6 over here just directly connected interfaces on Rado 6 10 20 30 40 50 that's all I've done I disconnected them up in real life this would be the internet so it would just yeah it's just connecting these Butler devices on the public network and tunneling everything it's going to just see the outsider address so if you look at the configure router 6 nothing in there just interfaces with IPS the routing table looks like this very simple setup now you guys have seen the networks what I'm going to do over here is run the routing protocol on router one to router six it's the same type of setup what I'm going to do is I'm going to run EIGRP in the classic mode it's a habit although in the newer iOS is you don't need to do it Auto no Auto summary is done by default classic meaning versus the named mode so I'm enabling it on the tunnel interface as well as on the internal class internal loopback that I have and this is the same type of yeah ARP setup I would need to do on router one to not rata one through ratified I don't need to run EHR P because I'm running it through the tunnel on router 1 2 3 4 & 5 same type of setup because everybody is enabling it on the 192 168 1.0 network and the ten network what about stub ERRP stop well that depends on the rest of your network that you have split horizon oh I'll get to that we need to do that but I want you guys to do it one step at a time I want you guys to see the issue and resolve it as we go so let's do that a router one running edge RP router - running edge RP three run EIGRP because they're all on the 10 Network I have the ability to do that and as soon as I do that everybody should establish in a relationship resume with the routing hub which is my next top server and if I check my routing table over here what do you guys see over here all the Deval the different networks ten to ten 310 for all of us all of them are there everybody okay with this so my routing is running but the problem is as we know the writing pointed out I'm routing EIGRP as my routing protocol which is a distance vector routing protocol by default the HRP has split horizon turned on and all the routes over here are being learned on radda one via the tunnel interface oh he gets ten to - 10 5 all right but he's not going to send these routes that he learned from where the tunnel interphase back on the tunnel effaced by default because of splitter Isaac let's take a look at that and you need to fix it so something that you need to be aware of in Eid are P so I have all the routes on the hub as you guys saw but if I go to route a - Andrew show IP route EIGRP I will only see the hub routes I don't even see the other routes alright so the first thing that I need to do to make the HRP run over your m GRE tunnel interface running dmvpn is going to be to disable split horizon where do I need to disable split Rison over here where's the only place I need to do it only on the hub because the tunnel interface on the hub right I don't need to worry about the spokes because they're not receiving and sending back everybody's sending it to the hub the riding huh so let's put that in your notes as well disable splitter eysan on the routing up how do I do it go on to the tunnel interface no IP splitter rise in Eid RP 100 that's how you disable it for EIG RP I'll just do it manually over here interface channel 1 no IP little rise in EIGRP 100 it will reset the neighbour elation ships there you go because I have changed the the setup as soon as I do that it doesn't change anything on the hub I still get all my routes I was getting them in the first place but if I go to my client now because of the splitter eyes and being disabled I am getting the routes from the other guys everybody okay with that so now I have a working network with E I GRP and this is what I needed to do to get ERP up and running with dmvpn if you guys are cool with this I'll move on and talk about the different phases that's where the data traffic flow remember somebody asked me about the the traffic absolutely not not I don't have a neighbor if you take a look at it the only neighbor that I have charlie is my hub I don't have a neighbor with the other guy I'm getting on my routes from where from the hub so if you take a look at your EGR P it's coming through there but you want to go directly to a particular neighbor is that what you're looking for I don't want to go through the hub at all is that what you're getting towards hang in there let's take a look at you see the traffic flow because the metrics are generally for traffic flow now this is pure routing on a dmvpn type of setup the routing flow over here for all the routes if you take a look at the rotting flow is in a hub-and-spoke environment or have been spoke type a set up this is the routing hub everybody sends the update student and he is the one that is responsible for sending the routing updates to everybody this is your control plane aspect of it so the control plane the routing name relationships are all done between in a hub-and-spoke environment yes for redundancy sake you might want to set up two next top servers and routing hubs but that's a discussion for different day my focus is right now on getting it up and running with one and showing you how you have different ways of allowing the traffic to flow so we will agree that the the routing traffic the control plane traffic is in a hub-and-spoke manner because I only have one knee relationship set up that is set up with thee the hub how about the traffic if you analyze your routes right now on router 2 for example I want you guys to take a look at the next top all the next tops over here are pointing towards what one the hub so if I want to do a thing or trace Trotter send a packet from router 5 to router for router 5 2 3 3 2 2 whatever whatever spoke wants to talk to whatever spoke I'm not talking about on the M GRE tunnel but for the networks behind me and which is majority of your traffic let's say 10 5 wants to talk to 10 - if you look at the next top the next stop over here is 192 168 1 dot 1 every time router 5 is going to try to resolve 192 168 1.1 even if it wants to go to 2 3 4 or 5 so in this case your traffic flow is a hub-and-spoke environment so all the traffic will go through the hub in this type of setup and this is known as DME PN city's one for all the data all the traffic flows in a hub-and-spoke environment the flow is hub-and-spoke why because the next top off your routing update is the hub let's take a look at it if I do a trace route you guys remember the first physically absolutely physically traverses through it so if I do a trace route for let's say 10 da - da - da - from let's attend a five out of five how many hops do you see over here two hops let me do it again just to make sure I'm not resolving anything or is not improving it's still two hops if I go to three it's still too hot you everybody okay with this is that the reason is my next hop in my routing table is one so when the resolution comes in I'm not resolving 192 168 1 2 or 3 or 4 I'm resolving one because I want I want to resolve my next hop so let me write that down for you guys this is the behavior of dmvpn with eh RP in this phase all traffic traverses through the hub this is the default setup when you run erp as the routing protocol on dmvpn so if you're on dmvpn by itself and you run it like that it is going to be hub-and-spoke you might say it's not good yeah you're right in terms of sufficiency it's not good because all the traffic now is going through the routing up which becomes your bottleneck not only that it leads to inefficient routing all right just to give you an example let's put some geographical locations over here let's say this is LA let's say this is Boston and this is New York radda three wants to communicate throughout a four Boston to New York it first needs to take that cross-country flight to LA and then come back into Boston which although on the internet everybody would be able to talk to each other directly but in this case the traffic is traversing through LA before it gets to New York you good for wipe it's not efficient but at the same time from a security perspective you might want to have some centralized policies which control which spoke talks to it spoke and that is something that is what this is good for so if you want to control which spoke talks to it spoke and you have some policies defined on router one this will force the traffic to come in through where to Ottawa you get my point so by default it is phase one I'm not saying it's good but it depends on the situation that you're in so if you want this for from a perspective of security policies yes red exactly right if you want to control what traffic goes where this is the phase for it that's phase one so what is phase one what do you get out of phase one you get centralized traffic all the traffic goes through the central hub it basically follows your routing traffic and why is that because the default behavior for EHR P is this normally if you have router 8 router a sense traffic to be what's the next top 4 B it should be a correct B sends it to see what's the next top 4c it should be be everybody agrees and that's exactly what's happening with the idrp by default so when Rada 3 sends the update to Rada one Rada one gets it he sends it back because I disabled split horizon to 4 he changes the next stop to one so everybody is getting the update from one da one the default behavior of Vig are be all the words going on the same interface it is falling through this because you guys get my point so because of that when you go to your rotting table you will see all the updates are coming in from where from this guy what if you don't want to do that what if you do want the traffic to go directly from spoke to spoke I don't want to have this inefficient data forwarding traffic forward the way you do that is you go back onto your hub and you tell your hub listen don't change the next top I want the next top to remain unchanged remember how in BGP if you guys have worked with BGP there is a thing called next top cell where you change the next drop to sell over here you're doing the opposite of that you're saying don't change it we're on router 1 so if problem doesn't change it what's going to happen over here is when two sends an update - rather one the next top over here right now for all the routes from - are 192 168 1 2 and I'll tell Radha Juan don't change the next job so when one sends it to everybody else if I don't change the next stop they'll point to 192 168 1.24 routes for two similarly for three will be 3 4 it will be 4 5 will be 5 now my routing table will have a next stop pointing to either 2 3 4 5 cars are respectively for the different type of routes so when I go to do my resolution I'm going to do the resolution for the appropriate next stop so my data traffic will flow directly from spoke to spoke all right how let me just show you on the hub if you want this to happen where the data traffic needs to go directly from spoke to spoke and not come to that hub and spoke tap environment go under the tunnel specify no IP next top cell for eigrp 100 so basically saying any updates that are coming in through the tunnel and going back out don't change the next hop again because of the change it will reset your neighbor elation ships by go to router to now do you remember this everything was pointing to one because of this config change now I will have one three five one three four five one three four five from the appropriate destination the actual destination now if I want to do a trace route from Rado to to let's say 10.33 three the first packet will go up to room so the next stop server to resolve how do I get to 10333 or not 10333 how do I go to get to what 192 168 1 . 3 says 192 168 1.3 is reachable PR 30.3 so thank you the next packet direct take a look so the first one it went there but then it resolved it when direct so now my traffic is going directly between one two two three or for that matter if I want to go to for the first packet yes we'll go to the pub because I need to resolve once a resolution has taken place the next packet goes direct and if you check your NH RP mappings now you will see dynamic mappings created for three as well as before and the reason for that is because now my routing table shows what the next top as the actual next drop for that network not the hub and this is dmvpn phase two so how do I do this though which one the two hours absolutely under the tunnel I'll show you that as well if you want but before this DM it VP and phase one just to complete your notes how to die of copper stat on Rada one the routing hub well this one is the default so I don't need to do anything about sorry dmvpn days - yeah disable it Rison which is not even in phase one it's just eh RP part in this phase you no it's the same or advertiser suggests the the metrics do change method should change I know not as take that back no it doesn't change why because the metrics were even if it did change the next stop the metrics were the same over here what should remain the same we'll check that in this phase you're after there your traffic you to shortchange now in this phase let me see how I want to phrase this you tweak the routing protocol to not change the next top of the routes that are getting propagated this allows the spokes to resolve the next hop to the actual router public address but what did I do over here the key thing I want to I want you guys to take a look at is you tweak the routing protocol to change the next stop all right this in this phase traffic trapped in let's say the traffic goes directly from spoke to spoke how did I accomplish that interface tunnel one no IP next top self BH RP 100 correct the first packet goes through there there's some questions I wanted to take a look at from one lay asleep respect the towers connected between the spokes right but from a light layer to perspective that the traffic's still go to the hub no because the packet the way it works is like this let me just show you the packet but before that I want you guys to see the before and after in terms of the for example for these guys is to eight zero eight eight zero two eight two eight eight zero because it's the same interface all right so the the metrics won't change the other thing the question that was asked was about the layer two aspect of it the way it works over here is after the initial packet that went through let's say router 2 wants to talk to router 3 there's a router 6 in the middle which is the internet and there's router 1 taking our example la Boston and New York to connect it to each other this is the Internet now what happens is if I look at my routing table over here for 10 3 3 0 it says the next stop is three all right so what it does it creates a packet the initial packet was 10 2 to 10 3 now it needs to create the outside header you sources 20.2 first thing I'll do is it will send try to do the resolution for how do I reach 192 168 1.3 that packet that initial packet goes to r1 gets it back so are two two four or six six to one once I get the packet I get the resolution I will know in order to reach 192 168 1.3 the next hop is 33 get it so now I'm going to put that into outer header so the packet that gets sent from where from router to to rider six looks like this it doesn't physically layer to why's go to la it goes to the internet internet says oh how do I reach 30.3 send it over here that make sense guys somebody asked me the question who was it dis checked and you get my point so it's actually not even hitting router one after the initial one the initial one is the resolution all right the other question was can I change it to the timer and HRP this is the expiry timer I remember [Music] hold on this is the one which are set to 7,200 seconds by default you can change it to hours as a default but it everybody okay that so that is phase one phase two at the AARP absolutely sho DM VPN was the one detail I think you you so shows you the mappings as well you you where everybody okay with that so this is phase two any questions so far now phase three is very similar to phase two in the sense that phase three also has you do the spoke two spoke communication but the difference in phase three is this part over here you with phase two I'm working with my routing protocol to make it run as spoke to spoke my routing update changes which in turn changes assess Phase three does not rely on the routing protocol to do that phase three uses NH RP to override the set table of the spokes to tell it hey listen you know what 10.2 or 10.3 it creates the actual mapping for the internal networks rather than just changing the next stop I will actually create a mapping for the internal networks let me show you that so you guys see the difference before and after if I take a look at my NH RP mapping over here what addresses do I have mapped a weed you the tunnel IP is correct if I want to reach one three or four the next tops are whatever they are right but they're tunnel IPs so if I'm sitting on r2 and I want to go to our four for example this is my destination I check my routing table in my routing table what do I see in order to get to ten four the next hop is 192 168 1.4 so it says o1 not 192 168 1.4 is 40.4 so what am I using to do the spoke to spoke mapping this guy agreed so the mapping is or the tunnel IP over you what I'm going to do in phase 3 is I'm going to not do it based on the routing table but instead I'm going to do it based on NH RP rewriting yourself rewriting it so that I actually have a mapping in my NH RP table over here for saying if I want to reach 10440 in NH RP go via 192 1.44 which is the public address this address of what do you call it for this internal address that was learned through the routing to do that first thing that I'm going to do is I'm going to go back to phase one so that as if all my routes are learned via one of the IP next top self the edge RP 100 reset it so now if I take a look at my routing table Stewart for EIGRP everything is going to one you the hub so if I do a trace right now to 10.33 3 from 10 to 2 2 because of the next top resolution I'm always going to go to what through the hub so it's back to phase one agreed I'm going to use n HRP to override this I'm going to tell NH RP make it a little bit more intelligent tell it that hey listen this guy is sending me a packet which is coming to me through the tunnel and I'm sending the back at the packet back on the tunnel to this guy that means these two guys are directly connected to each other the destination of the packet was ten dot 4 dot 4 dot 4 let me go ahead and give these guys a mapping to tell them hey listen if then four is to be reached the next stop is 40.4 and it's going to do it dynamically and I'm going to tell him if you want to reach ten three go directly to 30.3 why because I detect that the packet is coming in off the same interface going back on the same interface the packet was from ten three to ten four let me tell these guys their next stop addresses this is done by using NH RP redirect if I turn on NH RP redirection on Radha 1 the hub it is going to send that redirect message to whom the two spokes telling them hey listen why don't you guys talk to each other directly leave me alone you get my point 2n HRT but it doesn't work just like that when I send him the the redirection message r3 and r4 need to be equipped to take on that redirection you need to enable something on those folks to take on or accept that redirection so on the hub I will do the redirection by just putting a single command in by the way you guys are ok with us you understand that I'm going direct from what I'm not going direct right now I'm doing phase one right now all my routing entries are pointing towards one towards the hub so technically what phase am I in right now phase one absolutely ok so how do I turn it into phase 3 on the hub tell it to do the redirection when I turn this command on I'm basically telling router 1 detect these packets that are coming in data packet that are coming in and going back out of your interface try to have them talk to each other directly I'll explain that as well I'll go to that the advantage of doing phase three over phase two so I do that over here now when router 2 if I take a look at it over here and I do the traceroute although I have turned on the redirection over there if I try to go over to 10 3 it is still going to 1 not no there's something else I need to do on the spokes though so if you take a look at it it's still going through one the hub so although I'm getting the redirection from the hub I'm ignoring it correct Craig you need to turn on the acceptance of that redirects a redirection message and how do I do that on the spoke under the tunnel interface I'll say I will take the shortcut that you're giving so the IP n HRT shortcut command actually accepts that redirection says okay yeah okay I'm going to go and take your redirection go directly up to this point I was just avoiding it or ignoring it so on the spokes I do i pn h RP shortcut all right let's go back to router 2 now now that I have a shortcut in place I'll do a trace route the first packet will go to it will send me a redirection message again that's okay thank you I will go there does it change my riding update no it doesn't if you check your routing update and that is the difference over here my riding update is still pointing to what the hub but what it has done it has done a SEP update and hence this indication over here that there the next stop over right we're not over here but in your set you check yourself to get to ten three 22 10 3 somebody asked me what is the actual difference between the two that's one difference that it actually updates the set although it doesn't do anything to your rotting update so if you look at your writing update it just still shows you 192 168 1.1 it does give you an indication that something is up to be honest with you it actually does no the other one also updates the set but not directly phase two will also update the set but it updates the routing table which in turn updates ourselves whereas this one n HRP updates SM you now in reality the actual route is being said to NH RP into the routing table you don't see that you actually have a route that is being sent through n HR P into your routing table telling it hey listen if you want to get to 10.3 3.0 the next stop is 192 168 1.3 it is done through H you see this H over here for n HR p it's down through that but the problem within HR P in terms of the routing table is its administrator distance is 250 so in the routing table you won't see that H but it does also have this other mechanism where it actually changes the next drop and set which is what is used what if using a dual hub it would get the route from both the hubs but either way I'm using I'm going to use the step over there I'll show you that 250 as well give me a second that's the other advantage that I have over here right now what is happening is I have 80 or 250 correct right now what's happening over here is that I am receiving all the spoke to spoke routes right if in Phase two I wanted to do summarization on the hub and I do summarize on the hub let's say on behalf I go in and I say in Phase two interphase channel 1 IP summary address PRP 100 10.0.0.0 two five five zero zero zero can I do that sure now once I do that I'm not going to send any of those ten addresses from the spoke to spoke and now in Phase two I only have one network the ten network what's the next stop for the ten network because I'm not sending ten to ten 310 for because of the summary everything will point towards the hub so in Phase two summarization is not possible for these spoke routes but over here it is if I summarized over here and I want you guys to see this and I check my ERP table I only have one route which is 10 0 but if I want to go there I'll still use the direct pack so cut down on my routing table all right and I'm doing spoke to spoke communication because of the NH RP to redirect somebody asked me the difference the functional difference between phase two phase three this is the biggest advantage that you have in Phase three which part Antonio not phase one phase two phase one is hub-and-spoke the differences between phase 2 and phase change although my routing update is what routing table over here shows what in phase one there is no summary because everything is you can summarize it but now all the traffic goes through the hub it's hub-and-spoke yes you can summarize in phase one but again the traffic is now going through the hub what I want to do is I want to be able to summarize but at the same time I want traffic to go from spoke to spoke correct they need to have a full mesh topology type opinion now do you guys remember what I told you about that H the 250 I just showed you show IP route eigrp take a look if you do a normal route you should see that H now you so it actually does update your routing team so if I ping the other guys so traceroute to ten dot what do I have 444 first one does the redirect the second one goes direct now check your routing table you will see a bunch of more itches over here gessie now before the age you won't see it unless you summarize it because it's administrator distance is 250 so you never see it you all right that is phase three for you guys everybody okay with that yep any jar be ah so let me write this down for you guys so the third phase dmvpn phase 3 on this copy based this a lot of the stuff is similar in this phase you tweak the Arpi to do a redirection for the spoke networks HRP creates a resolution for the spoke routes in addition to the tunnel IP absolutely correct absolutely correct and that's what you guys are seeing over you see over here I am summarizing so I'm not getting all the routes from all my spokes but at the same time I'm still going to spoke to spoke very true very true because it can be misleading because when you take a look at the routing table you will see that routing table is what pointing to the hub but the actual traffic is going direct Steph would be updated but the routing table would not be you you was that no TDI oh I didn't get that ha good I'm glad you know it now okay all right so this is the edge RPI's okay with this I mean for me make sure I finish this you in this phase traffic goes directly from spoke to spoke how do I do it on the next top server which is rather one in my case what do I do the and it sees which are clients everybody okay with this you guys ready for OS bf bring it on oh SPF is never the same so first thing I'm going to do is I'm going to get rid of a jarppi on all the different devices I'll do it through my command window yeah you need to do that that's how you learn that's the way I learn it at least so in my commandment all to know router yeah RP 100 get rid of it from all my devices the HRP is gone it is tomorrow it depends on which time zone your app so now yeah ARP is gone let's run eos PF now OS p a by default will not run on an M GRE tunnel why so this is that now OSPF over dmvpn does not run by default why not OST F has this issue about network types OSPF treats every network as a certain type of network that somebody is mike is on the network type that OS p of treats the tunnel interface ad is a point-to-point interface so if I write enj OSPF on the tunnel interface how many devices do I have on a torrent apiece for you you I have five or four neighbors correct no problem by default always people treat this tunnel interface as going to point that means I can only have one neighbor you get my point so that's going to be an issue first one comes up is okay up another one comes up it brings the other neighbor out bring the other one up so that's going to be an issue with OSPF you need to change the network type on every interface the interface that you need to support over here there are two types the default one is point-to-point it does not work Oh s PF Network point-to-point does not work what you need to do is you have two choices you can either run broadcast or you can run point-to-multipoint for this to work okay and the network type is the one that determines whether you want to do phase one or you want to do phase two what was phase one all the traffic through the hub and what caused phase one the next hop changing correct agree so let's do phase two first where I want traffic to go directly from what spoke to spoke and I accomplished Phase two by tweaking the routing tailor routing protocol so that it does not change the next hop do you guys remember that so over here for OSPF what I'm going to show you I'm going to write it based on phase 1 phase 2 but the way I'm going to do it first is I'm going to do phase 2 first phase one and then phase three phase two was spoke to spoke changing the or tweaking the routing protocol to do that broadcast is a network type in OSPF the ethernet one broadcast multi-axis in which when Radha too sends an update to routers one does not have split horizon issues but when router to sends the update to router one rata one knows it's on the same network it does not send it does not change the next talk in broadcast networks it keeps it the same on the same interface hub needs to be the dr and how do i make need to make how do i make sure that hub is the dr the way I make sure that the hub is the DR is by going in onto my other devices and setting the priority to zero zero is a special priority which specifies I'm not going to participate in the election everybody okay with that so I want to make sure this is the the dr when they send me the updates I'm going to send the updates back to everybody but in a broadcast network as a attribute of a broadcast network OSPF does not change the next stop so basically are two will get an update from r3 saying RR one saying that if you want to reach ten three go to r3 let's take a look at that so if I want to do OSPF Phase two the way I would do that is on all the interfaces first of all run let's run OSPF router OSPF one network 192 168 1 0 0 0 0 2 5 5 area 0 network 10.0.0.0 0 to 5 5 to 5 5 to 5 areas here now this is going to be the problem over here you see that adjusting starting coming back starting coming back why is this because of that point-to-point setup so what I want to do is on the hop if it lets me type interface tunnel one IP ospf network will say broadcast all right our to interphase tunnel one IP ospf priority 0 IP ospf network broadcast rather three the same thing for the same thing is this a standard broadcast sound of broadcast now if I go to Rada one I should have all my OSPF neighbors set up and this should remain there for the priority of zero but if I go to router two the next hops are pointing to the actual what so 10 1 for 10 1 10 3 from 10 3 for 4 for 5 from 5 everybody ok with that so that's the that's the characteristic of an OSPF network broadcast that will automatically make it phase 2 so the way you accomplish phase 2 in OSPF is by tweaking the routing protocol to run as a broadcast network everybody okay with that you guys understand that how do you accomplish phase 2 in OSPF it's just working with the network type make sure the hub is the dr i'll put that in your notes as well make sure the the network type is broadcast the rest is all taken care of what about if I want to do phase one what was phase one hub-and-spoke where the next top does change right that's the characteristic of the OSPF Network type point-to-multipoint so if you change the network type to point-to-multipoint it will automatically do the changing of the next stop causing phase one UB becomes say that again hub ok hub becomes dr by setting priority on all the other routers to zero yes because the the spoke router setting to zero they won't participate in the dr PDR election so even if I have one on the hub that automatically becomes the the dr if you have a dual dual hub type of scenario you would set the the dr the priority to whichever one once whichever one you want the dr to be a little higher that is correct that is correct you know so this is phase two how do I do phase one on all the routers on the tunnel interfaces Tunnel one I would say IP ospf Network point-to-multipoint this is the the network type for Phase one why because this one will change the next top just like OHRP does by default the next drop behavior is controlled by your network type so now that I've changed it let me see make sure my neighbors are up yep they're all up with the - no D RVD our election process over here why I'm a point-to-multipoint Network type but if I check my routing table now it's all going to point towards what what is that that's your so if I do a trace to 10.33 three going through the and it's going to continue going to the hub because that's exactly what this does you so how do I do phase 1 and phase 2 in OSPF when you're running OSPF as your routing protocol over the dmvpn network you accomplish that by changing the network type everybody okay to that that's it that's that's how you do it it's as simple as that how about phase three phase three is exactly the same nhr p of n HR p redirect on the hub n HR p shortcut on the spokes because regardless of what i'm doing we're under my my time my routing protocol it always takes it from what you call it from n HR p because it overrides it so if i wanted to do that i would say i pn h RP redirect IP n HR p shortcut on the husband's box make sense guys so let me write this down for you guys over here does not run by default what's the reason reason being that OSPF treats the tunnel interface as a point-to-point interface which only allows a single neighbor say is one change the network type to point-to-multipoint in this network type on all devices by the way it needs to match the hub changes the next hop to itself causing the traffic go through the hub phase - so all I had to do over here was what tunnel one IP ospf network point-to-multipoint on all devices all right phase two I'll just copy it change the network type to in in the network type in this network type the hub does not change the next hop the next hop on the spokes points directly to the other spokes causing direct traffic communication between the spokes I'll do it differently over here on the hub done phase three is the same phase three you you because it really doesn't matter what the routing protocols does I'm going to override it anyways so what was the question that you guys had correct because I'm going to override it anyways absolutely correct that's always fear for phase 1 phase 2 phase 3 good let me just save this dmvpn yeah no problem once they can note let me save it in the proper place to make this you you all right IPIN HRP map multicast when our multicast packet comes in so when a routing update comes in so I'm sitting on let's say Rada - and I'm running eigrp as my routing protocol or OSP if it doesn't matter whatever item protocol I'm running the packet comes in because I've been able DHR P or OSP upon my tunnel interface is going to try to send an update a Hello packet on the tunnel interface using to 2400 X as a destination now what I need to do is I need to create the outer header over here so I can send it to the appropriate destination my normal maps are for unicast packets but this is a multicast packet so my source is my public address of the tunnel I need to create a mapping to specify if a multicast address is in the inner and header where do I send it to and exactly that's exactly what the NH RP not multicast us.the basically says if a multicast packet comes in which is to 2400 X whatever it is send it to my routing up if I don't do that it will not NHS is the normal energy stuff that you have is only for unicast packets it's not for multicast so I need to create a special entry for multicast specifying of a multicast packet comes in which is my eigrp OSPF rip all these updates where do I send it excess grade to make my multicast based routing protocols run I need to do that you you so on the dynamic is specify see if I'm on the hub that's a good question if I'm on the hub now simple because I'm only sending my update to the routing up but he needs to send that update that 224 he's also going to send a multicast update to whom I want to be able to send it to everybody but I don't know I don't have any manual maps or I don't even know the addresses of these other guys statically so I won't be able to configure map multicast and specify each of those public addresses so on the hub I say map multicast dynamic the reason for that is it says listen go into your NH RP table find out all the mappings that have been done dynamically and send an update to everyone because these are all your clients so if you go to the hub you will see a whole