08-15-2006 12:28 PM - edited 03-03-2019 01:40 PM
Can I use HSRP VIP as the source address for a GRE tunnel. It does not work for me, when the active router goes down (hard down) the GRE tunnel does not work on the standby router, even though the HSRP becomes active on the standby router. Thanks in advance
08-15-2006 12:39 PM
Ahmed
I do not think that it is supported to use the virtual IP from HSRP as the tunnel source address. Doing this would cause several difficulties. To do this would need to have the tunnel configured on both of the routers. But can the same tunnel exist in two places? And this would require that the tunnel IP address be configured on both routers. But then you have the same IP address existing in two parts of the network.
Depending on what you are trying to accomplish it may be possible to configure two tunnels - one on each router - and then to use one tunnel as primary and the other tunel as backup. I have a customer who does this implementation a lot and it works quite well.
HTH
Rick
08-15-2006 02:02 PM
The fact I think it should work, the tunnel is up and working on the active HSRP router using the VIP, but the problem is once the active router goes down, the tunnel on the standby routers does not come up eventhough the HSRP becomes active.
08-15-2006 02:16 PM
Tunnel source address is determined at the moment you configure it. I guess you've configured tunnel with 'tunnel source X.X.X.X'. If address was not there when tunnel was configured, it's possibly in dormant state.
A while ago somebody in cisco newsgroup described problem having tunnel sources from an interface that had 'ip negotiated'. Even if IP was always the same, tunnel didn't work. You could see my old notes on that issue at http://citadel.nobulus.com/~ilya/notes/archives/000018.html
HSRP is just similar to negotiated IP in the way that it's not permanently assigned IP.
08-17-2006 10:51 AM
Hi,
What type of router are we talking about here? HSRP has some incompatibilities with some serial interface hardware.
"Several Ethernet (Lance and QUICC) controllers in low-end products can only have a single unicast MAC address in their address filter. On these platforms only a single HSRP group is permitted, and the interface address is changed to the HSRP virtual MAC address when the group becomes Active. If you are using HSRP on routers with multiple interfaces of this type, you should configure each interface with a different HSRP group number."
I have tried to implemented on 2500 series routers but it is not possible since they only support one MAC address per interface.
Let me know if it helps.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide