Hi,

Thanx for the reply. But my problem is that, if i switch off my satellite Terminal, from the router i am not able to ping my tunnel destination, but even then my Tunnel Status and the Line protocol shows up??? thats my main problem???? is there any solution for this??? i had tried out but still i am not able to solve this problem??

Regards

S.Lakshminarasimhan

One of the normal behaviors of IOS for a long time has been that GRE tunnel does not really know if the destination is up or not. On the IOS router as long as the router has a valid next hop address toward the destination it will mark the tunnel as up/up.

In recent versions of IOS Cisco has added a feature of GRE tunnel keepalives. This feature is to address the problem that you are describing. This feature will periodically send a keepalive packet through the tunnel and expects to receive keepalive packets through the tunnel. If the router misses several consecutive keepalive messages it will mark the tunnel interface as protocol down (essentially the same thing as you have on physical interfaces).

I am not sure that tunnel keepalives will work for you depending on what is on the other end of the tunnel and whether it understands the concept of tunnel keepalive.

HTH

Rick

Hi,

One thing is that, in the document for Keepalives in Cisco Site, it says that, the keepalives work, if its enabled at one end and disabled at other end. So in my case cant we assume that my keepalive is disabled at one end????. if its not the case, is there any way to solve this problem????

Regards

S.Lakshminarasimhan

I do not understand how keepalives could work if they are enabled at one end but disabled at the other end. I know that on physical point to point connections like HDLC or PPP they must be enabled on both ends. I am not sure how they could work on virtual point to point like GRE tunnels. Could you post the link to the document that you are talking about? Perhaps there is some explanation there that would help.

HTH

Rick

Hi,

As i said, of u see the following URL, u cud find the Tunnel Keepalive Mechanism, which says that the Tunnel Keepalive Mechanism works even if the far end does not support Keepalives.

http://www.cisco.com/en/US/tech/tk827/tk369/technologies_tech_note09186a008040a17c.shtml

Hi Krishna,

Yes, that's true.

Let's assume your setup like this...

R1 -- Satellite terminal -- R2

R1 and R2 are both two routers and assuming that keepalive has enabled only at one end i.e R1.

In this case, when you switch off your satellite terminal, R1 can only bring down the tunnel line protocol to DOWN as keepalives enabled on that one. And at R2, the tunnel line protocol will be always in UP state as keepalives not configured on that router (keepalives disabled by default). This is with assumption of both are Cisco routers. If other end is not Cisco device, then keepalives won't work in this case.

Thank you,

Regards...

-Ashok.

Hi ashok,

I wud like to make one correction in the setup...The GRE Tunnel is being established between the Satellite Equipment and the Cisco 2561 Router.

Satellite Terminal ----GRE----- Cisco 2651 Router

My Satellite terminal has a capability to build GRE Tunnel with any other equipment..

i had posted an URL in this conversation....just read that bcos it says a different info...

regards

Krishna

Thanks for posting the URL. It does include an explanation that is very helpful. The implementation of keepalives for GRE works quite differently from the keepalives of PPP or HDLC. And you are correct that keepalives can function properly on one router even if the router on the other end of the GRE tunnel does not support keepalives.

So I believe that configuring GRE tunnel keepalives on your router is a solution that should work for you and allow you to detect if the satellite terminal is shut down.

HTH

Rick

Hi Rick,

actually according to the document, it should work..but i donno whether i am making any mistake..its not working for me...i enabled the default keepalive, but once i enable it, after 3 retries every 10 secs, the fourth retry, my tunnel line protocol goes down...but at that time also, from the router i am able to ping to my Tunnel Destination.....one thing which i am observing is that, when i pinging the destination, its fine, but when i try to trace my Destination, its showing only the first hop, after that its not showing??why is it so???this happens even when my tunnel line protocol is up????can u please explain me this???

krishna

Why do you have no ip address on the tunnel interface? This disables ip routing on the tunnel interface. The issue could be a routing thing. Try and give the relevant config on the router, i mean interface, routes (static/dynamic).

Based on the document it seems that keepalives should work for your router, even if the satellite terminal equipment does not support the keepalive function. Since you say that it is not working I have a couple of questions that may help us figure our what is happening.

First - in normal conditions is the tunnel working properly (without keepalives configured)? I do not mean just pinging the destination, but does traffic from your network pass successfully over the tunnel to whatever network is beyond the satellite?

Second - if the tunnel is working properly without keepalives configured, does it still work properly when you configure keepalives?

I am trying to figure out what is happening when you say that you can ping the destination but when you trace to the destination it is showing only the first hop. Could you post the output that is generated by dong this so we can see it? Also it would be very helpful if you could post the configuration of the tunnel, of the outbound physical interface, and the output of show ip route.

HTH

Rick