Cisco Community
English
Register
COMMUNITY HELPING COMMUNITY - With your Community actions and contributions, we will donate up to $10,000 to UNICEF by end of January- PARTICIPATE
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Choose one of the topics below for SD-WAN Resources to help you on your journey with SD-WAN

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC!
We will not comment or assist with your TAC case in these forums.

1356
Views
20
Helpful
5
Replies
Highlighted
Harish Balakrishnan
Enthusiast
Enthusiast
‎07-29-2019 07:33 AM
‎07-29-2019 07:33 AM

SDWAN transport interface with sub interface

Hello Experts,

 

Has anyone experienced a problem with ISR 4K when the transport interface is a sub interface ?.. I have my transport interface to be configured as sub interface and I understand that I have to reduce the MTU by 4 byte. When I do the initial configuration, I set the tunnel and set the physical interface under the tunnel but it does not allow me to commit and giving me an error saying the interface mtu has to be reduced under vpn 0, but at that stage there is no vpn 0 configuration in the command line .. Has someone come across the same ?

 

Thanks in advance

Harish

Labels:
0 Helpful
Reply
1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Harish Balakrishnan
Enthusiast
Enthusiast
In response to daniel.dib
‎08-22-2019 11:37 PM
‎08-22-2019 11:37 PM

Thanks Daniel

 

The issue turned out to be a missing encapsulation (vlan tag)  on the sub interface which is not required on the vpn 0 as per the documentation as it inherits from sub interface number, but  that was not the case in the ISR

 

So in  nutshell, if the sub interface has an mtu value  4 byte less  than the physical  and an encapsulation should be good.

 

thanks

Harish

View solution in original post

0 Helpful
Reply
5 REPLIES 5
Highlighted
Srikanth Reddy Navuluri
Beginner
Beginner
‎08-02-2019 05:26 AM
‎08-02-2019 05:26 AM

Increase the MTU on parent interface and check once.

 

 

Reply
Highlighted
HashamM
Cisco Employee
Cisco Employee
‎08-02-2019 06:41 AM
‎08-02-2019 06:41 AM

use 'ip mtu <mtu>' command on ISR to set the MTU.

Reply
Highlighted
daniel.dib
Rising star
Rising star
‎08-22-2019 10:49 PM
‎08-22-2019 10:49 PM

When using subinterfaces, the physical interface must be configured in VPN 0. The subinterfaces can then be configured in the service VPNs. I normally set the physical interface to be MTU 1504 bytes so that the subinterfaces can use 1500 bytes.

Daniel Dib
CCIE #37149
CCDE #20160011

Please rate helpful posts.
Reply
Highlighted
Harish Balakrishnan
Enthusiast
Enthusiast
In response to daniel.dib
‎08-22-2019 11:37 PM
‎08-22-2019 11:37 PM

Thanks Daniel

 

The issue turned out to be a missing encapsulation (vlan tag)  on the sub interface which is not required on the vpn 0 as per the documentation as it inherits from sub interface number, but  that was not the case in the ISR

 

So in  nutshell, if the sub interface has an mtu value  4 byte less  than the physical  and an encapsulation should be good.

 

thanks

Harish

View solution in original post

0 Helpful
Reply
Highlighted
mahesh11288
Beginner
Beginner
In response to daniel.dib
‎10-13-2020 01:52 AM
‎10-13-2020 01:52 AM

Hi Daniel, Is there any specific reason, to configure physical interface in VPN0 & sub interface in service VPN only?

Why cant the physical interface also be an part of service VPN? I didn't understood logic here.

0 Helpful
Reply
Latest Contents
Use Serviceability Features to Troubleshoot your Cat9K as a ...
Created by Cisco Moderador on 12-02-2020 06:34 AM
0
0
0
0
(view in My Videos) “Use Serviceability Features to Troubleshoot your Cat9K as a Cisco TAC Engineer” This event took place on Tuesday 1st, December 2020 at 10hrs PDT  This event provides an introduction to the main Cat9K serviceability features. Serv... view more
Use Serviceability Features to Troubleshoot your Cat9K as a ...
Created by Cisco Moderador on 12-02-2020 06:23 AM
0
5
0
5
“Use Serviceability Features to Troubleshoot your Cat9K as a Cisco TAC Engineer” This event had place on Tuesday 1st, December 2020 at 10hrs PDT  Introduction This event provides an introduction to the main Cat9K serviceability features. Serviceabil... view more
Customer Connection Briefing - Catalyst Cellular Gateway Dee...
Created by Kelsy Tibshraeny on 11-30-2020 01:08 PM
0
0
0
0
This is a new product launch - Catalyst 8000 Edge Platforms Family Overview. We will go over the series Catalyst Cellular Gateway in great detail. Speaker: David Roten, Technical Marketing Engineer at Cisco David is a Technical Marketing Engineer for... view more
vManage Not Reachable
Created by gilbert.aispuro1 on 11-30-2020 09:56 AM
1
0
1
0
Has anyone else ran into this prompt when trying to access your Cisco-hosted vManage? upstream connect error or disconnect/reset before headers. reset reason: connection failure 
SD-WAN Community Resources
Created by David Klebanov on 11-30-2020 09:00 AM
7
95
7
95
SD-WAN Trainings Releases Licensing Design & Migration Deployment Operate   Share the SD-WAN Community Resource page! http://cs.co/sdwan-resources Share the SD-WAN Community Discussion Board page! http://cs.co/sdwan-commu... view more
Content for Community-Ad
Cisco Community October 2020 Spotlight Award Winners

Follow our Social Media Channels