cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
453
Views
0
Helpful
4
Replies

Accessing NAM module through a GRE tunnel

mmelbourne
Level 5
Level 5

I have a NAM module in a remote C6k, which connects to the management networks through a newly-configured GRE tunnel (the tunnel replaces a dedicated point-to-point routed link for the private network. However, we now cannot ping the Management interface of the NAM through the GRE tunnel - I can ping it from the local switch and using the source address of the tunnel, but not from the other switch through the GRE tunnel. Other devices in the same VLAN are accessible through the GRE tunnel; just not the NAM. Could this be similar to the re-circulation of GRE packets which I've seen in MPLS-enabled network which also use GRE?

4 Replies 4

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello MMelbourne,

more details are needed to understand what is happening.

You should provide a filtered version of remote C6500 configuration and I§ routing table.

However, if the remote switch MSFC/supervisor and other devices connected to it are reachable via the GRE tunnel without instabilities the IP routing should be fine and this should lead to some issue inside the C6500. It can be a specific issue with NAM like for example return packets coming from NAM not encapsulated into GRE packets for some reason or limitation.

Hope to help

Giuseppe

Thanks for the reply. Essentially a VLAN is defined on the remote switch, and this is defined as the management VLAN on the NAM. Previously a static route existed on the local switch pointing the remote VLAN subnet via a dedicated routed point-to-point link between the switches. These static routes have now been replaced with interface 'Tunnel0' as the next-hop. Other devices in VLAN 2 on the remote switch are accessible, and a traceroute shows the traffic traversing the GRE tunnel.

I can ping the IP address of the NAM management interface from the remote switch itself, even with the source address of the tunnel interface. On the local switch I cannot ping the NAM management using the tunnel source address on the local switch. I am thinking it may be something to do with internal packet flow - I was reminded of the issue/field notice with access to service modules when Distributed EtherChannel was in use, but I can access the NAM from a different subnet on the remote switch, so the issue isn't quite the same.

The local switch is running 12.2(18)SXF11 whilst the remote switch (containing the NAM) is running 12.2(18)SXD3. NAM software is 3.5(1b).

Thanks for the reply. Essentially a VLAN is defined on the remote switch, and this is defined as the management VLAN on the NAM. Previously a static route existed on the local switch pointing the remote VLAN subnet via a dedicated routed point-to-point link between the switches. These static routes have now been replaced with interface 'Tunnel0' as the next-hop. Other devices in VLAN 2 on the remote switch are accessible, and a traceroute shows the traffic traversing the GRE tunnel.

I can ping the IP address of the NAM management interface from the remote switch itself, even with the source address of the tunnel interface. On the local switch I cannot ping the NAM management using the tunnel source address on the local switch. I am thinking it may be something to do with internal packet flow - I was reminded of the issue/field notice with access to service modules when Distributed EtherChannel was in use, but I can access the NAM from a different subnet on the remote switch, so the issue isn't quite the same.

The local switch is running 12.2(18)SXF11 whilst the remote switch (containing the NAM) is running 12.2(18)SXD3. NAM software is 3.5(1b).

Hi,

Are you able to ping from NAM module to the local switch after login into NAM because in our setup we have also NAM and we have not experience these type of problem we are able to ping NAM mgmt interface from anywhere if that subnet is reachable to others and even from the same switch where the module is placed.

How is the routing is defined for outgoing traffic from NAM ?

Regards

Ganesh.H

jayson-henkel
Level 1
Level 1

I am experiencing the very same issue. I suspect the NAM isn't respecting the MTU? Anyone else have any thoughts?

I'm anxious to have this operational.

-Jayson

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: