[c-nsp] mGRE with VRF-Lite
Shine Joseph
shinejoseph at dodo.com.au
Tue Oct 13 15:46:47 EDT 2009
----- Original Message -----
From: Brad Holding
To: Shine Joseph
Sent: Tuesday, October 13, 2009 9:33 AM
Subject: Re: [c-nsp] mGRE with VRF-Lite
So when you added the 'ip nhrp map multicast 172.16.123.xxx' under the tunnel the EIGRP neighbours would just flap?
On Tue, Oct 13, 2009 at 4:55 AM, Shine Joseph <shinejoseph at dodo.com.au> wrote:
Hi,
Thanks for your responses and pointers. the vrf names in the tunnel and routing process is just an editing error.
I can't get the multicasting working for the mGRE, it works well for the p2p GRE. When multicasting is used for EIGRP, the neibghors come up, but flaps and no routes are being exchanged. The Q counter is not zero.
The only way, I got the mGRE worked is using neighbor statements in the routing process. See below my working config for two VRFs.
Let me know if you have any further thoughts on this.
Thanks
Shine
------------------------------------------------------------
Router 1
=========
ip vrf data
rd 100:110
!
ip vrf voice
rd 100:111
!
interface Tunnel110
ip vrf forwarding data
ip address 10.40.60.1 255.255.255.0
no ip redirects
ip nhrp map 10.40.60.2 172.16.123.2
ip nhrp map 10.40.60.3 172.16.123.3
ip nhrp network-id 110
tunnel source GigabitEthernet0/1
tunnel mode gre multipoint
tunnel key 110
!
interface Tunnel111
ip vrf forwarding voice
ip address 10.40.61.1 255.255.255.0
no ip redirects
ip nhrp map 10.40.61.2 172.16.123.2
ip nhrp map 10.40.61.3 172.16.123.3
ip nhrp network-id 111
tunnel source GigabitEthernet0/1
tunnel mode gre multipoint
tunnel key 111
!
router eigrp 100
no auto-summary
!
address-family ipv4 vrf voice
network 10.40.61.1 0.0.0.0
no auto-summary
autonomous-system 100
neighbor 10.40.61.2 Tunnel111
neighbor 10.40.61.3 Tunnel111
exit-address-family
!
address-family ipv4 vrf data
network 1.1.1.1 0.0.0.0
network 10.40.60.1 0.0.0.0
no auto-summary
autonomous-system 100
neighbor 10.40.60.3 Tunnel110
neighbor 10.40.60.2 Tunnel110
exit-address-family
!
Router 2
=========
ip vrf data
rd 100:110
!
ip vrf voice
rd 100:111
!
interface Tunnel110
ip vrf forwarding data
ip address 10.40.60.2 255.255.255.0
no ip redirects
ip nhrp map 10.40.60.1 172.16.123.1
ip nhrp network-id 110
tunnel source GigabitEthernet0/1
tunnel mode gre multipoint
tunnel key 110
!
interface Tunnel111
ip vrf forwarding voice
ip address 10.40.61.2 255.255.255.0
no ip redirects
ip nhrp map 10.40.61.1 172.16.123.1
ip nhrp network-id 111
tunnel source GigabitEthernet0/1
tunnel mode gre multipoint
tunnel key 111
!
router eigrp 100
no auto-summary
!
address-family ipv4 vrf voice
network 2.2.2.2 0.0.0.0
network 10.40.61.2 0.0.0.0
no auto-summary
autonomous-system 100
neighbor 10.40.61.1 Tunnel111
exit-address-family
!
address-family ipv4 vrf data
network 10.40.60.2 0.0.0.0
no auto-summary
autonomous-system 100
neighbor 10.40.60.1 Tunnel110
exit-address-family
Router 3
=========
ip vrf data
rd 100:110
!
ip vrf voice
rd 100:111
!
interface Tunnel110
ip vrf forwarding data
ip address 10.40.60.3 255.255.255.0
no ip redirects
ip nhrp map 10.40.60.1 172.16.123.1
ip nhrp network-id 110
ip nhrp cache non-authoritative
tunnel source GigabitEthernet0/1
tunnel mode gre multipoint
tunnel key 110
!
interface Tunnel111
ip vrf forwarding voice
ip address 10.40.61.3 255.255.255.0
no ip redirects
ip nhrp map 10.40.61.1 172.16.123.1
ip nhrp network-id 111
ip nhrp cache non-authoritative
tunnel source GigabitEthernet0/1
tunnel mode gre multipoint
tunnel key 111
!
router eigrp 100
no auto-summary
!
address-family ipv4 vrf voice
network 10.40.61.3 0.0.0.0
no auto-summary
autonomous-system 100
neighbor 10.40.61.1 Tunnel111
exit-address-family
!
address-family ipv4 vrf data
network 10.40.60.3 0.0.0.0
no auto-summary
autonomous-system 100
neighbor 10.40.60.1 Tunnel110
exit-address-family
!
----- Original Message -----
From: Brad Holding
To: shinejoseph at dodo.com.au
Sent: Monday, October 12, 2009 1:19 PM
Subject: Fwd: [c-nsp] mGRE with VRF-Lite
Also, the VRF names under the interfaces and the routing processes are not the same. ie.
interface Tunnel110
ip vrf forwarding Data
router eigrp 100
no auto-summary
!
address-family ipv4 vrf Gorgon_Data
Because you don't appear to have a NHRP hub, dynamic multicast mapping may not work. If it isn't, try mapping multicast traffic to each neighbour:
ip nhrp map multicast 172.16.123.xxx
On Mon, Oct 12, 2009 at 1:10 PM, Brad Holding <braddles at gmail.com> wrote:
Hey Mate,
You need to map multicast traffic dynamically under NHRP on the tunnel interface:
ip nhrp map multicast dynamic
This will allow the EIGRP hello's to be tunneled to the endpoints and the neighbour relationships will then establish.
Brad
On Mon, Oct 12, 2009 at 3:20 AM, Shine Joseph <shinejoseph at dodo.com.au> wrote:
Hi,
I am working on a solution to run mGRE for VRF-Lite. This is my situation:
there are 5 sites currently connected by MPLS IPWAn provided by ISP. I want to run VRF-Lite throughout the network for path isolation between various VLANs. VRF-Lite works great within the site (Vrf-Lite end-to-end is being deployed). In order for to cross the IPWAN, mutipoint-GRE tunnels are being looked at. tunnels are getting created, but when advertised in the VRF routing process, neighbor is not being esablished. If I use the potint to point tunnel, neighbor relationship is estanblished, working as expected. The issue will be I need to create over 50 tunnels to achieve the expected results.
Can someone help me, if the mGRE with VRF-Lite is a feasible solution?
Thanks in advance
Shine
----------------------------
Following is a snippet of my configuration:
Router 1
========
interface Tunnel110
ip vrf forwarding Data
ip address 10.40.61.1 255.255.255.224
no ip redirects
ip nhrp map 10.40.61.2 172.16.123.2
ip nhrp map 10.40.61.3 172.16.123.3
ip nhrp network-id 110
ip nhrp cache non-authoritative
tunnel source GigabitEthernet0/1
tunnel mode gre multipoint
tunnel key 110
router eigrp 100
no auto-summary
!
address-family ipv4 vrf Gorgon_Data
network 10.40.61.1 0.0.0.0
no auto-summary
autonomous-system 100
exit-address-family
!
Router 2
========
interface Tunnel110
ip vrf forwarding Data
ip address 10.40.61.2 255.255.255.224
no ip redirects
ip nhrp map 10.40.61.1 172.16.123.1
ip nhrp map 10.40.61.3 172.16.123.3
ip nhrp network-id 110
ip nhrp cache non-authoritative
tunnel source GigabitEthernet0/1
tunnel mode gre multipoint
tunnel key 110
router eigrp 100
no auto-summary
!
address-family ipv4 vrf Gorgon_Data
network 10.40.61.2 0.0.0.0
no auto-summary
autonomous-system 100
exit-address-family
!
Router 3
========
interface Tunnel110
ip vrf forwarding Data
ip address 10.40.61.3 255.255.255.224
no ip redirects
ip nhrp map 10.40.61.1 172.16.123.1
ip nhrp map 10.40.61.2 172.16.123.2
ip nhrp network-id 110
ip nhrp cache non-authoritative
tunnel source GigabitEthernet0/1
tunnel mode gre multipoint
tunnel key 110
router eigrp 100
no auto-summary
!
address-family ipv4 vrf Gorgon_Data
network 10.40.61.3 0.0.0.0
no auto-summary
autonomous-system 100
exit-address-family
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list