Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

GRE tunnel protocol status goes down with vrf membership

I have setup of 4 routers R1 - R2 - R3 - R4 .

They are connected as shown. I have also setup a GRE tunnel between R1 and R4. The tunnel status is up and protocol is up.

I have configured tunnel source and reach ability related configurations in R1,R2,R3 and R4.

Now if I put R1/R4 Tunnel Source Loopback Int, Tunnel Interface and Int connecting R2/R3 in vrf A and also modify the static route to reach Tunnel Destination IP in R4 into a vrf static route the tunnel protocol goes down.

Can anybody help ?

Thanks

Kas

2 ACCEPTED SOLUTIONS

Accepted Solutions
Cisco Employee

Re: GRE tunnel protocol status goes down with vrf membership

Kas,

you need to configure "tunnel vrf " under the tunnel interface configuration to tell the tunnel interface that the tunnel destination is resolvable via the specific VRF. By default, the tunnel destination is resolvable via the global routing table.

Regards

Harold Ritter
Sr. Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
Cisco Employee

Re: GRE tunnel protocol status goes down with vrf membership

Kas,

The fact of configuring the tunnel itself in a specific VRF, using the "ip vrf forwaring , doesn't force the IOS to perform the tunnel destination lookup in that VRF. The tunnel destination lookup is still performed against the global routing table by default. Only the "tunnel vrf" command can change the default behavior.

Regards

Harold Ritter
Sr. Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
6 REPLIES
Silver

Re: GRE tunnel protocol status goes down with vrf membership

Hi

Tunnel protocol down means the destination is not reachable in vrf routing table.

Please check have you given the reverse route in vrf.

regards

shivlu jain

New Member

Re: GRE tunnel protocol status goes down with vrf membership

Hi,

I have configured vrf static routes Tunnel source and desitination and tested xtended ping vrf A dest loop source int lo0. I got ICMP type 8 & 0 msgs which is absolutely fine. So source and destination loopbacks are reachable .thats probally not the issue .

New Member

Hi all

Hi all

Thanks a lot !! After 2 days on testing with GNS3, to find why the protocol int tunnel stay down and not showing up in the route table of this VRF, found your post, guys and it works !! On the web, found many example without this command. I have tried 2 scenario, and this command was not here. You made my days, can use this solution in my job, just in time. On top of that, i use DMVPN, and it works great. Thanks

Ex :

tunnel source 192.168.240.1
tunnel mode gre multipoint
tunnel vrf name_of_your_VRF

Cisco Employee

Re: GRE tunnel protocol status goes down with vrf membership

Kas,

you need to configure "tunnel vrf " under the tunnel interface configuration to tell the tunnel interface that the tunnel destination is resolvable via the specific VRF. By default, the tunnel destination is resolvable via the global routing table.

Regards

Harold Ritter
Sr. Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
New Member

Re: GRE tunnel protocol status goes down with vrf membership

Hi,

But if I have configured a ip vrf forwarding A under the gre tunnel interface will not take care of it.

Anyways i am trying out your command

Cisco Employee

Re: GRE tunnel protocol status goes down with vrf membership

Kas,

The fact of configuring the tunnel itself in a specific VRF, using the "ip vrf forwaring , doesn't force the IOS to perform the tunnel destination lookup in that VRF. The tunnel destination lookup is still performed against the global routing table by default. Only the "tunnel vrf" command can change the default behavior.

Regards

Harold Ritter
Sr. Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
1239
Views
10
Helpful
6
Replies
CreatePlease to create content