07-08-2009 03:19 AM - edited 03-04-2019 05:21 AM
I'm currently using two Catalyst 3560 as L3 devices to build my GRE tunnel. Attached are 3 documents; GRE diagram, config on SA1router and config on MSrouter.
Question: Why do tunnel interfaces goes down when keepalives are set? When I remove the keepalives statement the tunnel interface automatically comes up.
Why does traffic still pass from 172.10.7.x to 172.10.8.x when the tunnel interfaces are down on both sides?
Thanks in advance.
07-08-2009 03:28 AM
To be honest - the degsign leaves a lot to be desired.
You are using the source/destination of the tunnels as switch ports.
Try creating loopback interfaces - and use those as the source & desintation - these will never go down, so troubleshooting etc will be easier.
You will problably find the reason why it works when the tunnels are down is the default route.
Try extended pings.....
HTH>
07-08-2009 05:27 AM
I followed the group's reccommendation and created L0 interfaces on both sides (1.1.1.1/32 and 2.2.2.2/32). In addition, I changed the default routes pointing to tu1123. My tunnel goes down immediately bc it can't find the route to the remote loopback. Attached is the updated config. FYI- this is only a lab so I can understand GRE better. Thanks for everyones input.
07-08-2009 05:35 AM
On MSRouter:
interface Tunnel1123
description Hst to SA1 DTC Network (172.10.8.0/24)
ip address 192.166.0.1 255.255.255.252
ip mtu 1476
no tunnel source FastEthernet0/1
tunnel source loopback0
tunnel destination 1.1.1.1
ip route 1.1.1.1 255.255.255.255 192.167.1.1
On SA1Router:
interface Tunnel1123
description SA1 to Hst DTC Network (172.10.7.0/24)
ip address 192.166.0.2 255.255.255.252
ip mtu 1476
no tunnel source FastEthernet0/1
tunnel source loopback0
tunnel destination 2.2.2.2
ip route 2.2.2.2 255.255.255.255 192.167.1.2
HTH,
__
Edison.
07-08-2009 05:41 AM
Your configs are incorrect, recorrect with the below:-
MS01JNPB1
int loop0
ip address 2.2.2.2 255.255.255.255
int tun 123
ip address 192.166.0.1 255.255.255.252
tunnel source loop0
tunnel destination 1.1.1.1
ip route 1.1.1.1 255.255.255.255 192.167.1.1
*************
0112C31B1
nterface Tunnel1123
ip address 192.166.0.2 255.255.255.252
tunnel source loop0
tunnel destination 2.2.2.2
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
ip route 2.2.2.2 255.255.255.255 192.167.1.2
07-08-2009 03:33 AM
The traffic is not going thru the tunnel. You have to route the destination network to the Tunnel. e.g.
!
ip route 172.10.7.0 255.255.255.0 tunnel1123
!
ip route 172.10.8.0 255.255.255.0 tunnel1123
I don't think IP GRE Tunnel will work if the tunnel source and destination IP Address is in the same network. That could be the reason the tunnel keeps coming down when the keepalives statement is configured. Use Loopback Interface as source and destination for IP GRE Tunnel in this case. I use "ip mtu 1500" in all my IP GRE Tunnel.
07-08-2009 04:01 AM
From the latest 3560 configuration guide:
Unsupported Global Configuration Commands
interface tunnel
"Question: Why do tunnel interfaces goes down when keepalives are set? When I remove the keepalives statement the tunnel interface automatically comes up.
Why does traffic still pass from 172.10.7.x to 172.10.8.x when the tunnel interfaces are down on both sides? "
I would think because of your default routes on both switches.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide