Solved: Re: I can't ping GRE Tunnel Destination

Gabriel Tanase · ‎01-09-2013

Friends, I created a GRE tunnel and I can't ping the tunnel destination from either router. I am able to ping the tunnel ip address on the router that it's configured on. Can anyone help please? I have two routers. The configs are as follows.

Router A

------------------

Router_A#show ip int brief

Interface IP-Address OK? Method Status Prot ocol

FastEthernet0/0 192.168.1.121 YES DHCP up up

FastEthernet0/1 10.10.12.254 YES NVRAM up up

Serial0/0/0 unassigned YES NVRAM down down

Serial0/0/1 192.168.2.2 YES NVRAM up up

BRI0/2/0 unassigned YES NVRAM administratively down down

BRI0/2/0:1 unassigned YES unset administratively down down

BRI0/2/0:2 unassigned YES unset administratively down down

Async0/3/0 unassigned YES NVRAM down down

NVI0 unassigned NO unset up up

Loopback0 10.10.13.249 YES NVRAM up up

Tunnel1 10.10.10.1 YES manual up up

Router_A#

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname Router_A

!

boot-start-marker

boot-end-marker

!

aaa new-model

!

aaa authentication login word local

aaa authentication login CONSOLE none

!

aaa session-id common

!

ip cef

no ip dhcp use vrf connected

!

ip dhcp pool Dhcp_Pool

network 10.10.12.0 255.255.255.0

default-router 10.10.12.254

dns-server 206.141.192.60

!

ip auth-proxy max-nodata-conns 3

ip admission max-nodata-conns 3

!

voice-card 0

no dspfarm

interface Loopback0

ip address 10.10.13.249 255.255.255.252

!

interface Tunnel1

ip address 10.10.10.1 255.255.255.0

ip mtu 1480

tunnel source Loopback0

tunnel destination 192.168.2.1

!

interface FastEthernet0/0

description Connection to Internet

ip address dhcp client-id FastEthernet0/0

ip nat outside

ip virtual-reassembly

duplex auto

speed auto

!

interface FastEthernet0/1

description Connection to LAN

ip address 10.10.12.254 255.255.255.0

ip nat inside

ip virtual-reassembly

duplex auto

speed auto

!

interface Serial0/0/0

no ip address

clock rate 2000000

interface Serial0/0/1

description Connection to Network B

bandwidth 1000000

ip address 192.168.2.2 255.255.255.252

encapsulation ppp

!

interface BRI0/2/0

no ip address

encapsulation hdlc

shutdown

!

interface Async0/3/0

no ip address

encapsulation slip

!

router rip

version 2

network 10.0.0.0

network 192.168.1.0

network 192.168.2.0

!

ip forward-protocol nd

ip route 10.10.0.0 255.255.0.0 192.168.2.1

!

ip http server

no ip http secure-server

ip nat pool ovrld 192.168.1.250 192.168.1.250 prefix-length 24

ip nat inside source list 7 pool ovrld overload

!

access-list 7 permit 10.10.12.0 0.0.0.255

!

control-plane

--------------------------------------------------------

Router_B

Router_B#show ip int brief

Interface IP-Address OK? Method Status Protocol

FastEthernet0/0 10.10.14.254 YES manual up up

FastEthernet0/1 unassigned YES NVRAM administratively down down

Serial0/0/0 unassigned YES NVRAM administratively down down

BRI0/1/0 unassigned YES NVRAM administratively down down

BRI0/1/0:1 unassigned YES unset administratively down down

BRI0/1/0:2 unassigned YES unset administratively down down

Serial0/3/0 unassigned YES NVRAM administratively down down

Serial0/3/1 192.168.2.1 YES manual up up

NVI0 10.10.14.254 YES unset up up

SSLVPN-VIF0 unassigned NO unset up up

Loopback0 10.10.15.1 YES manual up up

Tunnel1 10.10.10.2 YES manual up up

Router_B#

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname Router_B

!

boot-start-marker

boot-end-marker

!

logging message-counter syslog

!

no aaa new-model

memory-size iomem 10

!

dot11 syslog

ip source-route

!

ip cef

!

ip dhcp pool Dhcp_Pool

network 10.10.14.0 255.255.255.0

default-router 10.10.14.254

dns-server 206.141.192.60

!

ip name-server 206.141.192.60

no ipv6 cef

!

archive

log config

hidekeys

!

interface Loopback0

ip address 10.10.15.1 255.255.255.252

!

interface Tunnel1

ip address 10.10.10.2 255.255.255.0

tunnel source Loopback0

tunnel destination 192.168.2.2

!

interface FastEthernet0/0

description Connection to LAN

ip address 10.10.14.254 255.255.255.0

ip nat inside

ip virtual-reassembly

duplex auto

speed auto

!

interface FastEthernet0/1

no ip address

shutdown

duplex auto

speed auto

!

interface Serial0/0/0

no ip address

shutdown

!

interface BRI0/1/0

no ip address

encapsulation hdlc

shutdown

!

interface Serial0/3/0

no ip address

shutdown

clock rate 2000000

!

interface Serial0/3/1

bandwidth 1000000

ip address 192.168.2.1 255.255.255.252

ip nat outside

ip virtual-reassembly

encapsulation ppp

!

router rip

version 2

network 10.0.0.0

network 172.16.0.0

network 192.168.1.0

network 192.168.2.0

!

ip forward-protocol nd

no ip http server

no ip http secure-server

!

shamax_1983 · ‎01-09-2013

Hello Gabriel,

For the GRE tunnel, Router A and Router B should point to matching Source/Destination of each other.

But in your config, on Router A,

tunnel source Loopback0

tunnel destination 192.168.2.1

and on Router B

tunnel source Loopback0

tunnel destination 192.168.2.2

So the destination you defined in router A is not the Tunnel source of Router B ( on router B, it should be

"tunnel source 192.168.2.1 or Serial0/3/1 )

Your working configuration should look like this

Router A

interface Tunnel1

ip address 10.10.10.1 255.255.255.0

ip mtu 1480

tunnel source Loopback0

tunnel destination 192.168.2.1

Router B

interface Tunnel1

ip address 10.10.10.2 255.255.255.0

tunnel source Serial0/3/1

tunnel destination 10.10.13.249

Or you can go with the other way around, on Router A, Source is interface Serial0/0/0 and so on..

Let me know how you go with this configs

Please rate this post if helpful.

View solution in original post

shamax_1983 · ‎01-09-2013

Hello Gabriel,

For the GRE tunnel, Router A and Router B should point to matching Source/Destination of each other.

But in your config, on Router A,

tunnel source Loopback0

tunnel destination 192.168.2.1

and on Router B

tunnel source Loopback0

tunnel destination 192.168.2.2

So the destination you defined in router A is not the Tunnel source of Router B ( on router B, it should be

"tunnel source 192.168.2.1 or Serial0/3/1 )

Your working configuration should look like this

Router A

interface Tunnel1

ip address 10.10.10.1 255.255.255.0

ip mtu 1480

tunnel source Loopback0

tunnel destination 192.168.2.1

Router B

interface Tunnel1

ip address 10.10.10.2 255.255.255.0

tunnel source Serial0/3/1

tunnel destination 10.10.13.249

Or you can go with the other way around, on Router A, Source is interface Serial0/0/0 and so on..

Let me know how you go with this configs

Please rate this post if helpful.

Gabriel Tanase · ‎01-09-2013

Shamal, I want to thank you for your response. I have tried your idea but unfortunately, I'm getting a recursive routing issue.

Router_B#

*Jan 10 02:54:39.491: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel1, changed state to down

*Jan 10 02:54:40.475: %SYS-5-CONFIG_I: Configured from console by console

*Jan 10 02:54:40.767: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel1, changed state to up

*Jan 10 02:54:40.795: %ADJ-5-PARENT: Midchain parent maintenance for IP midchain out of Tunnel1 482137E0 - looped chain attempting to stack

Router_B#show ip int b

*Jan 10 02:54:48.495: %TUN-5-RECURDOWN: Tunnel1 temporarily disabled due to recursive routing

*Jan 10 02:54:49.495: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel1, changed state to down

% Incomplete command.

Router_B#

Let me know if you have any further ideas.

Thanks

Gabriel Tanase · ‎01-09-2013

After playing around some more, I figured it out. For some apparent reason, the source loopback was not working. I sourced it off the serial interface and it worked. Here is the config. Thanks for pointing me in the right direction.

RTR A

interface Tunnel1

ip address 10.10.10.1 255.255.255.0

ip mtu 1480

tunnel source 192.168.2.2

tunnel destination 192.168.2.1

RTR B

interface Tunnel1

ip address 10.10.10.2 255.255.255.0

tunnel source 192.168.2.1

tunnel destination 192.168.2.2

Gabriel Tanase · ‎01-09-2013

Router_B#ping 10.10.10.2

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.10.10.2, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms

Router_B#ping 10.10.10.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.10.10.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 16/17/20 ms

Router_B#

------------------------

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.10.10.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms

Router_A#ping 10.10.10.2

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.10.10.2, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 16/17/20 ms

Router_A#

shamax_1983 · ‎01-09-2013

Hi Gabriel,

Yes this is the more cleaner way to do this.. But you can still do it with the loopback interface involved if you clean up your routing a little bit as I suggest below

shamax_1983 · ‎01-09-2013

Leave the changes you made based on my previous suggession, and do the following..

remove network 10.0.0.0 from RIP from both routers..

on router A

delete ip route 10.10.0.0 255.255.0.0 192.168.2.1

on router B

add ip route 10.10.13.0 255.255.255.0 192.168.2.2

If you want to advertise other Local subnets only advertise specific subnets but leave loopback subnets alone. DO NOT advertise the whole range 10.0.0.0 255.255.255.0 because it makes the GRE tunnel to advertise routers while your Serial link advertise the same thing and it makes everything unstable..

Try this and let me know..