Re: backup interface tunnel and gre keepalive

aljoush12 · ‎12-26-2023

Hello Experts,

I am testing IPSEC tunnel failover in my virtual lab. I am using IOSv for this test. On the spoke router, I have two VRF-aware tunnels. Tunnel 10 uses vrf A and Tunnel 9 uses vrf B. I am using iBGP over the tunnel. Tunnel 10 uses the primary physical link gi0/1 and Tunnel 9 uses the secondary physical link gi0/2. Both my tunnels are up and I can reach the remote PC connected to the HUB router. I want to use Tunnel 10 as my primary tunnel and tunnel 9 as my backup tunnel. So I configured "backup interface tunnel 9" on tunnel 10 and gre keepalive which put tunnel 9 in standby mode and down. If I shut down the physical interface gi0/1, tunnel 10 doesn't go down and tunnel 9 keeps staying in standby mode and down. Could you let me know what I am doing wrong here, please? or point me to documentation.

MHM Cisco World · ‎12-26-2023

Share topolgy and config of spoke

MHM

balaji.bandi · ‎12-26-2023

can you post topology and configuration here to check what is missing :

you can also achieve different method example :

https://www.cisco.com/c/en/us/support/docs/security-vpn/dynamic-multi-point-vpn-dmvpn/119022-configure-dmvpn-00.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Richard Burts · ‎12-27-2023

I believe that the issue is how you are generating the failure: " If I shut down the physical interface gi0/1". My experience is that when using backup interface that if you shut down the interface the IOS says you intended the change and does not invoke the failover. I suggest that you unplug the interface and see if that does not activate the failover.

HTH

Rick