DMVPN (Dynamic Multipoint VPN) is an evolved version of hub and spoke VPN tunnels (p.s. DMVPN itself is not a protocol, but it’s just a design concept). A generic hub and spoke topology implements static tunnels (using GRE or IPsec) between a centrally located hub router and its spokes, which generally attach branch offices. Each new spoke requires additional configuration on the hub router, and traffic between spokes must be detoured through the hub to exit one tunnel and enter another. While this may be an acceptable solution on a small scale, but it’s not feasible solution if the spokes multiply in numbers.
DMVPN offers an excellent solution to this problem: multipoint GRE tunneling. A GRE tunnel encapsulates IP packets with a GRE header and a new IP header for transport across an untrusted network (typically internet or point to point links). Point-to-point GRE tunnels have exactly two endpoints, and each tunnel on a router requires a separate virtual interface with its own independent configuration. Conversely, a multipoint GRE tunnel allows for more than two endpoints, and is treated as a non-broadcast multiaccess (NBMA) network.
In short, DMVPN is combination of the following technologies:
1) Multipoint GRE (mGRE)
2) Next-Hop Resolution Protocol (NHRP)
4) Dynamic Routing Protocol (EIGRP, RIP, OSPF, BGP)
3) Dynamic IPsec encryption
5) Cisco Express Forwarding (CEF)