Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3308
Views
0
Helpful
9
Replies

Error when attempting to use loopback interfaces as the tunnel interface: "The bind interface GigabitEthernet3 must be a valid physical interface"

Go to solution
zindagi
Level 1
Level 1

‎08-11-2019 02:35 AM

- My objective is to use loopback interfaces as the tunnel interface. But, when attempting to bind the loopback, I get the above error. Screenshot attached.

--

- I'm trying this out in our lab staging environment with a CSR1000v image and vManage release 19.1. The real deployment will comprise of ISR4000s.

- Here's the documentation I'm following (Section: "Exchange Data Traffic between Two Private WANs"): 

https://sdwan-docs.cisco.com/Product_Documentation/Software_Features/Release_16.3/02System_and_Interfaces/07Network_Interface_Configuration_Examples

- However, when i enter the 'bind' command under the 'tunnel-interface', I get the error - "The bind interface GigabitEthernet3 must be a valid physical interface".

- The link below indicates that this command will work only on vEdge routers:

https://sdwan-docs.cisco.com/Product_Documentation/Command_Reference/Configuration_Commands/tunnel-interface

 

- If that's the case, what's the corresponding command for a cEdge? How can I use loopback interfaces as tunnel interfaces for a cEdge?

 

Thanks in advance.

 

Regards,

Abhijit Anand

 

 

 

 

1 person had this problem
Preview file
78 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
msuchand
Cisco Employee
Cisco Employee
In response to garrettc134

‎08-16-2019 11:01 AM - edited ‎08-16-2019 11:05 AM

loopback TLOC interface is supported from 16.12 release. ( Please check release notes https://www.cisco.com/c/en/us/td/docs/routers/sdwan/release/notes/xe-16-12/ios-xe-sd-wan-re-notes-16-12.html#id_117628 ) 

View solution in original post

0 Helpful
9 Replies 9

Go to solution
Sana.cisco
Level 1
Level 1

‎08-11-2019 03:13 AM

Also facing the same issue while designing a SD-WAN solution  for the Data Center and Branch Sites having Cisco ISR with SD-WAN images and On-Prem Controllers at , where all my remote/branch sites are going to be on SD-WAN. The controllers to be hosted inside the DC. 

How do I extend the VPN0 to the DC Core? 

The ISRs will not allow me to bind the Loopback to the physical interfaces.

 

Do I have to position the controllers (vBond, vManage, vSmart) at the WAN side of the routers?

 

Regards

Sanaullah Khan

0 Helpful

Go to solution
garrettc134
Level 1
Level 1
In response to Sana.cisco

‎08-16-2019 08:46 AM

I'm having the exact same issue with the CSR1000v. It works with the vEdge cloud but since I'm doing a PoC for an ISR environment the customer isn't so happy

0 Helpful

Go to solution
msuchand
Cisco Employee
Cisco Employee
In response to garrettc134

‎08-16-2019 11:01 AM - edited ‎08-16-2019 11:05 AM

loopback TLOC interface is supported from 16.12 release. ( Please check release notes https://www.cisco.com/c/en/us/td/docs/routers/sdwan/release/notes/xe-16-12/ios-xe-sd-wan-re-notes-16-12.html#id_117628 ) 

0 Helpful

Go to solution
garrettc134
Level 1
Level 1
In response to msuchand

‎08-16-2019 01:32 PM

Nice, will give that a test drive. Conveniently that software was released on CCO today.

0 Helpful

Go to solution
zindagi
Level 1
Level 1
In response to msuchand

‎08-26-2019 01:45 AM

Thank you. The upgrade resolved the issue.

0 Helpful

Go to solution
sdwan_mike
Level 1
Level 1
In response to Sana.cisco

‎02-25-2020 04:35 AM

@Sana.cisco wrote:

Also facing the same issue while designing a SD-WAN solution  for the Data Center and Branch Sites having Cisco ISR with SD-WAN images and On-Prem Controllers at , where all my remote/branch sites are going to be on SD-WAN. The controllers to be hosted inside the DC. 

How do I extend the VPN0 to the DC Core? 

The ISRs will not allow me to bind the Loopback to the physical interfaces.

 

Do I have to position the controllers (vBond, vManage, vSmart) at the WAN side of the routers?

 

Regards

Sanaullah Khan

I have the same deployment, and have the same question "Do I have to position the controllers (vBond, vManage, vSmart) at the WAN side of the routers?"

 

Because currently the controllers are behind the DC sd-wan router. Diagram: controller -> sdwan router -> leased line -> branch sdwan router

 

0 Helpful

Go to solution
garrettc134
Level 1
Level 1
In response to sdwan_mike

‎02-25-2020 07:32 AM

Think you have a few options. 

You can use multiple interfaces or subinterfaces to extend 0 towards the DC core along with the other VPNs.

 

Been awhile since I messed with this, but believe you could also position VPN 512 at your DC SDWAN router towards the controllers and tune max control connections on the tunnel interface towards the leased line to 0.

IMHO I prefer the second option but you'll need to do the research to see if its viable.

0 Helpful

Go to solution
akafatihn
Level 1
Level 1
In response to garrettc134

‎02-25-2020 07:44 PM

Hello @garrettc134 ,

 

I'm trying to do the lab and made tloc extension from WAN to DC on a subnterface or interface but no luck establishing control connections. The branch offices do work with the TLOC Extension but the CSR-SDWAN in DC doesn't work. I have connectivity and all to the controllers facing the DC. My topology is this one:

 

Controllers-->Core-->CSR-SDwaN(Wan control connection enabled)-->Private1 Transport-->ISP-->Branch.

 

I cann't make or extend VPN0 to DC.

 

Do you have any suggestions?

 

Best regards,

0 Helpful

Go to solution
akafatihn
Level 1
Level 1
In response to Sana.cisco

‎02-25-2020 04:19 PM

Hello @Sana.cisco,

 

Did you figure out how to extend the vpn0 to DC. I'm trying to make a lab using CE Replacement at the DC (see image attached). But cann't find the solution anywhere.

 

Thanks in advanced,

 

Best regards,DC_CE_REPLACEMENT_SDWAN.png

@Sana.cisco wrote:

Also facing the same issue while designing a SD-WAN solution  for the Data Center and Branch Sites having Cisco ISR with SD-WAN images and On-Prem Controllers at , where all my remote/branch sites are going to be on SD-WAN. The controllers to be hosted inside the DC. 

How do I extend the VPN0 to the DC Core? 

The ISRs will not allow me to bind the Loopback to the physical interfaces.

 

Do I have to position the controllers (vBond, vManage, vSmart) at the WAN side of the routers?

 

Regards

Sanaullah Khan

@Sana.cisco wrote:

Also facing the same issue while designing a SD-WAN solution  for the Data Center and Branch Sites having Cisco ISR with SD-WAN images and On-Prem Controllers at , where all my remote/branch sites are going to be on SD-WAN. The controllers to be hosted inside the DC. 

How do I extend the VPN0 to the DC Core? 

The ISRs will not allow me to bind the Loopback to the physical interfaces.

 

Do I have to position the controllers (vBond, vManage, vSmart) at the WAN side of the routers?

 

Regards

Sanaullah Khan

 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents