I’ve been aware of DMVPN for quite some time but had never taken the time to dive into it to find out what it is all about. So I took some time last week to finally do some research on the topic and learned quite a few things. In the video below I talk a little about just what DMVPN is and what it allows you to do and then go thru a configuration excersise to show what it’s all about.
I still have several questions about DMVPN and mGRE tunnels that I mention in the video so if you know the answers please post a comment.
Can you configure it so the spoke sites are IGP neighbors to each other and do not have to get their routing updates from the hub site?
In this video I explore how to use object tracking to influence route decisions. In the first example I’ll show you how to track an entry in the routing table. For the second example I step it up a notch and introduce IP SLA which allows us to track objects that are outside our sphere of influence.
Once IP SLA is introduced into the equation, object tracking become a much more powerful tool, but it also becomes as bit more complex to juggle all the pieces.
I also take a quick look and how a Cisco ASA appliance handles tracking of static routes and compare that to what I did with the router in the video.
I’ve been running Android 2.3.4 on my Nook Color for quite a while now using the CyanogenMod 7 mod. I’ve been very happy with the performance of the unit. It’s very easy to do, and you don’t need to worry about turning your Nook Color into a brick. Best of all, a Nook Color only cost about $250, which is a lot cheaper than any other option out there. As my wife will attest to, if there is one thing I am, it is cheep!
Here are a few useful links to get you thru the process:
Cyanogen internal installation - if you wanna jump off the deep end and overwriting the Android OS on the Nook. You’ll get better performance doing it this way.
Installing Cyanogen on a micro-SD card – if you want to take the “try it and see” approach. This allow you to boot off a mico-SD and not have to make any changes to your Nook at all. If you go this route, as I did, get a good micro-SD card such as ScanDisk, otherwise you see very poor performance.
As promised a few days back, I have completed a video on the basics of policy-based routing. In this video I start with a bare-bones network and explore how to use a route-map to implement the written policy. Along the way I’ll show you how a route-map affects the routing table (it doesn’t) and what to look for when troubleshooting route-maps.
I’ve also included the use of the command mentioned in a previous post; IP local policy, to test/troubleshoot route-maps on the Cisco devices that are originating the packets.
If you’ve ever tested a route-map on your Cisco switch/router, you’ll quickly start to panic when you find out your packets are not being redirected as you expected.
Route-map applied to correct interface? Check.
ACL correct? Check.
ACL counters increasing? Houston we have a problem…
If you are at all like me, after you panic for a few moments and run thru the basic verification above, you may decide to test using a host system such as a PC or server. Whew, it works after all.
This is because, by default, Cisco switches will not route packets they source as dictated by a route-map. However, there is a command you can include in your config to over-ride this behavior.
IP local policy route-map <name of your route-map>
With this command in place, packets you source locally from the router/switch will be routed per the dictates of any route-maps you have defined and applied to the proper interfaces.
I’ll be posting a video demonstration of this command to the blog in the next day or two, so stay tuned.
This video is demonstrates the power and flexibility of GRE tunnels to connect two (or more) sites across an untrusted public WAN, the internet.
In this simulation I start with two sites connected to the internet. A GRE tunnel is created between the sites and both sites added to the same OSPF area. Then a crypto map is created and applied to the tunnel to provide IPSec security on data transferred between the sites.
Some time back I found an article on one of the blogs I read about how to use macros with Cisco IOS. I had never done this before so thought it would be fun to set it up and try it out.
