• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 407
  • Last Modified:

Cisco GRE tunnel endpoint and physical i/f on different routers

I have a situation where I need to have our GRE tunnel being decaped on our edge router however the physical terminating interface for the subnet sent over the GRE tunnel is on a different router.

I have this working well on a single router, but for other reasons I now need to split it across two routers.

Ie (simplified):

WAN-------[0 edge 1]---------------[0 core 1]-----aaa.aaa.aaa.0/24

Edge is where the GRE tunnel is configured.
the aaa.aaa.aaa.0/24 network is sent to us from our ISP via the GRE tunnel
The aaa network is configured on the physical i/f on core.

Assume for now that the link between edge and core is 10.0.0.1<---->10.0.0.2

On edge I have the following

int tunnel 0
 ip unnumbered FastEthernet0
 ip mtu 1472
 tunnel source FastEthernet0
 tunnel destination xxx.xxx.xxx.xxx

Open in new window

On the core I have

int fastethernet 1
 ip address aaa.aaa.aaa.1 255.255.255.0

Open in new window


I need to do a couple of things (where I need help).  

Edge:
1. Tell the traffic exiting the tunnel to route to the core router.
2. Tell traffic coming in from other i/f with a source add of aaa.aaa.aaa.0/24 to go via the tunnel.

Core:
1. Tell the traffic ingress from FE1 to route over to the core router.

I tried playing around with some static routes and an route-map but could not get it working properly (ended up with some routing loops, etc).

Suggestions ?
0
RescueIT
Asked:
RescueIT
  • 2
2 Solutions
 
asavenerCommented:
Edge:
1. Tell the traffic exiting the tunnel to route to the core router.
This should just be via a route statement.

2. Tell traffic coming in from other i/f with a source add of aaa.aaa.aaa.0/24 to go via the tunnel.
Typically you route based on destination rather than source.  If you want to route based on source address, you have to implement policy-based routing.

1. Tell the traffic ingress from FE1 to route over to the core router.
Again, once you have all of your routes in place, this should not be necessary.  Just make sure your routing tables all have the appropriate next-hops for the destination subnets.
0
 
RescueITAuthor Commented:
I sorted it out.  I had made the mistake of not turning on ip routing on one of the boxes.

In summary, I added routes to edge and core and a route-map on FE1 (edge) to get the traffic across to the tunnel.
0
 
RescueITAuthor Commented:
Found the complete solution by myself.  Points to asavener for providing some correct info (even though I didn't need to use it).
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now