We are running our glorious DMVPN with one hub and some spokes across the globe.
The hub is mapping spokes endpoint through NBMA address, which is typically a public address.
But what happen if our spokes links are running over a public dynamic address allocation?
How can the hub learn the new address?
With default configuration NHRP will allow the spoke to register to the hub with a unique-flag, which will
preserve the mapping for the whole hold time registration (default 2 hours).
10.107.194.4/32 via 10.107.194.4
Tunnel501 created 6w0d, expire 01:21:37
Type: dynamic, <strong>Flags: unique registered</strong>
NBMA address: 10.139.2.78
And this will also deny any new registration if the NBMA (public) address has changed in the meantime.
Any solution? Just enabling each spokes Tunnel interface:
ip nhrp registration no-unique
And now we are happily mapping the new public address every time NHRP try e new registration towards the hub.
10.107.171.58/32 via 10.107.171.58
Tunnel3002 created 00:45:13, expire 01:16:49
Type: dynamic, Flags: registered
NBMA address: 10.1.2.3
(Claimed NBMA address: 192.168.1.2)
What means “Claimed NBMA” address? This is related to how DMVPN can figure out spokes behind NAT devices.
And this aslo could be next post topic.