OSPF over GRE Tunnel

smehrnia · ‎09-18-2012

Hello Experts,

we have a GRE Tunnel in our setup and the two head/end routers form an OSPF neighborship over this tunnel. at the times of traffic congestion we lose hello packets and it causes OSPF peering problems, flapping. i want to prioritize my OSPF traffic on the link to overcome this problem.

I thought of a little piece of QoS, but since it is on a production network, i want to know ur opinion and help if u could.

Thanks in advance.

Soroush.

Hope it Helps!

Soroush.

Peter Paluch · ‎09-18-2012

Hello Sourosh,

To my best knowledge, when performing GRE encapsulation, the DSCP marking is copied from the inner packet to the outer IP header. Therefore, the networking infrastructure should treat the encapsulated packets with the same treatment as it would treat the original unencapsulated traffic (if the treatment was based purely on DSCP values). OSPF packets are already being sent with DSCP set to CS6.

However, I am afraid that the real problems are caused by the actual network between your GRE tunnel endpoints, not by a congestion on the tunnel interface. Most probably, the underlying network does not take the DSCP marking into account and does not really prioritize the traffic. Even if the OSPF packets are already carried by GRE-encapsulated packets with DSCP set to CS6, the network between the tunnel endpoints treats the entire traffic in a best effort fashion.

Without being sure that the QoS is being consistently deployed and used along the entire path between your tunnel endpoints, it does not make sense to configure any QoS settings on your tunnel endpoints, nor would it help, I am afraid.

Is your ISP willing to provide some QoS guarantees that would help treat the prioritized traffic appropriately?

Best regards,

Peter

smehrnia · ‎09-19-2012

Hi peter, thanks for the reply.

it is a big private Co. network, we dont use an ISP in the path.

i had in mind to classify the ospf traffic at my head points then give it an amount of priority bandwidth on the interface, thats it. do you think it will help?

Soroush.

Hope it Helps!

Soroush.

Peter Paluch · ‎09-19-2012

Hello Sourosh,

i had in mind to classify the ospf traffic at my head points then  give it an amount of priority bandwidth on the interface, thats it. do  you think it will help?

This depends on whether the congestion occurs on your interface or somewhere inside the network. You may try assigning a certain guaranteed bandwidth to the GRE packets with DSCP set to CS6 on your egress physical interface. However, it is a blind shot. If the choke point is somewhere inside your private network and the devices do not pay attention to proper treatment of different traffic classes, this won't help.

It should not hurt trying this out, though.

Best regards,

Peter

Joseph W. Doherty · ‎09-19-2012

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Often the key component of using QoS to support tunnels, is using a policy that shapes for the underlying bandwidth bottleneck the tunnel transits. This works well if the bottleneck is static amount of available bandwidth, not well if the amount of available bandwidth is dynamic.