Re: GRE Tunnel on Cisco 7600-SUP720

pbenin · ‎05-23-2011

Hi all.

We work on a Cisco7600 with SUP720-BXL.

We need to create some VRF-Aware GRE Tunnels.

Are there some limit to the number of GRE Tunnel interfaces ?

What are the throughput performance expected ?

Is there some impact to the CPU load ?

Thank you very much.

rsimoni · ‎05-26-2011

Hi,

the limit comes from scalability considerations.

On Sup720 in order to have full hardware acceleration each and every GRE interface MUST have a unique source.

If you share the same source (i.e. same loopback interface) across all the GRE tunnels traffic will be software switched (by the CPU) and the limit will be the inband channel (IBC) path to/from the RP which is 1Gbps.

Hence the actual limit is the number of free IP addresses you have.

CSCdy72539 documents this.

Also, if your Sup720 is supposed to handle both the GRE encapsulation and the MPLS imposition/disposition the command "mls mpls tunnel-recir" is needed to avoid packet corruption.

If GRE are correctly handled in hw no impact to the CPU is expected.

About the performance you can expect the same troughtput you have from other interfaces minus the overhead coming from packets recirculation (enabled by the command above) which is minor.

Regards,

Riccardo

pbenin · ‎05-27-2011

Thank you for your explanation Riccardo.

Unfortunately my IOS release 12.218SXF doesn't support the feature "VRF-Aware GRE Tunnels" so I can't associate the GRE Tunnel interfaces to different VRFs (with tunnel sources and tunnel destinations IP in a specific VRF).

Are there some workarounds?

rsimoni · ‎05-27-2011

well, if your IOS does not support vrf aware GRE tunnels (destinations) the Ip addresses of the destination must be in global table.

But honestly I don't recommend you to play with vrf leaking.

You should move to 12.2(33)SRx code instead (or 15.0) and plan an upgrade.