Solved

Cisco GRE tunnel endpoint and physical i/f on different routers

Posted on 2014-02-27
3
403 Views
Last Modified: 2014-03-07
I have a situation where I need to have our GRE tunnel being decaped on our edge router however the physical terminating interface for the subnet sent over the GRE tunnel is on a different router.

I have this working well on a single router, but for other reasons I now need to split it across two routers.

Ie (simplified):

WAN-------[0 edge 1]---------------[0 core 1]-----aaa.aaa.aaa.0/24

Edge is where the GRE tunnel is configured.
the aaa.aaa.aaa.0/24 network is sent to us from our ISP via the GRE tunnel
The aaa network is configured on the physical i/f on core.

Assume for now that the link between edge and core is 10.0.0.1<---->10.0.0.2

On edge I have the following

int tunnel 0
 ip unnumbered FastEthernet0
 ip mtu 1472
 tunnel source FastEthernet0
 tunnel destination xxx.xxx.xxx.xxx

Open in new window

On the core I have

int fastethernet 1
 ip address aaa.aaa.aaa.1 255.255.255.0

Open in new window


I need to do a couple of things (where I need help).  

Edge:
1. Tell the traffic exiting the tunnel to route to the core router.
2. Tell traffic coming in from other i/f with a source add of aaa.aaa.aaa.0/24 to go via the tunnel.

Core:
1. Tell the traffic ingress from FE1 to route over to the core router.

I tried playing around with some static routes and an route-map but could not get it working properly (ended up with some routing loops, etc).

Suggestions ?
0
Comment
Question by:RescueIT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 28

Assisted Solution

by:asavener
asavener earned 200 total points
ID: 39899228
Edge:
1. Tell the traffic exiting the tunnel to route to the core router.
This should just be via a route statement.

2. Tell traffic coming in from other i/f with a source add of aaa.aaa.aaa.0/24 to go via the tunnel.
Typically you route based on destination rather than source.  If you want to route based on source address, you have to implement policy-based routing.

1. Tell the traffic ingress from FE1 to route over to the core router.
Again, once you have all of your routes in place, this should not be necessary.  Just make sure your routing tables all have the appropriate next-hops for the destination subnets.
0
 

Accepted Solution

by:
RescueIT earned 0 total points
ID: 39899237
I sorted it out.  I had made the mistake of not turning on ip routing on one of the boxes.

In summary, I added routes to edge and core and a route-map on FE1 (edge) to get the traffic across to the tunnel.
0
 

Author Closing Comment

by:RescueIT
ID: 39912013
Found the complete solution by myself.  Points to asavener for providing some correct info (even though I didn't need to use it).
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Cisco RV042 router is a popular small network interfacing device that is often used as an internet gateway. Network administrators need to get at the management interface to make settings, change passwords, etc. This access is generally done usi…
We recently endured a series of broadcast storms that caused our ISP to shut us down for brief periods of time. After going through a multitude of tests, we determined that the issue was related to Intel NIC drivers on some new HP desktop computers …
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question