[c-nsp] GRE Tunnels and vrfs
Gert Doering
gert at greenie.muc.de
Sat Sep 11 07:04:54 EDT 2004
Hi,
On Sat, Sep 11, 2004 at 09:33:29AM +0300, Mihai CHELARU wrote:
> I wanted to setup some tunnels and put them into a vrf. Configuration
> looks like this:
>
>
> int tun0
> tunnel source 192.168.0.1
> tunnel destination 192.168.2.1
> ip vrf forwarding test
> ip add 10.0.0.1 255.255.255.252
>
> This is on a 2611XM.
> Now, the problem is that this setup is not working but in certain
> conditions I'll describe latter.
>
> Question 1: do tunnel src and dst need to belong to the test vrf ?
No. (Of course not - this is usually done to connect VRF islands
over non-MPLS networks)
> Question 2: Why is this setup working after I disable CEF ?
How exactly is this "not working" with CEF?
There are lots of funny bugs in GRE tunneling with CEF regarding TTL
decrementation (TTL not being decrement -> router not visible in
traceroute, and worse, if you have a loop, the packet will loop forever,
burning CPU like mad).
> Question 3: How can I solve it without 'tunnel vrf' that exists in only
> in 12.3T ?
What you have should work fine.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert at greenie.muc.de
fax: +49-89-35655025 gert at net.informatik.tu-muenchen.de
More information about the cisco-nsp
mailing list