Re: GRE tunneling over OSPF infrastructure

v.nastase · ‎02-17-2003

Our company developed a data network infrastructure based on OSPF IP routing protocol. Regarding the great number of branches we chose to split OSPF domain in 6 OSPF areas, each area having between 6 and 8 routers .

Now we are in phase of implementing a communication through the network by using GRE tunneling, regarding the special protocol that must be tunneled.

As the areas are configured with summarization on border routers, every area receveing a dedicated IP addresses scheme, we have some questions regarding the IP addresses nedded to be use on GRE tunneling.

1. Do we need to use for GRE tunneling other IP addresses than those established for OSPF areas ?

2. Do we need to have a dedicated ethernet interface in every branch for the IP segment that must be tunneled ?

3. Can we use OSPF as routing protocol for the traffic passing the tunnel ? What implications reffers to ( a special area for the tunnel ???) ?

Thanks for your support

donewald · ‎02-18-2003

Answers below,

1. Your tunnel source and destination address should be something within your IGP (OSPF) but the IP address, if you put on, on your Tunnel can be anything (not needed to be in your IGP).

2. You need not have a dedicated Ethernet segment for your Tunnel, since this is a logical internal interface. This would really depend on what you are Tunneling and why. Say you were Tunneling IPX and nothing else. You could have an Ethernet with IP that clients would use and route normally across your OSPF core but the IPX that came into the router would enter the Tunnel interface and go to it's destination. So, you'd need not, in this scenerio, have a dedicated Ethernet segment since it would be use with IP and IPX (your tunneled traffic type) at the same time.

3. Sure you can use OSPF over your Tunnels. Normally when people Tunnel it is to separate traffic from the rest of the network or to pass non IP traffic over a IP network without enabling routing for other protocols. I'd recommend, if separating traffic, running a separate OSPF or other routing protocol to keep these Tunneled Networks separate.

Hope this helps you,

Don

n-meadows · ‎02-21-2003

The not ebelow from the CCIE is an excellent guide to point you in the right direction at a high level, all I would add is that you want to leave the OSPF installation untouched, you really need a complete separation as it will be impossible to support and troubleshoot if youy don't. Use tunnel interfaces, and configure a different tunnel int for every router you will be tunneling to,( you can configure loads on each router), label them as 'tunnel to wherever the tunnel is going'. then use static routes pointing to the specific tunnel inerface configured to go where you want it to go (e,g ip route network/mask tunnel (no of interface). Use a 10.0.0.0 ip address schema with a /30 mask, for each tunnel, this will then give you a chance to administrate the n/w. The only way though, that you can configure this propoerly is to set it up on a testbed and read, read, read, your best ally here will be experience.