cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
389
Views
0
Helpful
5
Replies

Using GRE to build site to site VLANs. my config comments

banso_boy
Level 1
Level 1

Site A and Site B have hosts belong to the same vlan.

I am trying t build a GRE tunnel to get these host communicate.

So far here is what I have in mind.

See below. IS there anything I am mixing up.

Comments or suggestions will be highly apreciated.

I translate Site A VLAN IP Addresses to another subnet of IP addresses which does not exist in Site B and similarly Site B IP addresses to a subnet which does not exist in Site A.I have hurriedly configured this with a very basic setup and below are the configs.

Router R0 is connected to R1 through Serial 1/0 interfaces and the fastethernet 0/0 on both routers connects to the Local LAN. The config bits are -:

hostname R0

!

interface Tunnel0

ip address 1.1.1.1 255.255.255.0

ip nat outside

tunnel source Serial1/0

tunnel destination 192.168.1.2

!

interface FastEthernet0/0

ip address 10.1.1.2 255.255.255.0

ip nat inside

duplex full

!

interface Serial1/0

ip address 192.168.1.1 255.255.255.0

!

ip nat inside source static 10.1.1.2 192.168.100.2 extendable

!

ip route 172.16.1.0 255.255.255.0 Tunnel0

Router R1

hostname R1

!

interface Tunnel0

ip address 1.1.1.2 255.255.255.0

ip nat outside

tunnel source Serial1/0

tunnel destination 192.168.1.1

!

interface FastEthernet0/0

ip address 10.1.1.1 255.255.255.0

ip nat inside

!

interface Serial1/0

ip address 192.168.1.2 255.255.255.0

!

ip nat inside source static 10.1.1.1 172.16.1.1 extendable

ip route 192.168.100.0 255.255.255.0 Tunnel0

it is clear to me that if I am on R0 and do

R0#ping 172.16.1.1 it should be successful.

Now what about a host behind R0 that want to reach a host behind R1 on the same vlan.

For example if host A behind R0 and host B behind R1 are on VLAN 1 and want to communicate.

Host A address is 10.1.1.3 and Host B address is 10.1.1.4

If sitting at A I do ping 10.1.1.4, how will R0 know that 10.1.1.4 belongs to a host behind R1 ? Remember the NAT at R1 is changing 10.1.1.4 to another address say 172.16.1.4.

So I am thinking a default route of

ip 0.0.0.0 0.0.0.0 tunnel0 will be a solution

Is there something I am mixing up or what will the disadvantage of using a static route?

5 Replies 5

andrew.prince
Level 10
Level 10

I might be missing something here, but when you say you are using the same IP subnet at both sites.....using your example:-

"For example if host A behind R0 and host B behind R1 are on VLAN 1 and want to communicate.

Host A address is 10.1.1.3 and Host B address is 10.1.1.4 " Then this will not work, as I am assuming that on R0 you will already have a host with an IP address the same as the host B on your local subnet, so this will route locally and have no reason to go over the tunnel?

There a few ways I can think of:-

1) Change the IP subnet of one of the routers LAN.

2) If you are not using the whole class c address range - subnet it, and use static routes

3) Perform static 1 to 1 translations, and use the NAT subnet to communicate.

HTH.

Sorry about the lack of information on sugestion 3, I was called to do some urgent work. For this I would suggest something like:-

For R0

ip nat inside source static network 10.1.1.0 192.168.100.0 /24 extendable

For R1

ip nat inside source static network 10.1.1.0 172.16.1.0 /24 extendable

This way from site a = R0 is, you want to connect from 10.1.1.3(A) to 10.1.1.4(B) from 10.1.1.3 you would initiate a connection to 172.16.1.4. R0 would translate your source from 10.1.1.3 to 192.168.200.3 and pass the destination of 172.16.1.4 onto R1. R1 would see a destination of 172.16.1.4 and translate that source to 10.1.1.4 and your source would remain 192.168.200.3. 10.1.1.4 would respond to 192.168.200.3! This process would work the other way around also!

HTH.

thanks for your reply HTH.

As for suggestion 3, just to be sure

What about the statics route?

I am thinking

ip route 0.0.0.0 0.0.0.0 tunnel0

on R0 and R1 will root the traffic

and NOT

For R0

ip route 172.16.1.0 255.255.255.0 tunnel0

and

R1

ip route 192.168.100.0 255.255.255.0 tunnel0

Ultimately as you are only routing to 4 x subnets.....2 at each site with NAT, it's the same. Don't forget the 0.0.0.0 0.0.0.0 is for the router to process any destination/source it does NOT have in it's routing table by either static, connected or dynamic means to be able to pass onto a device/IP that does know about those destinations.

Either having specific routes of a default route will work.

HTH.

HTH i highly appreciate your attention to this problem.I will try to implement it and let you know of the results.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: