Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
487
Views
6
Helpful
6
Replies

tunnel interface not on edge router

bbb bbb
Level 1
Level 1

‎08-12-2024 02:27 AM

Dear Everyone,

Would like to know if its possible to establish a tunnel interface between R1 and R2 through below diagram. 
Tunnel interface not using the CE router.
And if there is a relevant material that I can look so I can test it on a lab.

bbbbbb_0-1723454764677.png

Thank you and best regards,

0 Helpful
6 Replies 6

MHM Cisco World
VIP
VIP

‎08-12-2024 02:32 AM

Sure you can 

Tunnel have inner and outer IP head

If R1 and R2 can ping to each other you can use gre tunnel between both routers

MHM

Giuseppe Larosa
Hall of Fame
Hall of Fame

‎08-12-2024 02:39 AM

Hello @bbb bbb ,

tunnel endpoints aka external IP addresses need to be advertised over the PE-CE links so that end to end IP connectivity is possible.

If this condition is satisfied you should be able to use a GRE p2p tunnel between R1 and R2 as described in your network diagram.

To test it you can use test loopbacks on R1 and R2 and static routes using the tunnels. The test loopbacks are not advertised to CEx nodes in any way.

Hope to help

Giuseppe

 

M02@rt37
VIP
VIP

‎08-12-2024 03:17 AM

Hello @bbb bbb 

Advertise the tunnel interface in your routing protocol. Since the ends tunnel are reachable each other, tunnel will be UP. Based on your requirements, select a suitable protocol (GRE, IPsec, etc.).

 

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

Joseph W. Doherty
Hall of Fame
Hall of Fame

‎08-12-2024 03:49 AM

It depends on whether R1 and R2 can ping each other.  Can they?

bbb bbb
Level 1
Level 1

‎08-12-2024 10:00 PM

Dears,

I was thinking the possibility of establishing the tunnel between R1 and R2 without having the tunnel over PE-CE. : ]
Thank you very much for all your advice and have a good day.

Best regards

Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to bbb bbb

‎08-13-2024 03:24 AM

It's possible, but tunnel end points need to be reachable to each other.

@Giuseppe Larosa mentions end point addresses need to be advertised across PE-CE links, and he is correct.  Since your diagram shows PEs belong to an ISP, and if the Internet is involved, the R1 and R2 tunnel end point addresses would need to be public IPs.  The tunnel interface addresses could be private IPs.

The tunnel is defined on and between R1 and R2, but the encapsulated packets, of course, transit the CEs and PEs.

Assuming R1 and R2 don't have public interface IPs, then you need NAT wherever your private/public demarcation is.  I.e. tunnel doesn't need to be defined on CEs or PEs.

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card