GRE tunnel problem

tjin · ‎09-24-2003

I'd like to test simple GRE tunnel between two routers.

Routing between the two routers are fine. However I can't ping the tunnel interface. Debug tunnel only shows outbound packets:Tunnel0: GRE/IP encapsulated 2.2.2.2->172.32.10.1 (linktyp e=7, len=88), no input.

If I enable keepalive on tunnel interface, the interface will go down.

Did I miss anything?

Router2#sh int tun 0

Tunnel0 is up, line protocol is up

Hardware is Tunnel

Internet address is 172.32.20.2/24

MTU 1514 bytes, BW 9 Kbit, DLY 500000 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation TUNNEL, loopback not set

Keepalive not set

Tunnel source 2.2.2.2, destination 172.32.10.1

Tunnel protocol/transport GRE/IP, key disabled, sequencing disabled

Tunnel TTL 255

Checksumming of packets disabled, fast tunneling enabled

Last input 01:40:26, output 00:00:02, output hang never

Last clearing of "show interface" counters never

Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0

Queueing strategy: fifo

Output queue: 0/0 (size/max)

5 minute input rate 0 bits/sec, 0 packets/sec

5 minute output rate 0 bits/sec, 0 packets/sec

0 packets input, 0 bytes, 0 no buffer

Received 0 broadcasts, 0 runts, 0 giants, 0 throttles

0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort

559 packets output, 41156 bytes, 0 underruns

0 output errors, 0 collisions, 0 interface resets

0 output buffer failures, 0 output buffers swapped out

Here is the config:

Router 1

interface Loopback0

ip address 172.32.10.1 255.255.255.255

!

interface Tunnel0

ip address 172.32.20.1 255.255.255.0

tunnel source 1.1.1.1

tunnel destination 172.32.10.2

!

interface FastEthernet0/0

ip address 172.32.1.1 255.255.255.0

duplex auto

speed auto

!

interface FastEthernet0/1

ip address 1.1.1.1 255.255.255.0

duplex auto

speed auto

no keepalive

!

router ospf 100

log-adjacency-changes

network 172.32.0.0 0.0.255.255 area 0

!

Router 2:

interface Loopback0

ip address 172.32.10.2 255.255.255.255

!

interface Tunnel0

ip address 172.32.20.2 255.255.255.0

tunnel source 2.2.2.2

tunnel destination 172.32.10.1

!

interface FastEthernet0/0

ip address 172.32.1.2 255.255.255.0

duplex auto

speed auto

!

interface FastEthernet0/1

ip address 2.2.2.2 255.255.255.0

duplex auto

speed auto

no keepalive

router ospf 100

log-adjacency-changes

network 172.32.0.0 0.0.255.255 area 0

deilert · ‎09-24-2003

I think your problem is that you can not ping the tunnel source from the remote end

i.e from router2 you can not ping 1.1.1.1 and from router 1 you can not ping 2.2.2.2 . THis is most likely due to the fact you are not advertising these subnets . If you change the tunnel source on router 2 to 172.32.1.2 and the tunnel source on router 1 to 172.32.1.1 it should work , it looks like you are advertising those routes .

Another thing you should look at is the no keep statement under the FE interfaces , this should be removed , it will give the appearance that an interface is up when it relly is not .

tjin · ‎09-24-2003

I'm not trying to ping the tunnel source. I'm pinging tunnel interface itself. Are they pingable? I'd assume tunnel interface would be like any kind of point to point link, that can ping each other, and can form ospf adjacency. However none of these are happening here. I removed no keepalive statement under FE, it didn't change anything.

deilert · ‎09-24-2003

In order to ping the ip address of the tunnel on the remote end you must be able to also ping the tunnel destination .

remember a tunnel is just a virtual pipe, to get to the ip of the remote end of the tunnel you must traverse a physical path , if you can not get to the ip address of the tunnel destination (the end of the physical path ) then how are you going to be able to ping the ip address of the tunnel (the end os the virtual path)?

ruwhite · ‎09-24-2003

You can't ping 172.32.20.1 in this situation. I would think you should be able to ping 172.32.20.2, assuming that's the other end's tunnel interface (?).

Russ.W

tjin · ‎09-24-2003

I can't ping either of them.

And I changed source interfaces, tunnel mode to IP/IP. Didn't help at all.

jawad1979 · ‎09-25-2003

Hi,

Can you please try these static routes on the routers:

R1: ip route 172.32.10.2 255.255.255.255 fast0/1

R2: ip route 172.32.10.1 255.255.255.255 fast0/1

This is to define the tunnel destination output interface on each of the routers.

In your case, the tunnel destination (the loopback on the other side) must be learned through OSPF by both routers, if there is an override of OSPF learned routes by any condition, problems may arise.

Hope I helped