Re: Routing vlan traffic into IPIP tunnel

RemRem · ‎12-05-2018

Greetings,

So, I have traffic from the LAN side:
interface GigabitEthernet0/0/1.10
encapsulation dot1Q 10
ip dhcp relay information trusted
ip address 10.x.x.x 255.255.255.192
ip helper-address 10.y.y.y
ip policy route-map mymap

that needs to be routed into this tunnel:

interface Tunnel0
ip unnumbered GigabitEthernet0/0/1
ip tcp adjust-mss 1332
tunnel source GigabitEthernet0/0/0
tunnel mode ipip
tunnel destination 81.a.a.a

tunnel path-mtu-discovery

route-map mymap permit 10
set interface Tunnel0

ip route 0.0.0.0 0.0.0.0 217.b.b.b.b
ip route 10.0.0.0 255.0.0.0 Null0
ip route 10.r.r.r 255.255.255.0 Tunnel0
ip route 10.s.s.s 255.255.255.0 Tunnel0
ip route 10.t.t.t. 255.255.255.0 Tunnel0

This setup works as long as I don't use dot1q subinterfaces. With subinterfaces it only works if I use a vrf.

Can this be done without using vrfs?

paul driver · ‎12-06-2018

Hello

@RemRem wrote:

Greetings,

So, I have traffic from the LAN side:
interface GigabitEthernet0/0/1.10
encapsulation dot1Q 10
ip dhcp relay information trusted
ip address 10.x.x.x 255.255.255.192
ip helper-address 10.y.y.y
ip policy route-map mymap

that needs to be routed into this tunnel:

interface Tunnel0
ip unnumbered GigabitEthernet0/0/1
ip tcp adjust-mss 1332
tunnel source GigabitEthernet0/0/0
tunnel mode ipip
tunnel destination 81.a.a.a

tunnel path-mtu-discovery

route-map mymap permit 10
set interface Tunnel0

ip route 0.0.0.0 0.0.0.0 217.b.b.b.b
ip route 10.0.0.0 255.0.0.0 Null0
ip route 10.r.r.r 255.255.255.0 Tunnel0
ip route 10.s.s.s 255.255.255.0 Tunnel0
ip route 10.t.t.t. 255.255.255.0 Tunnel0

This setup works as long as I don't use dot1q subinterfaces. With subinterfaces it only works if I use a vrf.

Can this be done without using vrfs?

Route-map mymap permit 10

No set interface tunnel 0

set is next-hop 8.a..a.a

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

RemRem · ‎12-06-2018

I tried the route-map with set ip next-hop instead of set interface but I still can't reach the 10. nets at the other end of the tunnel.

paul driver · ‎12-06-2018

Hello

Why do you have a null static for that subnet?

Remove the policy-route from the interface and also the null route, test again..

no ip route 10.0.0.0 255.0.0.0 Null0
interface GigabitEthernet0/0/1.10
no ip policy route-map mymap

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

RemRem · ‎12-06-2018

The Null route drops all traffic to the 10.0.0.0/8 net that is not routed to the specified nets from the other static routes.

I removed it but it made no difference. Same for removing the route-map from the interface GigabitEthernet0/0/1.10.

paul driver · ‎12-06-2018

Hello

Do you have reachability over the tunnel - can you ping the tunnel destination

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul