Tunnel

Answered Question
Apr 7th, 2009
User Badges:

When using a gre tunnel, we identify the source as one of the physical interfaces on the device.1)What is the significance if the source interface being used is the lan interface or if it is Wan interface.Would there be any problems in this.

2)If the tunnel source is undefined, but destination is defined, what could be the result & would the traffic still pass through? if no, why.

If yes, would it take the same path or go via another path?


Thanks.


Correct Answer by Richard Burts about 8 years 3 weeks ago

Victor


When I first read your post I interpreted it as advocating the WAN interface, especially since it does not mention using any other interface. But I agree that your post makes the point very clearly that what is required is that the destination address and the source address must be reachable.


HTH


Rick

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (4 ratings)
Loading.
Edison Ortiz Tue, 04/07/2009 - 07:52
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

On the GRE tunnel configuration, using the WAN interface at both ends will avoid relying on routing to bring up the tunnel as the source and destination are directly connected interfaces.


An undefined tunnel source isn't a complete GRE tunnel configuration and the tunnel will never come up. This value is mandatory.


HTH,


__


Edison.



lamav Tue, 04/07/2009 - 07:56
User Badges:
  • Blue, 1500 points or more

Hi, Edison:


If I can just fine tune a bit....


It's not so much that the WAN interfaces on both peer routers (source and destination) are directly connected interfaces, but that they are reachable independent of a dynamic routing protocol, which of course wouldn't produce any routing information until the tunnel comes up in the first place.


Typically, I use static routes at both ends to point to the tunnel destination.


HTH


Victor

Richard Burts Tue, 04/07/2009 - 10:55
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

sunny


While I agree with Edison and Victor that using the WAN interface is the most common implementation, I will take a slightly different approach in answering your question.


As long as the configured tunnel destination address is reachable from the configured tunnel source address without using any information learned through the tunnel, then the tunnel should work. This means that the address could be the WAN interface, could be the LAN interface, or could be a loopback interface. In practical terms it is frequently easier (or simpler) to use the WAN interface but that is not required.


The GRE tunnel will encapsulate the original packet using the configured source address and destination address. So as Edison points out, if the tunnel is not configured with a source address then the configuration is incomplete and the tunnel will not operate.


HTH


Rick

lamav Tue, 04/07/2009 - 11:03
User Badges:
  • Blue, 1500 points or more

Rick:


"As long as the configured tunnel destination address is reachable from the configured tunnel source address without using any information learned through the tunnel, then the tunnel should work."


That was precisely my point. I was actually not making a recommendation regarding which interface to use. I just added a point of clarification to something Edison wrote.


Victor

Correct Answer
Richard Burts Tue, 04/07/2009 - 11:25
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Victor


When I first read your post I interpreted it as advocating the WAN interface, especially since it does not mention using any other interface. But I agree that your post makes the point very clearly that what is required is that the destination address and the source address must be reachable.


HTH


Rick

suthomas1 Wed, 04/08/2009 - 04:13
User Badges:

Thanks all for that great explaination which helped me understand this better!

Its heard that mtu on gre causes issues.Can you all throw some light on actually how this affects and why so only on gre interfaces?

& how to isolate the cause to be this.

Thanks.

Actions

This Discussion