bunch of dynamic mappings that were done on the 192 168 open Network it says oh this is dynamically created so I'm going to send an update to this guy I'm going to send a multicast update as a unicast to 20.3 20.2 33 40.4 50.5 so I'm I'm actually going to send five unicast packets but the inner packet is a multicast pack so I can communicate to any device that comes up so if I have 100 or 200 devices that are registered I'm going to set an multicast hello packet to every one of them that has registered to me dynamically you otherwise I would need to do a multitude of knapp multicast on the top that is correct on the spokes you would always point to the hub as you're a unicast multicast now the other thing that you also need to understand Craig we haven't gone into that you have multi-tiered D MVP and diaper setups where you might have at the top you might have a dmvpn setup where these are two spokes and this then acts as a hub to another two spokes so you can also do that so you have a dmvpn tunnel over here and a dmvpn tunnel over here multi-tiered dmvpn setups as well you can do that asthma but yes it's a different tunnel but the concept I understand that you have the ability to scale it even further you all right sure why not well I'll sit with Catherine and set it up I'm a little busy the next two two weeks but after that in August we should be able to do that can you tell them all traffic through the DMV Peter you can run I as I as if you want dual hubs in HSR P manner not sure exactly what you're looking for with the dual love with HSR P H s RP would be on the inside right are you wanting to run it on the HS rps towards the client-facing type of thing you flex VPN is phase four no it gives you see right now just to give you an idea what flex VPN is right now let's say you want to do a spoke to spoke communication you set up a land to land VPN tunnel the configuration is different you want to do a multi-point VPN like we did over here that the spoke to spoke communication is allowed that is a completely different type of VPN setup if you want to do a client-server type of setup today you would do easy VPN so if you look at the configuration models of the 3d pians they are completely different flex VPN allows you the ability to to do all these configurations on in one place so that's what it is you what was this you you okay a little bit about myself oh I do thank you guys you in terms of training what type of training do I do I do routes which I do security I do service Prada I do data center I do CTD I do trainings on all the different subjects I do have 60 CIS and actually use them I teach on for them and I also the CCD as well if you want to get if you want to reach me my email address is who are be at oops who are b.com you can also I also have a youtube channel that Catherine referred to you this is a channel and you can take a look at a lot of different videos some of them if you guys are going for routes which these are some nice videos about things like running MPLS VPN with dmvpn using the internal vrf also using FB RF bunch of nice videos in terms of routing and switching where am i based out of I'm based out of out of a suitcase I travel a lot so I do I'm based out of Dubai go to London I do classes all around the world I do classes in LA as well for all the different subjects so if you need more information send me an email I'm actually starting a route switch class tonight thank you send me an email I'll send you the information about that generally there are yes but that's why I do the videos just on the technology perspective of it but the classes generally are based on that send me an email I'll send it to you I'll also post a schedule my next class for CTS security is on the weekends it's in August August 12 to 13 the weekend of August 12 of 13 currently I'm going to start the route search tonight which is morning for you guys and I'm currently doing the data center class I do have an annual package where you get access to all my classes for for a year for one cost which is a great value I think Kaplan has signed up for that and she can vouch for that I in that to get access to all my classes not necessarily from learning it from the CCI perspective from the technology perspective it's a great course it basically is all you CCI is in one shot in one year just send me an email on my email address I'll give you all the information about that thanks guys hope you guys enjoyed it have a nice weekend everybody thank you guys take care
Info
Channel: routergods
Views: 9,693
Rating: 4.9658117 out of 5
Keywords: khawar, ccie, ccde, training, routergods, dmvpn, eigrp, ospf
Id: _PIVvj_oRz8
Channel Id: undefined
Length: 113min 3sec (6783 seconds)
Published: Sat Jul 15 2017
Related Videos
Service Provider - Intra AS L2VPN 009 - VPLS Overview and Manual Configuration
Rob Riker's Tech Channel
2.5K
DMVPN Explained | DMVPN Tunnels Part 1
Network Direction
35K
LabMinutes# SEC0003 - Cisco DMVPN Redundancy and Failover with Dual Hub Dual Cloud Configuration
Lab Minutes
18K
IWAN: Why EIGRP or BGP over the DMVPN Tunnels?
Cisco CPOC
7.1K
AWS Certified Cloud Practitioner 2021 FULL COURSE for Beginners (2019 Course Updated)
ClayDesk E-Learning
116K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.