cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
683
Views
3
Helpful
5
Replies

GRE over MPLS.

Hello, thanks in advance for any help. 

So I have an office on which we decomissioned the internet circuit. We are currently using MPLS as egress traffic, and then routing that traffic to another office to use as breakout. To do so, I have set up a GRE tunnel, over our MPLS network. The tunnel seems to be up, but for some reason I can't ping across the tunnel and I get "u.u.u" for unreachable. Below is my config with some additional explanation, and would appreciate any feedback that could help me fix this problem, before I add a

static route

to send all traffic through GRE. I should also add, the GRE is needed to send the traffic to the closes regional office. As the preferred route in the MPLS will always be our main DC in EMEA. We need this traffic to be local (US), rather than following default advertisement on MPLS going to EMEA. 

All of the IPs have been changed to maintain privacy. 

cisco ISR4451 -- RouterA#sh run int tu 500
interface Tunnel500
ip address 10.10.10.10 255.255.255.252
no ip redirects
no ip proxy-arp
ip mtu 1300
ip tcp adjust-mss 1260
mpls ip
keepalive 10 3
tunnel source 1.1.1.2 --- this is my source interface connected to my MPLS BGP peer. 
tunnel destination 1.1.1.1 -- This is the interface IP of the remote router, that's connected to the MPLS BGP peer. 

ip route 10.10.10.11 255.255.255.255 1.1.1.1 --- tunnel routed using remote-end MPLS IP.




cisco ASR1001 -- RouterB#sh run int tu 500
Building configuration...

Current configuration : 229 bytes
!
interface Tunnel500
ip address 10.10.10.11 255.255.255.252
no ip redirects
no ip proxy-arp
ip mtu 1300
ip tcp adjust-mss 1260
mpls ip
keepalive 10 3
tunnel source 1.1.1.1 -- this is my interface directly connected to MPLS BGP peer. 
tunnel destination 1.1.1.2  -- This is the interface IP of the remote router, that's connected to the MPLS BGP peer. 

ip route 10.10.10.10 255.255.255.255 1.1.1.2 --- tunnel routed using remote-end MPLS IP.

 

 

1 Accepted Solution

Accepted Solutions

ip route 10.10.10.10 255.255.255.255 1.1.1.2 --- tunnel routed using remote-end MPLS IP.

this not need 

ip route 10.10.10.11 255.255.255.255 1.1.1.1 --- tunnel routed using remote-end MPLS IP. 

this not need 


if 1.1.1.1/2 is direct connect then tunnel and tunnel source will appear as C in RIB of both Router 

 

View solution in original post

5 Replies 5

balaji.bandi
Hall of Fame
Hall of Fame

what device model  and IOS code ?

post the

show ip route

have tried pining using source interface ?

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

One of the routers is ASR1001 running IOS XE Version: 03.06.02.S
The other router is ISR4451 running Cisco IOS XE Software, Version 17.03.06. 

I've tried pinging while sourcing from tunnel500 but it still doesn't work, see snippet. 

RouterB#ping 10.10.10.10 source tunnel500


Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.10.10.10, timeout is 2 seconds

:
Packet sent with a

source address of 10.10.10.11


.....
Success rate is 0 percent (0/5)

And this is sourced using MPLS interface:

RouterB#ping 10.10.10.10 source 1.1.1.1


Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.10.10.10, timeout is 2 seconds:


Packet sent with a

source address of 1.1.1.1


.U...

ip route 10.10.10.10 255.255.255.255 1.1.1.2 --- tunnel routed using remote-end MPLS IP.

this not need 

ip route 10.10.10.11 255.255.255.255 1.1.1.1 --- tunnel routed using remote-end MPLS IP. 

this not need 


if 1.1.1.1/2 is direct connect then tunnel and tunnel source will appear as C in RIB of both Router 

 

may you please explain why? When you set up a normal GRE tunnel over internet, you have to specify the egress public IP for the tunnel interface, so that it can be routed. How come you don't need a tunnel route when done over MPLS? Every other forum I visited to implement this change, mentioned that you needed to set up mirroring a "normal GRE". 

This is now working, thank you so much for the help!! I'm just curious as to why that route is not needed. Is it because MPLS is seamless and makes it seem as directly connected like you mention? VS a public network where it wouldn't be the case obviously. 

MPLS over GRE or normal GRE 
you dont need

static route for Tunnel IP using Tunnel source



Review Cisco Networking for a $25 gift card