08-11-2019 02:35 AM
- My objective is to use loopback interfaces as the tunnel interface. But, when attempting to bind the loopback, I get the above error. Screenshot attached.
--
- I'm trying this out in our lab staging environment with a CSR1000v image and vManage release 19.1. The real deployment will comprise of ISR4000s.
- Here's the documentation I'm following (Section: "Exchange Data Traffic between Two Private WANs"):
- However, when i enter the 'bind' command under the 'tunnel-interface', I get the error - "The bind interface GigabitEthernet3 must be a valid physical interface".
- The link below indicates that this command will work only on vEdge routers:
- If that's the case, what's the corresponding command for a cEdge? How can I use loopback interfaces as tunnel interfaces for a cEdge?
Thanks in advance.
Regards,
Abhijit Anand
Solved! Go to Solution.
08-16-2019 11:01 AM - edited 08-16-2019 11:05 AM
loopback TLOC interface is supported from 16.12 release. ( Please check release notes https://www.cisco.com/c/en/us/td/docs/routers/sdwan/release/notes/xe-16-12/ios-xe-sd-wan-re-notes-16-12.html#id_117628 )
08-11-2019 03:13 AM
Also facing the same issue while designing a SD-WAN solution for the Data Center and Branch Sites having Cisco ISR with SD-WAN images and On-Prem Controllers at , where all my remote/branch sites are going to be on SD-WAN. The controllers to be hosted inside the DC.
How do I extend the VPN0 to the DC Core?
The ISRs will not allow me to bind the Loopback to the physical interfaces.
Do I have to position the controllers (vBond, vManage, vSmart) at the WAN side of the routers?
Regards
Sanaullah Khan
08-16-2019 08:46 AM
I'm having the exact same issue with the CSR1000v. It works with the vEdge cloud but since I'm doing a PoC for an ISR environment the customer isn't so happy
08-16-2019 11:01 AM - edited 08-16-2019 11:05 AM
loopback TLOC interface is supported from 16.12 release. ( Please check release notes https://www.cisco.com/c/en/us/td/docs/routers/sdwan/release/notes/xe-16-12/ios-xe-sd-wan-re-notes-16-12.html#id_117628 )
08-16-2019 01:32 PM
Nice, will give that a test drive. Conveniently that software was released on CCO today.
08-26-2019 01:45 AM
Thank you. The upgrade resolved the issue.
02-25-2020 04:35 AM
@Sana.cisco wrote:Also facing the same issue while designing a SD-WAN solution for the Data Center and Branch Sites having Cisco ISR with SD-WAN images and On-Prem Controllers at , where all my remote/branch sites are going to be on SD-WAN. The controllers to be hosted inside the DC.
How do I extend the VPN0 to the DC Core?
The ISRs will not allow me to bind the Loopback to the physical interfaces.
Do I have to position the controllers (vBond, vManage, vSmart) at the WAN side of the routers?
Regards
Sanaullah Khan
I have the same deployment, and have the same question "Do I have to position the controllers (vBond, vManage, vSmart) at the WAN side of the routers?"
Because currently the controllers are behind the DC sd-wan router. Diagram: controller -> sdwan router -> leased line -> branch sdwan router
02-25-2020 07:32 AM
Think you have a few options.
You can use multiple interfaces or subinterfaces to extend 0 towards the DC core along with the other VPNs.
Been awhile since I messed with this, but believe you could also position VPN 512 at your DC SDWAN router towards the controllers and tune max control connections on the tunnel interface towards the leased line to 0.
IMHO I prefer the second option but you'll need to do the research to see if its viable.
02-25-2020 07:44 PM
Hello @garrettc134 ,
I'm trying to do the lab and made tloc extension from WAN to DC on a subnterface or interface but no luck establishing control connections. The branch offices do work with the TLOC Extension but the CSR-SDWAN in DC doesn't work. I have connectivity and all to the controllers facing the DC. My topology is this one:
Controllers-->Core-->CSR-SDwaN(Wan control connection enabled)-->Private1 Transport-->ISP-->Branch.
I cann't make or extend VPN0 to DC.
Do you have any suggestions?
Best regards,
02-25-2020 04:19 PM
Hello @Sana.cisco,
Did you figure out how to extend the vpn0 to DC. I'm trying to make a lab using CE Replacement at the DC (see image attached). But cann't find the solution anywhere.
Thanks in advanced,
Best regards,
@Sana.cisco wrote:Also facing the same issue while designing a SD-WAN solution for the Data Center and Branch Sites having Cisco ISR with SD-WAN images and On-Prem Controllers at , where all my remote/branch sites are going to be on SD-WAN. The controllers to be hosted inside the DC.
How do I extend the VPN0 to the DC Core?
The ISRs will not allow me to bind the Loopback to the physical interfaces.
Do I have to position the controllers (vBond, vManage, vSmart) at the WAN side of the routers?
Regards
Sanaullah Khan
@Sana.cisco wrote:Also facing the same issue while designing a SD-WAN solution for the Data Center and Branch Sites having Cisco ISR with SD-WAN images and On-Prem Controllers at , where all my remote/branch sites are going to be on SD-WAN. The controllers to be hosted inside the DC.
How do I extend the VPN0 to the DC Core?
The ISRs will not allow me to bind the Loopback to the physical interfaces.
Do I have to position the controllers (vBond, vManage, vSmart) at the WAN side of the routers?
Regards
Sanaullah Khan
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide