Recursive Routing

Unanswered Question
Oct 27th, 2009

Hello, How to avoid Recursive Routing on GRE Tunnel over ipsec

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
joe.marcelo9 Tue, 10/27/2009 - 14:58

This hold good for One Tunnel between Hub&Spoke.

How to avoid recursive routing where multiple tunnels from spoke points to central hub on same router with different service providers.

Jerry Ye Tue, 10/27/2009 - 18:57

You can do multiple static routes or distribute-list. It is about the same amount of commands.

For distribute-list, you can do something like this, the example is in EIGRP

router eigrp xx

distribute-list prefix TUNNEL_DEST in tunnel y

!

ip prefix TUNNEL_DEST seq 5 deny a.a.a.a/32

ip prefix TUNNEL_DEST seq 10 deny b.b.b.b/32

ip prefix TUNNEL_DEST seq 100 perm 0.0.0.0/0 le 32

However, filtering routes will be very tricky with OSPF.

HTH,

jerry

Edison Ortiz Tue, 10/27/2009 - 14:39

Agreed with Jerry. You can also use the WAN facing interface of each endpoint which most likely won't be part of the routing protocol used on the tunnel.

The concept is that the destination IP for the tunnel can't be learned via the tunnel.

It must be learned via the WAN facing interface of such device.

Regards

Edison.

joe.marcelo9 Tue, 10/27/2009 - 23:36

Edison,

Agreed to use WAN Interface if its one Tunnel from Hub to Spoke.

Good example of weird scenario already posted on forum, which could be my upcoming concern.

More than one tunnels from Hub points to spoke on same router with different service providers. Spoke Wan interface would be same but HUB with multiple service provider would be with different WAN Interface.

Actions

This Discussion