Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
570
Views
0
Helpful
3
Replies

Issue with BGP peering over VTI tunnel when tunnel source is physical interface IP and destination is loopback

Go to solution
ericbkchng
Level 1
Level 1

‎03-14-2016 11:23 AM - edited ‎03-08-2019 04:57 AM

Hi!

I've been experimenting with implementing a BGP-Tunnel-BGP setup in GNS3.

In a nutshell:

- a HQ site and a remote site, each peered to the ISP using BGP

- a VTI tunnel between the HQ and remote site

- BGP peering between the HQ and remote site via the tunnel

I've tried to simulate the setup in GNS3; however, I had an interesting discovery:

- When both tunnels are using loopback IPs for tunnel source and destination, BGP peering between the HQ and remote site is successful

- However, when the HQ site is using its WAN physical IP for the tunnel source and loopback IP of the remote site for the tunnel destination, BGP peering isn't successful

I'm still trying to figure out the cause of the above, but would greatly appreciate it if someone could give me some hints on what could be the issue with using an actual interface's IP for the tunnel source and loopback IP for the tunnel destination; it seems that using exclusively loopback addresses OR physical interface addresses for BOTH tunnel source and destination works just fine. However mixing them up just seems to break BGP peering.

Thanks so much for your time in reading this!

I've attached the GNS3 topology in case anyone would like to give it a spin :)

Labels:
topology_0.zip
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Richard Burts
Hall of Fame
Hall of Fame

‎03-14-2016 01:30 PM

I do not have GNS3 so I can not read your file. But my first guess about the issue is that the loopback interfaces are probably advertised in BGP through the ISP. So a ping from loopback to loopback works and that demonstrates the IP connectivity that must exist for the tunnel to work. But my guess is that the physical interfaces may not be advertised in BGP through the ISP. So a ping from physical interface to physical interface would not work. And that lack of IP connectivity will prevent the tunnel from working. A good check on that would be show ip bgp <remote_physical_address> and see if the address is in the BGP table.

HTH

Rick

HTH

Rick

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Richard Burts
Hall of Fame
Hall of Fame

‎03-14-2016 01:30 PM

I do not have GNS3 so I can not read your file. But my first guess about the issue is that the loopback interfaces are probably advertised in BGP through the ISP. So a ping from loopback to loopback works and that demonstrates the IP connectivity that must exist for the tunnel to work. But my guess is that the physical interfaces may not be advertised in BGP through the ISP. So a ping from physical interface to physical interface would not work. And that lack of IP connectivity will prevent the tunnel from working. A good check on that would be show ip bgp <remote_physical_address> and see if the address is in the BGP table.

HTH

Rick

HTH

Rick
0 Helpful

Go to solution
ericbkchng
Level 1
Level 1
In response to Richard Burts

‎03-14-2016 11:44 PM

Thanks for your prompt reply, Richard.

There's actually no issue with configuring a physical IP for the tunnel source and loopback for the tunnel destination; I realized a stupid configuration mistake on my part (wrong configuration).

0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to ericbkchng

‎03-16-2016 09:22 AM

You are welcome. I am glad that you got it worked out.

HTH

Rick

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card