Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2146
Views
15
Helpful
19
Replies

GRE Tunnel Line Protocol Not Coming Up

Go to solution
kcunn27
Level 1
Level 1

‎12-17-2020 09:21 PM

Hello,

 

I am labbing up a tunnel between two vrfs. Routes are being exchanged with OSPF to a second router. Everything is working including pings to physical interfaces and loopback interfaces. The only problem is that the tunnel won't come up? I don't know why. Would appreciate an explanation if possible.

 

 

Router#show running-config interface tunnel 10
Building configuration...

Current configuration : 148 bytes
!
interface Tunnel10
vrf forwarding blue
ip address 10.10.10.1 255.255.255.0
tunnel source GigabitEthernet0/0
tunnel destination 10.0.34.4
end

Router#show running-config interface tunnel 14
Building configuration...

Current configuration : 147 bytes
!
interface Tunnel14
vrf forwarding red
ip address 10.10.10.4 255.255.255.0
tunnel source GigabitEthernet0/3
tunnel destination 10.0.13.1
end

 

Router#show ip route vrf blue 10.0.34.4

Routing Table: blue
Routing entry for 10.0.34.0/24
Known via "ospf 1", distance 110, metric 2, type intra area
Last update from 10.0.13.3 on GigabitEthernet0/0, 00:13:08 ago
Routing Descriptor Blocks:
* 10.0.13.3, from 10.0.34.3, 00:13:08 ago, via GigabitEthernet0/0
Route metric is 2, traffic share count is 1


Router#show ip route vrf red 10.0.13.1

Routing Table: red
Routing entry for 10.0.13.0/24
Known via "ospf 2", distance 110, metric 2, type intra area
Last update from 10.0.34.3 on GigabitEthernet0/3, 00:13:24 ago
Routing Descriptor Blocks:
* 10.0.34.3, from 10.0.34.3, 00:13:24 ago, via GigabitEthernet0/3
Route metric is 2, traffic share count is 1

 

Router#show ip interface tunnel 10
Tunnel10 is up, line protocol is down
Internet address is 10.10.10.1/24
Broadcast address is 255.255.255.255
Address determined by non-volatile memory
MTU is 1476 bytes
Helper address is not set
Directed broadcast forwarding is disabled
Outgoing access list is not set
Inbound access list is not set
Proxy ARP is enabled
Local Proxy ARP is disabled
Security level is default
Split horizon is enabled
ICMP redirects are always sent
ICMP unreachables are always sent
ICMP mask replies are never sent
IP fast switching is enabled
IP fast switching on the same interface is disabled
IP Flow switching is disabled
IP CEF switching is enabled
IP CEF switching turbo vector
IP Null turbo vector
VPN Routing/Forwarding "blue"
Downstream VPN Routing/Forwarding ""
IP multicast fast switching is enabled
IP multicast distributed fast switching is disabled
IP route-cache flags are Fast, CEF
Router Discovery is disabled
IP output packet accounting is disabled
IP access violation accounting is disabled
TCP/IP header compression is disabled
RTP/IP header compression is disabled
Policy routing is disabled
Network address translation is disabled
BGP Policy Mapping is disabled
Input features: MCI Check
IPv4 WCCP Redirect outbound is disabled
IPv4 WCCP Redirect inbound is disabled
IPv4 WCCP Redirect exclude is disabled


Router#show ip interface tunnel 14
Tunnel14 is up, line protocol is down
Internet address is 10.10.10.4/24
Broadcast address is 255.255.255.255
Address determined by non-volatile memory
MTU is 1476 bytes
Helper address is not set
Directed broadcast forwarding is disabled
Outgoing access list is not set
Inbound access list is not set
Proxy ARP is enabled
Local Proxy ARP is disabled
Security level is default
Split horizon is enabled
ICMP redirects are always sent
ICMP unreachables are always sent
ICMP mask replies are never sent
IP fast switching is enabled
IP fast switching on the same interface is disabled
IP Flow switching is disabled
IP CEF switching is enabled
IP CEF switching turbo vector
IP Null turbo vector
VPN Routing/Forwarding "red"
Downstream VPN Routing/Forwarding ""
IP multicast fast switching is enabled
IP multicast distributed fast switching is disabled
IP route-cache flags are Fast, CEF
Router Discovery is disabled
IP output packet accounting is disabled
IP access violation accounting is disabled
TCP/IP header compression is disabled
RTP/IP header compression is disabled
Policy routing is disabled
Network address translation is disabled
BGP Policy Mapping is disabled
Input features: MCI Check
IPv4 WCCP Redirect outbound is disabled
IPv4 WCCP Redirect inbound is disabled
IPv4 WCCP Redirect exclude is disabled

 

Labels:
0 Helpful
19 Replies 19

Go to solution
Georg Pauwen
VIP
VIP
In response to kcunn27

‎12-18-2020 11:17 AM

Hello,

 

some sort of route leaking might work. If you find a different way, post your findings, I am curious.

0 Helpful

Go to solution
paul driver
VIP
VIP
In response to kcunn27

‎12-18-2020 12:16 PM

Hello

so basically the physical interfaces are in their own route table and not in the global route table as such the tunnels do not know how to reach them adding the command @Georg Pauwen @posted told the rtr to look on the respective vrf route tables thus the tunnel established 

if you remove the physical interface from their respective vrfs you would t need that command and the tunnels should come up 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

Go to solution
kcunn27
Level 1
Level 1
In response to paul driver

‎12-18-2020 02:27 PM

This is another valid solution. The goal was to create a tunnel that originates and terminates on the same router but different vrfs. By removing the "vrf forwarding" command on the physical interface I did not need to include the "tunnel vrf" command on the tunnel interface. The last thing to check was, well in that case could I just have the "vrf forwarding" on the physical interface and leave it off the tunnel and the answer is you CAN NOT because without vrf awareness on the tunnel interface I would be building a tunnel to and from the same routing table.

 

Thanks for you help!

 

Router(config-if)#ip address 10.10.10.4 255.255.255.0
% 10.10.10.0 overlaps with Tunnel10 

0 Helpful

Go to solution
paul driver
VIP
VIP
In response to kcunn27

‎12-19-2020 03:14 AM - edited ‎12-19-2020 03:14 AM

Hello

@kcunn27 wrote:

 The last thing to check was, well in that case could I just have the "vrf forwarding" on the physical interface and leave it off the tunnel and the answer is you CAN NOT because without vrf awareness on the tunnel interface I would be building a tunnel to and from the same routing table.

So why dont you have the vrf on the tunnels but not on the physical interfaces?


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

Go to solution
kcunn27
Level 1
Level 1
In response to paul driver

‎12-19-2020 01:12 PM

Get the below error when I configure the tunnel IP address. This error does not happen when the tunnel is vrf aware. So I conclude that you must make the tunnel vrf aware and that physical interface "vrf forwarding" command is not enough to build the tunnel on in this topology. 

 

Router(config-if)#ip address 10.10.10.4 255.255.255.0
% 10.10.10.0 overlaps with Tunnel10 

 

Thanks for your help!

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card