06-18-2014 10:30 AM - edited 03-07-2019 07:46 PM
Dear Sirs!
I use 3925 for tunnel. This tunnel going through cisco ASA and terminate on other Cisco ASA and then Cisco 3925. (I use Cisco 3925 only for non encrypted tunnel - for EIGRP and data, and use Cisco ASA for encrypt this tunnel)
I need speed about 100Mbps.
I can use next way:
int Po1.17
ip address 10.255.0.33 255.255.255.252
int tunnel 0
tunnel source 10.255.0.33
Or next:
int loopback 0
ip address 10.255.0.33 255.255.255.252
int tunnel 0
tunnel source 10.255.0.33
What way more faster and lower CPU load?
Thanks!
Solved! Go to Solution.
06-18-2014 11:42 AM
The tunnel source from differnet interface doesnt make any difference in terms of CPU load or fast convergence per my knowledge.
If you have 2 differnet egress interfaces to reach remote tunnel destination, it is advisable to use loopback as source. The tunnel will stay up as long as the tunnel destination is reachable via any interface.
But by specifying one of the physical interface as source, the tunnel may go down if the physical interface (from which the source is derived) goes down even if the tunnel destination is reachable via other interfaces.
-Nagendra
06-18-2014 11:42 AM
The tunnel source from differnet interface doesnt make any difference in terms of CPU load or fast convergence per my knowledge.
If you have 2 differnet egress interfaces to reach remote tunnel destination, it is advisable to use loopback as source. The tunnel will stay up as long as the tunnel destination is reachable via any interface.
But by specifying one of the physical interface as source, the tunnel may go down if the physical interface (from which the source is derived) goes down even if the tunnel destination is reachable via other interfaces.
-Nagendra
06-19-2014 03:49 AM
Thanks!
I will use Loopback.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide