cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1568
Views
7
Helpful
17
Replies

Tunnel status up but protocol down

ss571
Level 1
Level 1

Here is my topology in gns3: 

Screenshot 2024-01-19 010930.png I plan to form a tunnel between R3 and R4, and the loopback and tunnel interface is as shown next to the routers. I've set the tunnel source and destination for both routers with the loopback interfaces, and all physical and loopback interfaces are up for R1-4. The MTU value for both routers is the same too. But when I checked the "sh ip int br" for R3 and R4, the tunnel interface status is up, but protocol is down. May I know why is this occurring?

Screenshot 2024-01-19 011823.png

Below are the sh ip int br for R3 and R4:

Screenshot 2024-01-19 013533.png

Screenshot 2024-01-19 013520.png

  

1 Accepted Solution

Accepted Solutions

As I guess 
never use same IGP for both tunnel and it is tunnel source 
here you use OSPF 1 for tunnel and for tunnel source (looback which is no correct add to OSPF)
so what you need is 
A-interface loopback 

ip ospf network point-to-point

<<- you need to add this in both router 
B-router ospf 1  <<- you need to add this in both router 

net <LO IP> area 0

C-router ospf 10 <<- you need to add this in both router 

net <tunnel IP> area 0

why need two separate OSPF ? 
https://study-ccnp.com/gre-tunnels-recursive-routing-problems/

MHM

View solution in original post

17 Replies 17

you need to be sure that the LO is reachable otherwise the tunnel is DOWN 
MHM

LO meaning the loopback int? I apologize for my lack of knowledge as I'm new to this field

Yes correct LO is loopback 
show route in both routers 
check if you see LO of other router 
MHM

ss571_0-1705599682894.png

No i don't see the LO for R4 in show route in R4

 

Hello @ss571 

 

Add static route on R3 R1 R2 and R4 in order to route Loopback interfaces. You should be able to ping Loopack on each routers R3 and R4.

@MHM Cisco World give you the rigth answer.

 

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

ss571
Level 1
Level 1

Also is it a need to add in the static routes in R3 and R4 for the tunnel to work?

you need static route only for LO to make reachable 
when it reachable the Tunnel will be UP/UP and appear in both routers as connect 
MHM

ss571
Level 1
Level 1

Btw In R1 and R2 there is ospf configured as well, do i add the networks in the ospf or add in the addresses as the neighbours? 

 

can I see the config of R1 and R2
thanks 
MHM

ss571
Level 1
Level 1

Yeah sure, here they are:

R1

upgrade fpd auto
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
no ip icmp rate-limit unreachable
!
!
!
!
!
!
no ip domain lookup
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
redundancy
!
!
ip tcp synwait-time 5
!
!
!
!
!
!
!
!
!
!
interface Port-channel1
 ip address 148.90.255.33 255.255.255.252
 ip ospf authentication message-digest
 ip ospf message-digest-key 1 md5 key
 hold-queue 150 in
!
interface FastEthernet0/0
 ip address 148.90.255.37 255.255.255.252
 ip ospf authentication message-digest
 ip ospf message-digest-key 1 md5 key
 duplex half
!
interface GigabitEthernet1/0
 ip address 148.90.255.14 255.255.255.252
 ip ospf authentication message-digest
 ip ospf message-digest-key 1 md5 key
 ip ospf cost 10
 negotiation auto
!
interface GigabitEthernet2/0
 ip address 148.90.255.2 255.255.255.252
 ip ospf authentication message-digest
 ip ospf message-digest-key 1 md5 key
 negotiation auto
!
interface GigabitEthernet3/0
 ip address 148.90.255.17 255.255.255.252
 ip ospf authentication message-digest
 ip ospf message-digest-key 1 md5 key
 negotiation auto
!
interface GigabitEthernet4/0
 ip address 148.90.255.25 255.255.255.252
 ip ospf authentication message-digest
 ip ospf message-digest-key 1 md5 key
 ip ospf cost 10
 negotiation auto
!
interface GigabitEthernet5/0
 no ip address
 negotiation auto
 channel-group 1
!
interface GigabitEthernet6/0
 no ip address
 negotiation auto
 channel-group 1
!
router ospf 1
 network 148.90.252.0 0.0.0.255 area 20
 network 148.90.253.0 0.0.0.255 area 20
 network 148.90.254.0 0.0.0.255 area 20
 network 148.90.255.0 0.0.0.3 area 0
 network 148.90.255.12 0.0.0.3 area 0
 network 148.90.255.16 0.0.0.3 area 0
 network 148.90.255.24 0.0.0.3 area 0
 network 148.90.255.32 0.0.0.3 area 0
 network 148.90.255.36 0.0.0.3 area 0
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
!
no cdp log mismatch duplex
!
!
!
control-plane
!
!
!
mgcp profile default
!
!
!
gatekeeper
 shutdown
!
!
line con 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
 stopbits 1
line aux 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
 stopbits 1
line vty 0 4
 login
 transport input all
!
!
end

