Exam 300-730 topic 1 question 52 discussion

Es A, probado en mi Lab ,no se por que en algunas partes dice que el nhrp network id debe hacer match . Cuando puse diferentes tunnel key si bien el SA se formaba exitosamente el tráfico no pasaba.

I think the confusion is "The Cloud". The net-id is locally important as you have more than one DVMPn tunnel, and the net-id helps to distinguish between the. GRE tunnel key on a tunnel must match other DMVPN routers it want connect with (Note each DMVPN tunnel has a its own key; kinda like a passport to join that cloud's communication group).

ChatGPT confirmed my suspicions that B was correct. In a DMVPN Phase 3 cloud, the NHRP network ID must match on all routers. This parameter ensures that all routers within the DMVPN network can correctly participate in NHRP (Next Hop Resolution Protocol) operations and dynamically establish direct spoke-to-spoke tunnels. Additionally, other important parameters that should be consistent across all routers include: Tunnel key (if configured) IPsec policies (if encryption is used) GRE tunnel mode (should be GRE multipoint for spokes

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_dmvpn/configuration/15-mt/sec-conn-dmvpn-15-mt-book/sec-conn-dmvpn-dmvpn.html

I think is A-> "Notes: NHRP network IDs are locally significant and can be different. It makes sense from a deployment and maintenance perspective to use unique network ID numbers using the ip nhrp network-id command) across all routers in a DMVPN network, but it is not necessary that they be the same." https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_dmvpn/configuration/15-mt/sec-conn-dmvpn-15-mt-book/sec-conn-dmvpn-dmvpn.html

Interfaces configured with the same ID are part of the same logical NBMA network. The ID is a local only parameter and is not sent to other NHRP nodes and so IDs on different nodes do not need to match

A is optional. The question is "must match". Therefore B

NHRP Configuration Guide, Cisco IOS XE Gibraltar 16.11.x Cisco https://www.cisco.com › ... › Configuration Guides 25 Apr 2019 — The NHRP network ID is a local only parameter. It is significant only to the local router and is not transmitted in NHRP packets to other NHRP ...

In a DMVPN (Dynamic Multipoint Virtual Private Network) Phase 3 cloud, the parameter that must match on all routers is the NHRP (Next Hop Resolution Protocol) Network ID. The NHRP Network ID is used to identify and group routers together within the DMVPN network. It ensures that routers can communicate with each other and exchange routing information correctly. On the other hand, the GRE (Generic Routing Encapsulation) Tunnel Key is used to differentiate multiple tunnels between the same source and destination IP addresses. Each tunnel will have a unique GRE Tunnel Key, which helps in identifying and forwarding traffic correctly within the DMVPN network. So, to summarize, the parameter that needs to match on all routers in a DMVPN Phase 3 cloud is the NHRP Network ID. If this parameter is consistent across all routers, they will be able to establish connectivity and exchange routing information seamlessly.

Answer correct is B The NHRP (Next Hop Resolution Protocol) network ID is a critical parameter that identifies the DMVPN network. It must be the same on all routers participating in the DMVPN Phase 3 deployment. The NHRP network ID is specified within the configuration and is used to group routers within the same DMVPN network.

A. Note NHRP network IDs are locally significant and can be different. It makes sense from a deployment and maintenance perspective to use unique network ID numbers (using the ip nhrp network-id command) across all routers in a DMVPN network, but it is not necessary that they be the same. https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_dmvpn/configuration/15-mt/sec-conn-dmvpn-15-mt-book/sec-conn-dmvpn-dmvpn.html

A is correct

Tunnel key is optional in phase 3, but if you have one it must match on all routers in an NHRP domain, and if you do not use a tunnel key, you must not use it on any router in the NHRP domain (meaning technically it has to match, whether it's there or not). I vote A. https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_dmvpn/configuration/15-mt/sec-conn-dmvpn-15-mt-book/sec-conn-dmvpn-dmvpn.html

Name ip nhrp network-id — interface Synopsis ip nhrp network-id id no ip nhrp network-id id Configures Enables NHRP Default Disabled Description This command enables NHRP on an interface by assigning a unique identifier for the network. All hosts participating in NHRP on a logical NBMA network must use the same network ID. id can be from 1 to 4,294,967,295.

It is B. https://journey2theccie.wordpress.com/2020/04/17/dmvpn-phase-3-configuration/ tunnel key is optional

NHRP Network ID needs to match

using a tunnel key on the GRE interfaces places each GRE interface into a different NHRP domain, which is equivalent to each being in a unique DMVPN network.