Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
516
Views
0
Helpful
6
Replies

vEdge - OSPF over GRE Tunnel

adnankhancisco
Level 1
Level 1

‎06-14-2024 12:01 PM - edited ‎06-14-2024 12:02 PM

Dear Experts,

i am testing sdwan in my lab and trying to configure OSPF over GRE between vEdge-10 and border router. The configuration seems to be correct but they are not forming ospf neighbors. When i run tcpdump on vEdge, its only showing that its sending hello packets

vEdge-10-Cloud# tcpdump vpn 0 interface gre1
tcpdump -p -i gre1 -s 128 in VPN 0
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on gre1, link-type LINUX_SLL (Linux cooked), capture size 128 bytes
18:51:30.982618 IP 172.200.1.2 > 224.0.0.5: OSPFv2, Hello, length 44
18:51:40.983396 IP 172.200.1.2 > 224.0.0.5: OSPFv2, Hello, length 44
18:51:50.984086 IP 172.200.1.2 > 224.0.0.5: OSPFv2, Hello, length 44
18:52:00.984439 IP 172.200.1.2 > 224.0.0.5: OSPFv2, Hello, length 44
18:52:10.984839 IP 172.200.1.2 > 224.0.0.5: OSPFv2, Hello, length 44

But when i run wireshark on ge0/0 inside eve-ng, i can clearly see that this interface is getting hello packets from border_router also (172.200.1.1). Any idea what is wrong here?

Below is the configuration on vedge

 

vpn 0
name "Transport VPN"
router
ospf
router-id 10.10.10.10
timers spf 200 1000 10000
area 1
interface gre1
network point-to-point
exit
exit
!
!
interface ge0/0
ip address 172.16.10.10/24
tunnel-interface
encapsulation ipsec
color mpls
no allow-service bgp
allow-service dhcp
allow-service dns
allow-service icmp
allow-service sshd
allow-service netconf
no allow-service ntp
allow-service ospf
no allow-service stun
allow-service https
!
no shutdown
!
interface gre1
ip address 172.200.1.2/24
tunnel-source-interface ge0/0
tunnel-destination 172.16.10.1
no shutdown
!
ip route 0.0.0.0/0 172.16.10.1
!

 

Labels:
Preview file
80 KB
Preview file
24 KB
0 Helpful
6 Replies 6

Kanan Huseynli
VIP
VIP

‎06-14-2024 12:32 PM

Hi,

share border config as well also do debug ip ospf hello on border

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

0 Helpful

MHM Cisco World
VIP
VIP

‎06-14-2024 12:36 PM - edited ‎06-14-2024 12:55 PM

 

Sorry I was think it between two vedge.

I will check and update you

MHM

0 Helpful

adnankhancisco
Level 1
Level 1
In response to MHM Cisco World

‎06-15-2024 01:22 AM - edited ‎06-15-2024 01:23 AM

Thank you. will wait for your update please.

To check i  enabled ospf on ge0/0 and it formed successful adjacency with Border_Router. So i dont think its eve-ng problem. Somehow its not making adjacency over GRE.

0 Helpful

MHM Cisco World
VIP
VIP
In response to adnankhancisco

‎06-15-2024 02:26 AM

encapsulation ipsec <<- change it to GRE 

MHM

0 Helpful

adnankhancisco
Level 1
Level 1
In response to MHM Cisco World

‎06-15-2024 12:44 PM

Thanks, let me check it in my lab and let you know. But out of curiosity, why this is required on the physical interface? and if i change it to GRE, will it still exchange OMP routes with vSmart?

0 Helpful

MHM Cisco World
VIP
VIP
In response to adnankhancisco

‎06-15-2024 01:16 PM

@adnankhancisco wrote:

Thanks, let me check it in my lab and let you know. But out of curiosity, why this is required on the physical interface? and if i change it to GRE, will it still exchange OMP routes with vSmart?

Omp is exchange over dtls not ipsec nor gre.

But data traffic between vedge exchange via ipsec if you change encapsulate it will make vedge to vedge data traffic stop.

Try use instead of gre ipsec between vedge abd router 

MHM

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card