Here is R2:

upgrade fpd auto
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R2
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
no ip icmp rate-limit unreachable
!
!
!
!
!
!
no ip domain lookup
ip cef
ipv6 unicast-routing
ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
redundancy
!
!
ip tcp synwait-time 5
!
!
!
!
!
!
!
!
!
!
interface Port-channel1
 ip address 148.90.255.34 255.255.255.252
 ip ospf authentication message-digest
 ip ospf message-digest-key 1 md5 key
 ip ospf cost 10
 ipv6 address 2001:148:90:2::16/127
 ipv6 ospf 1 area 0
 hold-queue 150 in
!
interface FastEthernet0/0
 ip address 148.90.255.41 255.255.255.252
 ip ospf authentication message-digest
 ip ospf message-digest-key 1 md5 key
 duplex half
!
interface GigabitEthernet1/0
 ip address 148.90.255.10 255.255.255.252
 ip ospf authentication message-digest
 ip ospf message-digest-key 1 md5 key
 ip ospf cost 10
 negotiation auto
 ipv6 address 2001:148:90:2::5/127
 ipv6 ospf 1 area 0
!
interface GigabitEthernet2/0
 ip address 148.90.255.6 255.255.255.252
 ip ospf authentication message-digest
 ip ospf message-digest-key 1 md5 key
 ip ospf cost 1
 negotiation auto
 ipv6 address 2001:148:90:2::3/127
 ipv6 ospf 1 area 0
!
interface GigabitEthernet3/0
 ip address 148.90.255.21 255.255.255.252
 ip ospf authentication message-digest
 ip ospf message-digest-key 1 md5 key
 ip ospf cost 1
 negotiation auto
 ipv6 address 2001:148:90:2::13/127
 ipv6 ospf 1 area 0
!
interface GigabitEthernet4/0
 ip address 148.90.255.29 255.255.255.252
 ip ospf authentication message-digest
 ip ospf message-digest-key 1 md5 key
 ip ospf cost 10
 negotiation auto
 ipv6 address 2001:148:90:2::11/127
 ipv6 ospf 1 area 0
!
interface GigabitEthernet5/0
 no ip address
 negotiation auto
 channel-group 1
!
interface GigabitEthernet6/0
 no ip address
 negotiation auto
 channel-group 1
!
router ospf 1
 area 0 authentication
 network 148.90.255.4 0.0.0.3 area 0
 network 148.90.255.8 0.0.0.3 area 0
 network 148.90.255.20 0.0.0.3 area 0
 network 148.90.255.28 0.0.0.3 area 0
 network 148.90.255.32 0.0.0.3 area 0
 network 148.90.255.40 0.0.0.3 area 0
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
!
no cdp log mismatch duplex
ipv6 router ospf 1
!
!
!
!
control-plane
!
!
!
mgcp profile default
!
!
!
gatekeeper
 shutdown
!
!
line con 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
 stopbits 1
line aux 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
 stopbits 1
line vty 0 4
 login
 transport input all
!
!
end

Btw now R3 tunnel protocol is up, but R4 protocol is still down 

 

I need to see also R3 and R4 config 
thanks 
MHM

ss571
Level 1
Level 1

Alright, here is R3:

upgrade fpd auto
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R3
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
no ip icmp rate-limit unreachable
!
!
!
!
!
!
no ip domain lookup
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
redundancy
!
!
ip tcp synwait-time 5
!
!
!
!
!
!
!
!
!
!
interface Loopback0
 ip address 148.90.255.253 255.255.255.252
!
interface Tunnel0
 no ip address
!
interface Tunnel1
 ip address 192.168.0.1 255.255.255.252
 ip mtu 1400
 tunnel source 148.90.255.253
 tunnel destination 148.90.255.254
!
interface FastEthernet0/0
 ip address 148.90.255.38 255.255.255.252
 ip ospf authentication message-digest
 ip ospf message-digest-key 1 md5 key
 duplex half
!
interface GigabitEthernet1/0
 ip address 148.91.0.1 255.255.255.252
 negotiation auto
!
interface GigabitEthernet2/0
 no ip address
 shutdown
 negotiation auto
!
interface GigabitEthernet3/0
 no ip address
 shutdown
 negotiation auto
!
interface GigabitEthernet4/0
 no ip address
 shutdown
 negotiation auto
!
interface GigabitEthernet5/0
 no ip address
 shutdown
 negotiation auto
!
interface GigabitEthernet6/0
 no ip address
 shutdown
 negotiation auto
!
router ospf 1
 network 148.90.255.36 0.0.0.3 area 0
 network 148.90.255.252 0.0.0.3 area 0
 network 192.168.0.0 0.0.0.3 area 0
 default-information originate
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
!
no cdp log mismatch duplex
!
!
!
control-plane
!
!
!
mgcp profile default
!
!
!
gatekeeper
 shutdown
!
!
line con 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
 stopbits 1
line aux 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
 stopbits 1
line vty 0 4
 login
 transport input all
!
!
end
Review Cisco Networking for a $25 gift card