GRE Tunneling over multiple links

Unanswered Question
Danilo Dy Tue, 09/11/2007 - 05:01


You need to put "keepalive [seconds [retries]]" in the tunnel interface (both ends). Not doing so, any of the link between two router goes down, the tunnel interface will still be up/up in both routers. In the case that one of the link directly connected in any of the routers goes down, only the tunnel interface in that router will be down while the tunnel interface in the other router will still be up/up.



Joseph W. Doherty Tue, 09/11/2007 - 05:32

Normally a tunnel will use just one path if multiple physical paths are available. If one of the physically paths breaks, as with other packets, the tunnel's packets will be redirected along an alternate path.

The time of the underlying physical convergence may interrupt both normal traffic flowing across the tunnel and a routing protocol running across the tunnel. (Behavior is similar to a link flap.)

Richard Burts Tue, 09/11/2007 - 07:51


While I agree with Dandy that tunnel keepalives are a nice feature, I believe that in your situation they provide marginal improvement. Your question asks about running a routing protocol over the tunnel. If you are running a routing protocol over the tunnel and the tunnel breaks then the routing protocol will converge and know that it can not pass traffic over the tunnel. I have faced this issue in a customer network where we run GRE tunnels with EIGRP as a dynamic routing protocol over the tunnels. It converges very well when a link in the middle of the tunnel stops working. So you do not need tunnel keepalive for convergence, but it may be helpful from a management perspective to see the tunnel interface go protocol down when it can no longer pass traffic.

What happens to the tunnel depends somewhat on how you have configured the tunnel. Especially is there are potentially several different paths that get to the destination then you should not use one of the physical interface addresses as the source or destination of the tunnel. If a physical interface is used as source or destination and that interface becomes unavailable then the tunnel will break even if there are available alternate paths. In this situation it is generally better to use loopback interfaces as the source and destination for the tunnel. In that case if the tunnel is using one link and that link becomes unavailable and an alternate link is available then the tunnel will continue to pass traffic and use the alternate link.




This Discussion