Configuration of GRE on L3 switches

Unanswered Question
Jun 21st, 2010
User Badges:

Hi,


We have tow L3 switches connectot to each other by L3 link. Each L3 switch switch has different VLANs configured on them. We need to configure GRE tunnle between one VLAN from switch 1 to another  VLAN from second switch.  To do this I need to use loopback address as source and destination of the TUNNEL.  How can it be configured so that the traffic only from those VLAN's will undergo the encapsulation.   VLAN's IP from both the switches are reachable with routing protocol.


L3 switch 1                                                        L3 switch 2

VLAN 10                            L3 WAN-LINK           VLAN 200

ip address 10.1.1.1 /24                                       ip address 10.1.200.1 /24


VLAN 11                                                          VLAN 211

ip address 10.1.11.1 /24                                     ip address 10.1.211.1 /24


We are running routing protocol and are able to reach all the networks.


We need to configure the GRE tunnel between for VLAN 10 and VLAN 200 using loopback address.

Can we just take VLAN ip address as input IP address and destination IP address of the tunnel.


Please share the experince.


Thanks

Subodh

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
vmiller Mon, 06/21/2010 - 12:22
User Badges:
  • Gold, 750 points or more

If all your vlans have IP addresses, why are you considering tunnelling ?


If your aim is to restrict routing, consider access lists.

bapatsubodh Mon, 06/21/2010 - 12:41
User Badges:

Hi,

Sorry forgot to mention the reason why are we looking fro GRE Tunnel. The reason behinnd forming the GRE Tunnel is that some devices which we have at location one produce a multicast stream with TTL 1 and the users those who need this stream are located at second locaton.  Due to this we these devices in the same IP subnet. With GRE can we do it?


Thanks

Subodh

vmiller Mon, 06/21/2010 - 13:01
User Badges:
  • Gold, 750 points or more

I don't think it would solve your ttl issue. A tunnel is a virtual interface, and would require an address.

Kevin Brennan Mon, 06/21/2010 - 13:05
User Badges:
  • Bronze, 100 points or more

Hi Subodh,


I think that GRE Tunnels aren't supported on switches as they (Tunnels) are process switched. I recall a thread here a while ago going into detail about it.


Surely traversing a GRE tunnel will still decrement the TTL by one anyway?


Would L2TPv3 between two routers help you?


HTH


Kevin

vmiller Mon, 06/21/2010 - 13:38
User Badges:
  • Gold, 750 points or more

GRE may be platform/IOS dependent, But thats besides the point. may have to run a bridge group depending on how the WAN link is set up.

bapatsubodh Mon, 06/21/2010 - 19:18
User Badges:

Hi,


So is there a soluation of connecting same subnets those are seperated by L3 routed links?


So that hosts from one side can ping ( for example ) hosts on other side those are on same subnet transparantly.


Please share the experience.


Also starting a new thread.


Thanks

Subodh

Giuseppe Larosa Tue, 06/22/2010 - 03:01
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Subodh,


>> The reason behinnd forming the GRE Tunnel is that some devices which we have at location one produce a multicast stream with TTL 1 and the users those who need this stream are located at second locaton.  Due to this we these devices in the same IP subnet. With GRE can we do it?


As discussed in an older thread a GRE tunnel is not a solution for TTL=1 as the packet will expire before being put into the GRE tunnel

Also GRE tunnels on multilayer switches lower then C6500 are a very bad idea as they will cause traffic to be process switched stay away from it.


But Increasing TTL to a number greater then 1 in a multicast stream shouldn't be so difficult, so this is a case where the application has to be fixed and this can be done easily.


The only way to support this would be the use of a point to point transport service like EoMPLS or L2tPv3 that can be vlan based but this will not be scalable if in the future other remote sites need the stream.


what can be used depends on what platforms you have


sw based routers you can use L2TPv3


see

http://www.cisco.com/en/US/docs/ios/12_3t/12_3t2/feature/guide/gtl2tpv3.html


for EoMPLS on switches you would need a C3750 ME as a minimum in both sides


But again this is not something to be done without careful thinking and not for this reason (TTL in a multicast stream)


Hope to help

Giuseppe

Actions

This Discussion