cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5715
Views
30
Helpful
30
Replies

GRE tunnel flapping

scottshaw2
Level 1
Level 1

Trying to create a GRE tunnel between two routers that cross another network.

I have the following configs on the routers, I can ping across the tunnel, everything seems to work until I try adding ospf.

then I  the following error: FULL to DOWN, Neighbor Down: Interface down or detached

rtr config.GIFGRE tunnel, Routing Protocols,

30 Replies 30

scottshaw2
Level 1
Level 1

seen an error the IP route on the second router 0.0.0.0 0.0.0.0 10.1.1.1

Yes, this route should "ip route 0.0.0.0 0.0.0.0 10.1.1.1" on rtr2.

 

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

...

copy error, they should be /30, except the loopback.

..

Harold Ritter
Level 12
Level 12

Hi @scottshaw2 ,

 

The issue is that you are learning the tunnel destination through the tunnel interface. This is recursive routing and is the reason your tunnel interface flaps. Make sure the tunnel destination is not learned via the tunnel itself.

 

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

From the config I posted do I have one of the static routes wrong?

 

 

The static routes are good. You have a default route on both side pointing path the other side via the tunnel. The issue is that you enabled OSPF on the tunnel. Disable OSPF on the tunnel or make sure the tunnel destination is learned from a source other than OSPF.

 

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Okay looking at router 1 - isn't the static route IP route 10.1.5.14 255.255.255.255 10.1.5.9  a better route than what would be learned in OSPF?

I have noticed a lot of the config examples I have seen don't use the tunnel for the default route, ip route 0.0.0.0 0.0.0.0 10.1.1.2 again looking router 1 should this be changed to ip route 0.0.0.0 0.0.0.0 10.1.5.9?

When I do a sh ip route, and get lucky enough to catch the routing table, I don't recall seeing a ospf route for the tunnel destination, see the connected and the static.  

I have other routers that work with the same tunnel configuration, the exception  are the IP's and  they have other paths out that don't require a tunnel,  and those paths are the default route. I will try taking the tunnel out of the ospf. 

 

Hi Scott,

 

Can you verify that the "ip route 10.1.5.14 255.255.255.255 10.1.5.9" is installed in the routing table. (show ip route static)?

 

Using the tunnel interface as the next hop for the default route is fine. The one thing you need to make sure of is that the tunnel destination is not resolved through the tunnel interface.

 

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

On router 1 it has the following:

S 10.1.5.14/32 [1/0] via 10.1.5.9

O 10.1.5.12/30 [111/11] via 10.1.1.2 tunnel235

C 10.1.1.0/30 is directly connected, Tunnel235

L 10.1.1.1/32 is directly connected, Tunnel235

You should verify that the static route (10.1.5.10) is present in the routing table on rtr2 and if it is you should be fine then.

 

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Yes router 2 has the correct routes.

Is the tunnel interface flapping on both routers?

 

Do a "show logg" when you see the interface flaps on a given router to get more details on why the interface is flapping.

 

Regards, 

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
Review Cisco Networking for a $25 gift card