cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1226
Views
0
Helpful
23
Replies

GRE Tunnel Routing Problem

Andy Guley
Level 1
Level 1

I created a GRE tunnel.  The tunnel is up and functioning fine.  I am having a routing issue on one side of the network.

Router 1

interface Tunnel5

ip address 10.255.111.2 255.255.255.252

ip mtu 1400

tunnel source 10.110.141.254

tunnel destination 10.87.5.2

S     192.168.21.0/24 [1/0] via 10.255.111.1

Router 2

interface Tunnel5

ip address 10.255.111.1 255.255.255.252

ip mtu 1400

tunnel source 10.87.5.2

tunnel destination 10.110.141.254

S    192.168.20.0/24 [1/0] via 10.255.111.2

From router 1 data travels correctly accross the tunnel:

Tracing the route to 192.168.21.254

VRF info: (vrf in name/id, vrf out name/id)

  1 10.255.111.1 12 msec 8 msec 8 msec

  2 10.87.5.9 8 msec *  8 msc

From router 2 it keeps bouncing between the tunnel and serial interface on the router:

traceroute 192.168.20.200

1 10.255.111.2 8 msec 8 msec 8 msec

2 10.110.11.46 16 msec 16 msec 16 msec

3 10.110.11.1 8 msec 8 msec 8 msec

4 10.255.111.2 12 msec 16 msec 12 msec

5 10.110.11.46 24 msec 24 msec 24 msec

6 10.110.11.1 12 msec 16 msec 12 msec 1 10.255.111.2 8 msec 8 msec 8 msec
2 10.110.11.46 16 msec 16 msec 16 msec
3 10.110.11.1 8 msec 8 msec 8 msec
4 10.255.111.2 12 msec 16 msec 12 msec
5 10.110.11.46  24 msec 24 msec 24 msec
6 10.110.11.1 12 msec 16 msec 12 msec

10.110.11.46 is the serial interface on the router where the 10.255.111.2 tunnel is created.  10.110.11.1 is an interface for MPLS.

1 Accepted Solution

Accepted Solutions

Andy,

We'll, this 3560 switch has an SVI on it, so you should be able to put an IP address on R1 and make it a L3 link basically.

you can try that static route command.

View solution in original post

23 Replies 23

JohnTylerPearce
Level 7
Level 7

Andy,

Can you post the result of 'show ip route 192.168.20.200' on Router 1?

Thanks for the quick repsonse. 

R1#show ip route | in 192.168.20.200

R1#

Nothing in the routing table for it.

Andy,

What is the default route on R1?

10.110.11.46

Andy,

Do a 'show ip route 192.168.20.200' on the network device that 10.110.11.46 is on, as well as post what the default route is.

10.110.11.46 is bgp nei from the teleco company for the MPLS circuit.

Andy,

1 10.255.111.2 8 msec 8 msec 8 msec

2 10.110.11.46 16 msec 16 msec 16 msec

3 10.110.11.1 8 msec 8 msec 8 msec

4 10.255.111.2 12 msec 16 msec 12 msec

5 10.110.11.46 24 msec 24 msec 24 msec

6 10.110.11.1 12 msec 16 msec 12 msec

It's sending the first round of UDP datagrams for 192.168.20.200 and R2 does a route lookup for 192.168.20.200 and finds that it's best route to 192.168.20.200 is 10.255.111.2. This UDP datagram is sent to a non-valid port, and with a TTL of 1. This process happens again, but with a TTL of 2, which goes to 10.110.11.46. Once again this process continus and a third round of UDP datagrams goes with a TTL of 3. It sounds like there is an issue at 10.110.11.1, when it received the fouth round of UDP datagrams with a TTL of 4, it sees the bst route is 10.255.1.2, which this obviously starts a loop.

Is thre anyway you can look at the routing table at 10.110.11.1, and find what the best route to 192.168.20.200 is from this router, including a default route if that's the best route?

10.110.11.1 is a physical interface on R2.

The default route on this router is 10.87.5.9 which is an svi core 6500:

sh ip route | in 192.168.20

D EX 192.168.20.0/24 via 10.87.5.2

Andy,

I gotcha. So when it gets to 10.110.11.46 which is the bgp peer IP, it's hitting that interface and going back to 10.110.11.1. Do you know the route that this should be taking?

Because in an earlier post, you noted this.

R1#show ip route | in 192.168.20.200

R1#

Nothing in the routing table for it.

So it gets to R1, but it has no route for it, so takes it's default route to 10.110.11.46, which is your bgp peer IP.

Routing is not my strong suit so if I am not answering your last question that well I appologize.

So I want anything that is going to the 192.168.20.x network to travel over the GRE tunnel.  So when I ping from R2 shouldnt the route there get it to its destination hanging off of R1 with the static route that I defined on R2?  Or do I need to add another route to R1?

From R1 I can ping 192.168.20.200 with no issues.

Thanks

Andy,

When you look at your traceroute output, you can see it is correctly getting across the tunnel (10.255.111.2 8 msec 8 msec 8 msec), but from R1, there is no route to this 192.168.20.0/24 network, so it uses the default route.

When it gets to R1, it's going to do a route lookup for 192.168.20.0./24, which as you noticed earlier, it can't find a route in it's routing table.

R1#show ip route | in 192.168.20.200

R1#

Are you running a routing protocol, or is everything static?

We are running BGP and EIGRP.  For this network I prefer to keep them static routes. 192.168.20.200 is a SVI I created on the switch hanging off of R1 for testing. 

What route would I create on R1 to get traffic to the 192.168.20.0 /24 network?

Andy,

192.168.20.200 is a SVI I created on the switch hanging off of R1 for testing.

That's the missing link in our chain.

So it gets to R1, and it needs to get to the SVI off that switch, which is hanging off of R1.

Can you post how the interface is configured for the port, going to this switch with the SVI.

'show run int

Please post those results.

show run int vlan 333

interface vlan333

ip address 192.168.20.200 255.255.255.0

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco