cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
329
Views
0
Helpful
3
Replies
Highlighted
Beginner

Issue with BGP peering over VTI tunnel when tunnel source is physical interface IP and destination is loopback

Hi!

I've been experimenting with implementing a BGP-Tunnel-BGP setup in GNS3.

In a nutshell:

- a HQ site and a remote site, each peered to the ISP using BGP

- a VTI tunnel between the HQ and remote site

- BGP peering between the HQ and remote site via the tunnel

I've tried to simulate the setup in GNS3; however, I had an interesting discovery:

- When both tunnels are using loopback IPs for tunnel source and destination, BGP peering between the HQ and remote site is successful

- However, when the HQ site is using its WAN physical IP for the tunnel source and loopback IP of the remote site for the tunnel destination, BGP peering isn't successful

I'm still trying to figure out the cause of the above, but would greatly appreciate it if someone could give me some hints on what could be the issue with using an actual interface's IP for the tunnel source and loopback IP for the tunnel destination; it seems that using exclusively loopback addresses OR physical interface addresses for BOTH tunnel source and destination works just fine. However mixing them up just seems to break BGP peering.

Thanks so much for your time in reading this!

I've attached the GNS3 topology in case anyone would like to give it a spin :)

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Hall of Fame Guru

I do not have GNS3 so I can

I do not have GNS3 so I can not read your file. But my first guess about the issue is that the loopback interfaces are probably advertised in BGP through the ISP. So a ping from loopback to loopback works and that demonstrates the IP connectivity that must exist for the tunnel to work. But my guess is that the physical interfaces may not be advertised in BGP through the ISP. So a ping from physical interface to physical interface would not work. And that lack of IP connectivity will prevent the tunnel from working. A good check on that would be show ip bgp <remote_physical_address> and see if the address is in the BGP table.

HTH

Rick

HTH

Rick

View solution in original post

3 REPLIES 3
Highlighted
Hall of Fame Guru

I do not have GNS3 so I can

I do not have GNS3 so I can not read your file. But my first guess about the issue is that the loopback interfaces are probably advertised in BGP through the ISP. So a ping from loopback to loopback works and that demonstrates the IP connectivity that must exist for the tunnel to work. But my guess is that the physical interfaces may not be advertised in BGP through the ISP. So a ping from physical interface to physical interface would not work. And that lack of IP connectivity will prevent the tunnel from working. A good check on that would be show ip bgp <remote_physical_address> and see if the address is in the BGP table.

HTH

Rick

HTH

Rick

View solution in original post

Highlighted
Beginner

Thanks for your prompt reply,

Thanks for your prompt reply, Richard.

There's actually no issue with configuring a physical IP for the tunnel source and loopback for the tunnel destination; I realized a stupid configuration mistake on my part (wrong configuration).

Highlighted
Hall of Fame Guru

You are welcome. I am glad

You are welcome. I am glad that you got it worked out.

HTH

Rick

HTH

Rick
Content for Community-Ad