What is Next Hop Resolution Protocol (NHRP)?

Beverly McRae

NOTE: NHRP Configuration requires a feature license. Go to System Settings → Feature Licenses to enable this feature.

Next Hop Resolution Protocol is a protocol used to discover addresses of clients on Non-Broadcast Multiple Access (NBMA) networks. It is used to create next-generation VPN technologies that allow shortcutting between spokes. With NHRP, systems attached to an NBMA network dynamically learn the NBMA address of the other systems that are part of that network, allowing these systems to directly communicate without requiring an intermediate hop.


The NHRP Supported Interfaces table displays the following fields for each configured NHRP interface.

  • Name: Name of the GRE tunnel that NHRP will use.
  • Protocol Address/Prefix: GRE tunnel endpoint mapping that NHRP associates with the NBMA server.
  • NBMA Address: NBMA server address the protocol address/prefix is associated with.
  • Flags:
    • SD: Shortcut-Destination
    • N: Non-Caching
    • S: Shortcut
    • R: Redirect   Click Add to create a new NHRP interface.


  • Enabled: Enable or disable the interface.
  • Name: Give the interface a unique name that matches the mGRE (multipoint GRE) tunnel. Select from configured GRE tunnels or input manually.
  • Peer Authentication: Embeds the secret plaintext password to outgoing NHRP packets. Incoming NHRP packets on this interface are discarded unless this password is present. Max length: 8 characters.
  • Holding Time: Specifies the holding time for NHRP registration requests and resolution replies.
  • Shortcut-Destination: Reply with authoritative answers on NHRP resolution requests destined to addresses in this interface (instead of forwarding the packets).
  • Non-Caching: Disables caching of peer information from forwarded NHRP resolution reply packets.
  • Shortcut: Enable creation of shortcut routes.
  • Redirect: Enable sending of proprietary enterprise-style NHRP traffic indication packets.

You also have the option to create static mappings for this interface. Click Add in the table to open the static mapping editor.


  • Protocol Address: Mapped endpoint to from protocol address to NBMA address.
  • Protocol Prefix: Optional prefix for protocol address.
  • NBMA Address: Destination mapped address from protocol address/prefix.
  • Register: This optional parameter specifies that a Registration Request should be sent to this peer on startup (displays flag R in the static mapping table if selected).
  • Proprietary OS: This should be enabled if the statically mapped peer is running proprietary OS (displays flag C in the static mapping table if selected).