10-21-2016 10:48 PM - edited 03-05-2019 07:19 AM
Hello All,
I am running the IPSEC over GRE tunnel. And running OSPF routing protocol over
Ping to the destination of the tunnel is fine.
Do I need any additional configurations to run OSPF over Tunnel ? there are about 10 hops in between these two ends.
R1#sh run int
Building configuration...
Current configuration : 264 bytes
!
interface Tunnel35
description Tunnel to XXXX
tunnel source GigabitEthernet0/0
tunnel mode
tunnel destination 15.166.228.1
tunnel protection
end
R1#ping 15.166.228.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 15.166.228.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/
ult01gwcsdnes01#sh
Interface IP-Address OK? Method Status Protocol
Embedded-Service-Engine0/0 unassigned YES NVRAM administratively down down
GigabitEthernet0/0 30.102.128.45 YES NVRAM up up
GigabitEthernet0/1 unassigned YES NVRAM down down
GigabitEthernet0/1.550 15.183.162.2 YES manual down down
GigabitEthernet0/1.551 10.211.211.2 YES manual down down
Serial0/0/0 unassigned YES NVRAM administratively down down
Loopback0 30.5.171.4 YES manual up up
Loopback1 15.166.163.192 YES manual up up
Tunnel35 35.5.171.10 YES manual up up
R1#
Solved! Go to Solution.
10-22-2016 08:06 AM
I assume that it will work but can you verify that ping to 35.5.171.9 is successful?
The parts of the config that you posted look ok. And the fact that the tunnel status is up/up is encouraging. So it is likely something in your config other than the tunnel that causes this issue. Can you post the configuration of OSPF? Also post the output of show ip ospf interface and show ip ospf neighbor?
HTH
Rick
10-22-2016 09:45 AM
Not sure if this is a typo, but the IP address of your tunnel is 35.5.171.14 255.255.255.252. However, in OSPF, you advertise network 30.5.171.12 0.0.0.3.
It should actually be:
network 35.5.171.12 0.0.0.3 area 0.0.0.0
10-22-2016 06:27 AM
R1#ping 224.0.0.5
Type escape sequence to abort.
Sending 1, 100-byte ICMP Echos to 224.0.0.5, timeout is 2 seconds:
.
ult01gwcsdnes01#
10-22-2016 08:06 AM
I assume that it will work but can you verify that ping to 35.5.171.9 is successful?
The parts of the config that you posted look ok. And the fact that the tunnel status is up/up is encouraging. So it is likely something in your config other than the tunnel that causes this issue. Can you post the configuration of OSPF? Also post the output of show ip ospf interface and show ip ospf neighbor?
HTH
Rick
10-22-2016 08:38 AM
Hi Rick,
Thanks for your comments.
On the same
I am able to PING the tunnel destination IP # 15.166.228.2. However, I am unable to PING the other end IP address# 35.5.171.14 of the tunnel .
when
below are the details you requested.
ult01gwcsdnes02#sh
Tunnel36 35.5.171.14 YES manual up up
ult01gwcsdnes02#
R2#sh run int
Building configuration...
Current configuration : 264 bytes
!
interface Tunnel36
tunnel source GigabitEthernet0/0
tunnel mode
tunnel destination 15.166.228.2
tunnel protection
end
R2#ping 35.5.171.13
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 35.5.171.13, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
ult01gwcsdnes02#ping 15.166.228.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 15.166.228.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 100/101/104 ms
R2#
router ospf 6301
router-id 30.5.171.5
network 10.211.211.0 0.0.0.63 area 0.0.0.0
network 15.183.162.0 0.0.0.255 area 0.0.0.0
network 30.5.171.12 0.0.0.3 area 0.0.0.0
R2#sh
GigabitEthernet0/1.550 is down, line protocol is down
Internet Address 15.183.162.3/24, Area 0.0.0.0, Attached via Network Statement
Process ID 6301, Router ID 30.5.171.5, Network Type BROADCAST, Cost: 10
Topology-MTID Cost Disabled Shutdown Topology Name
0 10
Transmit Delay is 1 sec, State DOWN, Priority 1
No designated router on this network
No backup designated router on this network
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
GigabitEthernet0/1.551 is down, line protocol is down
Internet Address 10.211.211.3/26, Area 0.0.0.0, Attached via Network Statement
Process ID 6301, Router ID 30.5.171.5, Network Type BROADCAST, Cost: 10
Topology-MTID Cost Disabled Shutdown Topology Name
0 10
Transmit Delay is 1 sec, State DOWN, Priority 1
No designated router on this network
No backup designated router on this network
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
R2#
R2#sh
R2#
10-22-2016 09:45 AM
Not sure if this is a typo, but the IP address of your tunnel is 35.5.171.14 255.255.255.252. However, in OSPF, you advertise network 30.5.171.12 0.0.0.3.
It should actually be:
network 35.5.171.12 0.0.0.3 area 0.0.0.0
10-22-2016 10:11 AM
Hi
Thank you very much. :)
Yes, there was a typo. The IP
So below is the OSPF adjacency that has been formed. and learning the OSPF routes from the
Will check the same for
R2#sh
Neighbor ID Pri State Dead Time Address Interface
161.14.195.252 0 FULL/ - 00:00:37 30.5.171.13 Tunnel36
ult01gwcsdnes02#
10-23-2016 04:45 AM
And if you want to avoid mistakes like these in the future, you could change the way you enable OSPF on the interface:
interface Tunnel36
ip ospf 6301 area 0
10-22-2016 10:22 AM
Hi Rick,
Thanks for asking the details/outputs. That really helped
Though, it was a silly mistake from me.
10-22-2016 11:53 AM
You are welcome. I am glad that cooperatively we were able to solve your problem. This is one of the good things about these forums that there are a number of people looking at your problem and potentially offering their advice. One of us may start the discussion and another may complete it.
HTH
Rick
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide