cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
436
Views
0
Helpful
3
Replies
Highlighted
Beginner

GRE Tunnel backup terminating on same address

Hi,

I have a scenario where I have two routers running in HSRP mode I want to run GRE Tunnel from the same origin IP to the same destination IP in the cloud. Incase the primary router fails I have to use the backup router to use the same origin source ip to the destination IP

How will I achieve this configuration any ideas?

Thanks

Anuj

3 REPLIES 3
Highlighted
Beginner

Please note that the routers

Please note that the routers are in active active mode

Highlighted
Enthusiast

Hi ANUUJ,

Hi ANUUJ,

I didn't understand well what you need.  Could you please upload a network diagram ? 

When you say that both routers are active do you mean that both of them have to forward traffic on the GRE Tunnel and, moreover, that source address of the GRE packets have to be the same ? If so I think you can't have what you want: you can make some trick to have the same source ip on both router but if both GRE tunnel are active at the same time and have the same source ip address traffic coming back from cloud will be:

  1.  forward to one router based on routing metric
  2.  load balanced

In the firs case one tunnel wont' have backward traffic, in the second case traffic will be load balanced but nothing can assure you the packets are delivered to the "right" router.  

Perhaps the only way would be to differentiate the use the tunnels (for protocol, or group of IP add,...) and configuring some sort of PBR on the other side. In any case it's hard to answer without a better understanding of the network

Let me know,

enrico

Highlighted
Participant

Is your HSRP facing the WAN

Is your HSRP facing the WAN and are you expecting the GRE tunnel to use the HSRP VIP address as the tunnel source?

Any reason why you can't have 2 GRE tunnels?  One to each local router but both on the same cloud ip?

If you require only 1 GRE tunnel then a known solution is to put a third router behind your 2 local routers to terminate the single gre tunnel using a loopback address as the 3rd router's tunnel source.  Then ip routing to provide failover.  No HSRP.