What is the primary function of the Next Hop Resolution Protocol (NHRP)?
Provides address resolution for hosts on nonbroadcast multi-access (NBMA) networks
This protocol helps in determining the next hop address for data packets in specific network configurations.
What are NHRP next-hop servers (NHSs) responsible for?
- Registering addresses or networks
- Maintaining an NHRP repository
- Replying to queries from next-hop clients (NHCs)
NHSs play a crucial role in the NHRP protocol by managing address registrations and responding to client queries.
What is the NBMA address?
The transport (underlay) address
What is the purpose of Redirect messages in DMVPN Phase 3?
To notify the encapsulator that a specific network can be reached by a more optimal path
This involves using a spoke-to-spoke tunnel.
In DMVPN Phase 1, where are VPN tunnels created?
Only between spoke and hub sites
Traffic between spokes must traverse the hub to reach any other spoke.
What does DMVPN Phase 2 provide beyond DMVPN Phase 1?
Additional capability for spoke-to-spoke communication
It allows the creation of an on-demand VPN tunnel between the spoke devices.
True or false: DMVPN Phase 2 allows summarization.
FALSE
DMVPN Phase 2 does not allow next-hop preservation.
What does Phase 2 of DMVPN not support?
Spoke-to-spoke communication between different DMVPN networks
This limitation affects multilevel hierarchical DMVPN configurations.
In DMVPN Phase 3, what type of message does the hub send to the spoke that originated the packet flow?
NHRP redirect message
This message provides the necessary information for the spoke to resolve the destination host/network.
What is the purpose of the NHRP redirect message in DMVPN Phase 3?
To provide necessary information for the originator spoke to initiate a resolution of the destination host/network
This allows for more efficient routing and communication between spokes.
In DMVPN Phase 3, what does NHRP do with paths?
NHRP installs paths in the routing table for the shortcuts it creates
This allows for more efficient routing by enabling direct communication between spokes.
What does NHRP shortcuts modify in the routing table?
- The next-hop entry for existing routes
- Adds a more explicit route entry
This modification enhances routing efficiency and reduces latency.
What does DMVPN Phase 3 support in terms of network management?
Summarization of networks at the hub
This allows for more efficient routing and management of multiple spoke routers.
What command is used to configure the DMVPN tunnel as an mGRE tunnel?
tunnel mode gre multipoint
This command sets the tunnel mode to multipoint GRE, which is essential for DMVPN configurations.
What command is used to enable NHRP on the tunnel interface?
ip nhrp network-id 1-4294967295
This command uniquely identifies the DMVPN tunnel for the virtual interface.
What is the significance of the NHRP network ID?
Locally significant
It is used to identify a DMVPN cloud on a router.
Multiple tunnel interfaces can belong to the same DMVPN cloud. True or False?
TRUE
This allows for flexibility in network design.
Where you link the IKEv2 keyring to when configuring IPsec?
IKEV2 Profile
What two configuration settings do you need to link within the IPsec Profile?
set IKEV2 profile and transform-set
Where do you set transport or tunnel mode when configuring IPsec?
crypto ipsec transform-set
mode transport
Where do you link the front door VRF when configuring IPsec?
Under IKEv2 Profile
match fvrf name
What do you need to match in the ikev2 profile?
match identity remote address 0.0.0.0
What is the purpose of IKE SA?
Used for control plane functions like IPsec key management and management of IPsec SAs
IKE SA is essential for establishing secure communication in IPsec.
What is the purpose of IPsec SA?
Used for data plane functions to secure data transmitted between two different sites.
