cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1216
Views
0
Helpful
4
Replies

Routing over GRE tunnel

sir_ulrick
Level 1
Level 1

Hi all, 

I have a 2 question about GRE tunnels.

1) My topology are 4 routers connected trought OSPF network. Each one of four router has a GRE tunnel with the rest of the routers using OSPF cloud. I have used different ips to create each GRE tunnel, so each router has 3 GRE tunnels with different source / destination ips inside same network (1.1.1.X)

 

 

Captura.PNGCaptura.PNG

 

 Without to use DMVPN or any type of dinamic tunnel, is it correct to define this GRE topology to communicate each router with others?

 

2) I have created a ospf process to communicate 4 routers but system doesn't work completly. I can't access using ping to some GRE tunnel and continuosly appears follow messages:

 

*Jul 2 15:23:11.955: %OSPF-5-ADJCHG: Process 41, Nbr 192.168.4.100 on Tunnel1 from DOWN to DOWN, Neighbor Down: Ignore timer expired

*Jul 2 15:25:20.098: %OSPF-5-ADJCHG: Process 41, Nbr 192.168.4.100 on Tunnel1 from EXSTART to DOWN, Neighbor Down: Too many retransmissions

 

MTU of GRE tunnels are 1400, but continue the problem. Also, I have tried to use specific routers on OSPF process, I mean, instead of 

network 1.1.1.0 0.0.0.255 area 0

 

to use specific GRE tunnel source on each router

network 1.1.1.1 0.0.0.0 area 0

network 1.1.1.3 0.0.0.0 area 0

network 1.1.1.9 0.0.0.0 area 0

 

These are configuration of GRE tunnels and OSPF process

GRE tunnels configuration:

interface Tunnelx
ip address 1.1.1.x 255.255.255.255
ip mtu 1400
tunnel source FastEthernet0/0
tunnel destination 172.17.50.0
tunnel key 1
!

 

OSPF process:

router ospf 41
router-id 192.168.1.100
network 1.1.1.0 0.0.0.255 area 0
network 192.168.1.0 0.0.0.255 area 0 // 192.168.0.0 local network on each router not inclued in the draw
!

 

Thanks a lot!

4 Replies 4

coesionesrl
Level 1
Level 1

Hi.

About topology for me is ok. It's a mesh topology.

About OSPF, evry tunnel need to be addressed on different subnet. Try to ping from one router the end of every tunnel and let me know if it is ok.

 

Are the router on differente Area?

 

Regards,

Currently I can do ping from one router to the others, only when this message appears and ospf adjacency is down, I can't reach using ping.

Al routers, OSPF cloud and end to end sites, are in area 0 and, all GRE tunnels are in same network (1.1.1.X/24)

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello @sir_ulrick ,

as I tried to explain in a previous thread of yours,  you need to use two different OSPF processes:

OSPF process 41 to route in the backbone subnets 192.168.x.0

a new process like OSPF 62 to be used over the GRE tunnels only.

 

As I had explained the main reason is that OSPF does not allow route filtering per interface and if using  a single OSPF process it will try to advertise the tunnel endpoints over the tunnel itself.

 

This is my suggestion with your current setup you are not seeing OSPF going up and down over GRE tunnels,  but that is the best result you can get.

 

Edit:

you need to use /30 different IP subnets for each tunnel in order to build OSPF adjacencies you have configuted /32 addresses and this is why OSPF is stucked down

>> ip address 1.1.1.1 255.255.255.252

But you need a different OSPF process on the tunnels or you will get recursive routing errors.

 

Hope to help

Giuseppe

 

Hi @Giuseppe Larosa

I think I didn't understand previously, my bad. 

 

Currently I have changed the configuration. Now I have 3 OSPF process on end-to-end router. One process to allow with the OSPF cloud (process 31), other to allow communication with LAN (OSPF 41) and the last process to reach GRE network (OSPF 42). All process are in the same area 0 and the configuration in OSPF 42 process is as you suggest me: 

 

network 1.1.X.1 0.0.0.3 area 0

 

to allow 1.1.X.101 and 1.1.X.102 as source and destination of GRE tunnel.

 

After to apply these changes, I have reset all infraestructure but after some minutes, same messages appears again in all GRE tunnels

 

*Jul 6 10:49:17.467: %OSPF-5-ADJCHG: Process 42, Nbr 10.X.30.100 on TunnelX from EXSTART to DOWN, Neighbor Down: Too many retransmissions
R5#
*Jul 6 10:50:17.467: %OSPF-5-ADJCHG: Process 42, Nbr 10.X.30.100 on TunnelX from DOWN to DOWN, Neighbor Down: Ignore timer expired

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: