Solved: Re: GRE over BGP

arunkumarravi · ‎12-05-2022

I have 3 routers R1, R2, R3 connected within same AS (IBGP).

I would like to establish a GRE tunnel between R1 and R3, can someone share me some guide please.

MHM Cisco World · ‎12-06-2022

R1-R2-R3
in R1


ip route 0.0.0.0 0.0.0.0 <R1-R2 link IP>
!
router bgp 100 
neighbor <R3 tunnel IP>  remote-as 100
network LAN <<< LAN you want to pass through tunnel

in R3


ip route 0.0.0.0 0.0.0.0 <R3-R2 link IP>
!
router bgp 100 
neighbor <R1 tunnel IP>  remote-as 100
network LAN <<< LAN you want to pass through tunnel

do this step
and finally share

show ip bgp

I will check

View solution in original post

Richard Burts · ‎12-06-2022

The original poster asks "may I know what was the reason behind this". The answer is that in the earlier implementation the tunnel existed, but there was no routing logic that used the tunnel. When you change BGP to use the tunnel addresses then there is routing logic that uses the tunnel.

HTH

Rick

View solution in original post

balaji.bandi · ‎12-06-2022

what is the use case here, why you like to have GRE tunnel when there is already connection (GRE tunnel not a secure tunnel)

Also you need explain the config, if you using same interface IP where iBGP running, that may break your iBGP peering (just in case)

basic GRE tunnel config can be find here :

https://community.cisco.com/t5/networking-knowledge-base/how-to-configure-a-gre-tunnel/ta-p/3131970

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

arunkumarravi · ‎12-06-2022

HI Balaji.
Yeah I understand that GRE will just encapsulate the header and no encryption but I am curious to know if we can use BGP route instead of static.

Consider the below topology:



192.168.1.0 >>(etho) R1(eth1) >>>>(eth0) r2 (eth1)>>>(eth0) r3 (eth1) >>> 192.168.2.0

R1 config.



Tunnel IP is 1.1.1.1 and INterface ip is 4.1.1.1 (eth1).
r1 and r2 are neighbors(BGP) , R1 belongs to AS 2 and R2 Belongs to AS 3

R2 config:


Eth0 Ip is 4.1.1.2 and eth1 IP is 5.1.1.1
R2 Belongs to AS 3.

R3 config.


Eth0 ip is 5.1.1.2 and Eth1 Ip is 192.168.2.1.
Tunnel Ip is 2.2.2.2.
AS of r3 is 3 and it is neighbor to r2.

This my config.

And instead of BGP if I have static route then I need to create a static route on R1 and R2 with Remote tunnel Ip as next hop.

So it is possible to SEND the traffic via GRE tunnel with the help of static route?

Georg Pauwen · ‎12-06-2022

Hello,

--> I have 3 routers R1, R2, R3 connected within same AS (IBGP)

--> r1 and r2 are neighbors(BGP) , R1 belongs to AS 2 and R2 Belongs to AS 3

Post the full running configurations of all three routers so we can lab this up.

MHM Cisco World · ‎12-06-2022

R1-R2-R3
in R1


ip route 0.0.0.0 0.0.0.0 <R1-R2 link IP>
!
router bgp 100 
neighbor <R3 tunnel IP>  remote-as 100
network LAN <<< LAN you want to pass through tunnel

in R3


ip route 0.0.0.0 0.0.0.0 <R3-R2 link IP>
!
router bgp 100 
neighbor <R1 tunnel IP>  remote-as 100
network LAN <<< LAN you want to pass through tunnel

do this step
and finally share

show ip bgp

I will check

arunkumarravi · ‎12-06-2022

R1 config.

interface Tunnel10
ip address 1.1.1.1 255.255.255.0
ip mtu 1400
tunnel source 4.1.1.1
tunnel destination 5.1.1.2
!
interface Ethernet0/0
ip address 192.168.1.1 255.255.255.0
!
interface Ethernet0/1
ip address 4.1.1.1 255.255.255.0

router bgp 2
bgp log-neighbor-changes
network 192.168.1.0
neighbor 4.1.1.2 remote-as 2
!
ip route 0.0.0.0 0.0.0.0 4.1.1.2

SH IP BGP output:


Network Next Hop Metric LocPrf Weight Path
*> 192.168.1.0 0.0.0.0 0 32768 i
*>i 192.168.2.0 4.1.1.2 0 100 0 3 i

R2 router:

interface Ethernet0/0

 ip address 4.1.1.2 255.255.255.0

!

interface Ethernet0/1

 ip address 5.1.1.1 255.255.255.0


router bgp 2

 bgp log-neighbor-changes

 neighbor 4.1.1.1 remote-as 2

 neighbor 4.1.1.1 next-hop-self

 neighbor 5.1.1.2 remote-as 3

 neighbor 5.1.1.2 next-hop-self

SH IP BGP:



Network Next Hop Metric LocPrf Weight Path
*>i 192.168.1.0 4.1.1.1 0 100 0 i
*> 192.168.2.0 5.1.1.2 0 0 3 i

R3 router:

interface Tunnel10

 ip address 2.2.2.2 255.255.255.0

 ip mtu 1400

 tunnel source 5.1.1.2

 tunnel destination 4.1.1.1

!

interface Ethernet0/0

 ip address 192.168.2.1 255.255.255.0

!

interface Ethernet0/1

 ip address 5.1.1.2 255.255.255.0

router bgp 3

 bgp log-neighbor-changes

 network 192.168.2.0

 neighbor 5.1.1.1 remote-as 2
 

ip route 0.0.0.0 0.0.0.0 5.1.1.1

SH IP BGP:


Network Next Hop Metric LocPrf Weight Path
*> 192.168.1.0 5.1.1.1 0 2 i
*> 192.168.2.0 0.0.0.0 0 32768 i

MHM Cisco World · ‎12-06-2022

that OK but why you config BGP in R2 ?
why you use no same subnet for tunnel IP , I see 1.1.1.1 and 2.2.2.2, it work but I prefer use same subnet.

arunkumarravi · ‎12-06-2022

I have changed the subnet now(1.1.1.1/24 and 1.1.1.2/24).
that OK but why you config BGP in R2 ? >>> but without BGP how the neighbour will be formed?
Would you want me to configure static route in r2?

The problem is Tunnel is UP and I am able to ping however the traffic is not encapsulated.
is it because of nexthop?

arunkumarravi · ‎12-06-2022

Ohh man, it worked

As per your instruction I configured this.

neighbor <R3 tunnel IP>
neighbor <R1 tunnel IP>

After. this I could see the traffic is encapsulated, may I know what was the reason behind this?

MHM Cisco World · ‎12-06-2022

first


use 1.1.1.1 and 1.1.1.2 
show ip route

then


use 1.1.1.1 and 2.2.2.2 
show ip route

SHARE HERE

Richard Burts · ‎12-06-2022

The original poster asks "may I know what was the reason behind this". The answer is that in the earlier implementation the tunnel existed, but there was no routing logic that used the tunnel. When you change BGP to use the tunnel addresses then there is routing logic that uses the tunnel.

HTH

Rick

Richard Burts · ‎12-06-2022

I am glad that our suggestions have been helpful. Thank you for marking this question as solved. This will help other participants in the community to identify discussions which have helpful information. This community is an excellent place to ask questions and to learn about networking. I hope to see you continue to be active in the community.

HTH

Rick