Re: Bridging over GRE tunnel

emahat · ‎05-07-2003

Dear expert,

Currently I have problem running bridging over GRE tunnel.We are using cisco 3640 but somehow under tunnel 0, the is no 'bridge-group 1' command.We are trying to get the IOS that support the command under tunnel 0 but to no avail.Can someone help me ? Thanks

--ran

davidjmeier · ‎05-07-2003

Are you trying to channel more ports over the tunnel? That is, in essence, what the bridge-group command is for.

To setup a tunnel with one interface you'll need at minimum:

interface Tunnel0

!--- Tunnel interface 0

ip address 192.168.20.1 255.255.255.0

!--- Ip address of the gre tunnel interface 0

tunnel source Ethernet0

!--- Ip source of the tunnel. It's best to make this an

!--- interface with a public, routable IP address so that

!--- it's reachable from the other endpoint of the tunnel.

tunnel destination 11.11.11.11

!--- Ip destination of the tunnel. Make sure this is

!--- reachable via the "ping" command otherwise the

!--- tunnel will not be created properly.

!

interface Ethernet0

ip address 9.9.9.9 255.255.255.0

Then on the other end, you'll have the same thing, but 9.9.9.9 will be the destination. You'll also need 192.168.0.2 as the other tunnel interface.

This is straight from Cisco and works in our production environment...

Good luck!

emahat · ‎05-07-2003

David,

Currently I succesfully create the GRE tunnel but I want to test that both end have the same broadcast domain and I try to configure 'bridge-group 1' under

tunnel 0 but somehow it cannot works because my IOS doesn't support command bridge-group under tunnel 0 .

--emran

wblervac · ‎05-09-2003

Emran,

Just forget it!

You can not bridge over a GRE tunnel. You need to find another solution.

wim

emahat · ‎05-11-2003

Wim,

Thanks .So how am I going to solve my problem ? . OK, lets say I create tunnel and want the to do bridging over that tunnel , which tullel type that support bridging ? Really appreciate you reply on this matter.Thanks

--emran

paul.woodford · ‎05-20-2003

Emran

You will need to look at L2TPv3.....go to the cisco web site and do a search on L2TPv3.

Paul

hbolliger · ‎07-16-2003

emran,

i used to use "bridging over GRE tunnel" quite often (before the L2TPv3 was rolled out). It works, with some limitations:

1. CPU Utilization is heavy. as an example, on a 2621 you get a throughput of 2 Mb at 100% CPU utilization.

2. the command bridge-group x ist an officially unsupported command. if you enter ist in config mode, the IOS will reply with something like "This is an unsupported command", but nevertheless, the command is placed into the config.

3. very important: the spanning tree doen't work correctly. Even if a port is shown as blocked in the display of "show spann x", it isn't really. Therefore, to avoid potential spanning tree loops, you must carefully assign the costs per port in a way, that the blocked port is not the one on the GRE tunnel.

4. the command "show bridge x" doesn't display the packet counters for the GRE interface.

5. and finally, the BVI doesn't work in conmbination with "bridging over GRE tunnel".

To summarize, it works (try with a bridge-group other tan 1), but L2TPv3 is definitely the way to go. Hopefully, you'll find it in IOS 12.3T.

regards

HRB

infomil · ‎09-19-2003

Hello,

I read your post about "bridging over GRE tunnel", it works for me except one thing and I wonder if you know why : on one side I got DHCP client and a DHCP server (W2K) on the other side. But the client can't get an IP address lease from the DHCP server.

Are you seeing why ?

Thanks

CRO

emahat · ‎09-21-2003

CRO,

What cisco router that you're using ? 7200 or 3640 .

Can you give the configuration to me . Thanks

--emran

vmiller · ‎12-17-2014

look at using a ip helper-address.

http://www.ipbalance.com/tcpip/dhcp/107-how-to-use-ip-helper-address-to-connect-remote-dhcp-server.html

ciscomocsic · ‎12-17-2014

Found it...

https://supportforums.cisco.com/discussion/12115666/how-configure-ethernet-over-gre

ciscomocsic · ‎12-17-2014

It's a hidden command. Even do, you might get a warning messasge stating this is obsolete and unsupported, it still technically a valid configuration. Legacy, but works.

Keep in mind there are better solutions for this kind of connections. But you can try it, it's simple anyways.

Host1---Fa0/0--R1-------------GRE------------R2--Fa0/0---Host2

1. Create a Loopback intf. on both routers and ensure L3 connectivity between them.

2. Create bridge:

router(config)#bridge 1 protocol ieee

3. Create a GRE tunnel interface (dont configure IP's):

router(config)# interface tun0

router(config-if)# tun source loopback x

router(config-if)# tun destination <other router loopback ip>

router(config-if)# bridge-group 1

**This is a hidden cmd. You will get a warning message, but ignore it**

3. Attach Physical Interface to Bridge as well:

router(config)# interface Fa0/0

router(config-if)# bridge-group 1

4. Configure the Hosts IP addresses to be on the same IP Segment and validate communication between them.

You can try this on GNS3 as well. I made a diagram and a brief explanation at another thread, but really don't remember how to get to it.

Once again, this is legacy and there are better ways to achieve this. But for small implementations this is valid and easier. It also helps to understand the newer versions/enhancements to this as well.

HTH

Alan Ng'ethe · ‎07-31-2019

Yep, That was it!

Remember to rate helpful posts and/or mark as a solution if your issue is resolved.