06-21-2010 11:34 AM - edited 03-04-2019 08:51 AM
Hi,
We have tow L3 switches connectot to each other by L3 link. Each L3 switch switch has different VLANs configured on them. We need to configure GRE tunnle between one VLAN from switch 1 to another VLAN from second switch. To do this I need to use loopback address as source and destination of the TUNNEL. How can it be configured so that the traffic only from those VLAN's will undergo the encapsulation. VLAN's IP from both the switches are reachable with routing protocol.
L3 switch 1 L3 switch 2
VLAN 10 L3 WAN-LINK VLAN 200
ip address 10.1.1.1 /24 ip address 10.1.200.1 /24
VLAN 11 VLAN 211
ip address 10.1.11.1 /24 ip address 10.1.211.1 /24
We are running routing protocol and are able to reach all the networks.
We need to configure the GRE tunnel between for VLAN 10 and VLAN 200 using loopback address.
Can we just take VLAN ip address as input IP address and destination IP address of the tunnel.
Please share the experince.
Thanks
Subodh
06-21-2010 12:22 PM
If all your vlans have IP addresses, why are you considering tunnelling ?
If your aim is to restrict routing, consider access lists.
06-21-2010 12:41 PM
Hi,
Sorry forgot to mention the reason why are we looking fro GRE Tunnel. The reason behinnd forming the GRE Tunnel is that some devices which we have at location one produce a multicast stream with TTL 1 and the users those who need this stream are located at second locaton. Due to this we these devices in the same IP subnet. With GRE can we do it?
Thanks
Subodh
06-21-2010 01:01 PM
I don't think it would solve your ttl issue. A tunnel is a virtual interface, and would require an address.
06-21-2010 01:05 PM
Hi Subodh,
I think that GRE Tunnels aren't supported on switches as they (Tunnels) are process switched. I recall a thread here a while ago going into detail about it.
Surely traversing a GRE tunnel will still decrement the TTL by one anyway?
Would L2TPv3 between two routers help you?
HTH
Kevin
06-21-2010 01:38 PM
GRE may be platform/IOS dependent, But thats besides the point. may have to run a bridge group depending on how the WAN link is set up.
06-21-2010 07:18 PM
Hi,
So is there a soluation of connecting same subnets those are seperated by L3 routed links?
So that hosts from one side can ping ( for example ) hosts on other side those are on same subnet transparantly.
Please share the experience.
Also starting a new thread.
Thanks
Subodh
06-22-2010 03:01 AM
Hello Subodh,
>> The reason behinnd forming the GRE Tunnel is that some devices which we have at location one produce a multicast stream with TTL 1 and the users those who need this stream are located at second locaton. Due to this we these devices in the same IP subnet. With GRE can we do it?
As discussed in an older thread a GRE tunnel is not a solution for TTL=1 as the packet will expire before being put into the GRE tunnel
Also GRE tunnels on multilayer switches lower then C6500 are a very bad idea as they will cause traffic to be process switched stay away from it.
But Increasing TTL to a number greater then 1 in a multicast stream shouldn't be so difficult, so this is a case where the application has to be fixed and this can be done easily.
The only way to support this would be the use of a point to point transport service like EoMPLS or L2tPv3 that can be vlan based but this will not be scalable if in the future other remote sites need the stream.
what can be used depends on what platforms you have
sw based routers you can use L2TPv3
see
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t2/feature/guide/gtl2tpv3.html
for EoMPLS on switches you would need a C3750 ME as a minimum in both sides
But again this is not something to be done without careful thinking and not for this reason (TTL in a multicast stream)
Hope to help
Giuseppe
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide