Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3280
Views
0
Helpful
11
Replies

Redirect traffic to GRE tunnel

Go to solution
sir_ulrick
Level 1
Level 1

‎06-03-2020 03:40 AM

Hi everybody, 

I have a question about how redirect traffic throught GRE tunnel. I have a topology working with EIGRP and some devices have GRE tunnel with a central router. I would like that a kind of traffic flow through GRE tunnel and the rest of traffic flow normally with EIGRP. How can I add traffic to GRE tunnel?

 

Thanks for your help.

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
pieterh
VIP
VIP

‎06-03-2020 03:52 AM

you need to filter the traffic and set the next-hop address for it

follow the link to read more, or search on keyword policy based routing

View solution in original post

0 Helpful

Go to solution
Georg Pauwen
VIP
VIP

‎06-03-2020 03:55 AM

Hello,

 

policy routing is probably your best choice. Define the source and destination in an access list, configure a route map that matches that access list, and set the interface to the GRE tunnel you require that traffic to flow through. Here is an example:

 

interface GigabitEthernet0/0

description LAN Interface

ip address 192.168.1.1 255.255.255.0

ip policy route-map TO_TUNNEL

!

access-list 101 permit ip 192.168.1.0 0.0.0.255 any

!

route-map TO_TUNNEL permit 10

match ip address 101

set interface Tunnel 1

!

route-map TO_TUNNEL permit 20

View solution in original post

0 Helpful
11 Replies 11

Go to solution
marce1000
VIP
VIP

‎06-03-2020 03:52 AM

 

 - Check if this document can help you :

                https://community.cisco.com/t5/networking-documents/how-to-configure-a-gre-tunnel/ta-p/3131970

 M.



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !
0 Helpful

Go to solution
pieterh
VIP
VIP

‎06-03-2020 03:52 AM

you need to filter the traffic and set the next-hop address for it

follow the link to read more, or search on keyword policy based routing

0 Helpful

Go to solution
Georg Pauwen
VIP
VIP

‎06-03-2020 03:55 AM

Hello,

 

policy routing is probably your best choice. Define the source and destination in an access list, configure a route map that matches that access list, and set the interface to the GRE tunnel you require that traffic to flow through. Here is an example:

 

interface GigabitEthernet0/0

description LAN Interface

ip address 192.168.1.1 255.255.255.0

ip policy route-map TO_TUNNEL

!

access-list 101 permit ip 192.168.1.0 0.0.0.255 any

!

route-map TO_TUNNEL permit 10

match ip address 101

set interface Tunnel 1

!

route-map TO_TUNNEL permit 20

0 Helpful

Go to solution
Seb Rupik
VIP Alumni
VIP Alumni

‎06-03-2020 03:56 AM

Hi there,

You have two options. Either configure static routes to direct traffic destined to remote site subnets via the GRE tunnel remote end IP address. Or preferably create an EIGRP adjacency via the GRE tunnel.

 

Beware of creating routing loops, so make sure that you configure a static route on the local router directing packets destined for the GRE remote endpoint via your local gateway.

 

cheers,

Seb.

0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to Seb Rupik

‎06-03-2020 07:59 AM

If we knew more about the environment of the original post we might be able to give better advice. The original post says "a kind of traffic flow through GRE tunnel". But what kind of traffic is that? If it were traffic to certain destination addresses then static routes for those destinations would be the appropriate solution. But if that traffic were to be TFTP, or FTP, or SSH, or some protocol specific traffic then Policy Based Routing would be the appropriate solution. 

 

 

HTH

Rick
0 Helpful

Go to solution
sir_ulrick
Level 1
Level 1
In response to Richard Burts

‎06-03-2020 11:35 PM

Hi Richards,
Im beginning with tunnel traffic and I checking different configuration with GNS3. I'm studiyng about how divide traffic through tunnels.
0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to sir_ulrick

‎06-04-2020 11:48 AM

You have several options for getting traffic to go through the GRE tunnels:

1) static routes pointing to next hop through the tunnel.

2) dynamic routing protocol running over the tunnel. Perhaps OSPF on the tunnel and EIGRP for the rest of the network. Or you could run a second EIGRP process over the tunnels, which might be especially interesting if this is activity to understand how the network works.

3) Policy Based Routing. To separate traffic based on source address or protocol port or something like that.

 

All 3 could work. The choice of which would be best depends on the type of traffic that you want to use the tunnels. Or if this is an exercise to understand how the network works, it might be interesting to implement all 3 (one at a time).

HTH

Rick
0 Helpful

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame

‎06-03-2020 10:33 AM

BTW, why?

Reason I ask, there are some negatives to using a GRE tunnel, and if you have a path that doesn't require it, again, why use it?
0 Helpful

Go to solution
sir_ulrick
Level 1
Level 1
In response to Joseph W. Doherty

‎06-03-2020 11:37 PM

Hi Joseph,
I'm testing with different simulations to learn about how to pass traffic through tunnels. I have a dinamic protocol to work in my topology and I would like create GRE tunnels to send a kind of traffic.

In the other way, which are negative aspecto to use a GRE tunnel?
0 Helpful

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to sir_ulrick

‎06-04-2020 07:21 AM

Ah, BTW, you might also then want to know you can generally run a dynamic routing protocol across a GRE tunnel too.

One of the biggest issues using a GRE tunnel, the tunnel label makes for a smaller transport IP MTU, which can lead to, and often does, IP fragmentation. Further, GRE processing also generally leads to increased CPU consumption especially if packets need to be fragmented. (Cisco IOS often offers some features, e.g. "IP TCP mss-adjust", that can mitigate this.)

A GRE packets also (somewhat) conceals its contents. I.e. for example, you cannot as easily used ACLs against what was the original packet's content.

As mentioned above, you can generally use dynamic routing protocol across a GRE tunnel, but such protocols will "see" a GRE tunnel with different attributes than physical links (i.e. one hop, and with some "logical" bandwidth perhaps w/o any relationship to the physical path's bandwidth).

A usage case like you propose, would be unusual in the "real world". I.e. normally you use the physical path or a GRE tunnel over it for the traffic, not both "splitting" traffic.
0 Helpful

Go to solution
sir_ulrick
Level 1
Level 1

‎06-03-2020 11:30 PM

Thanks for all replies! I think Policy based routing is the solution. Thanks everybody!
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card