I'm trying to encapsulate ethernet in a gre tunnel (gre ethertype 0x6558 Transparent Ether Bridging)
I saw the functionnality here :
But I don't really understand how the example is working. I don't see how the remote endpoint is configured.
When I try to set the destination of the tunnel, I have the following error
Router(config-if)#tunnel destination 192.168.100.254
Tunnel destination configuration failed on tunnel in mode Ethernet-GRE/IP configuring 192.168.100.254: tunnel destination cannot be configured under existing mode
So, how can I set the destination of the gre tunnel ?
Can you tell us what platform and what version of code you are running? I wonder if the issue you have is that the feature is not fully supported on your platform and version of code.
I'm using a CSR 1000V :
Cisco IOS XE Software, Version 03.10.02.S - Extended Support Release
Cisco IOS Software, CSR1000V Software (X86_64_LINUX_IOSD-UNIVERSALK9-M), Version 15.3(3)S2, RELEASE SOFTWARE (fc3)
I have not used this feature before and so do not have any experience to offer and can comment only based on what I have read about it. I believe that the answer is that on the head end router the Ethernet over GRE operates as a multipoint tunnel and as a multipoint tunnel you do not specify a destination address (since there are likely to be multiple destination addresses and we may not know all of them at the point when we are configuring the multipoint tunnel).
As for how the remote end point is configured I find this:
Customer premises Equipment (CPE) is pre–configured with a point-to-point Generic Routing Encapsulation (GRE) IPv4 or IPv6 tunnel. The tunnel destination is a well-known IPv4 or IPv6 address of an aggregation device.
Totally Agree with your comments. Still, this is a cool lab anyways. And I don't encourage this kind of solutions for production environments. But just wanted to point out that you can configure this and recall the title of the thread "How to configure Ethernet over Gre", that's what I addressed here.
But once again, I'm a 100% with you mate and prefer to use MPLS l2vpns for this.
For what you're saying Im assuming you want to achieve this: [See attachment]
If that's the case, I can give you a hint, but keep in mind that it could work if the IOS and/or platform support it. I 've tried this myself with Linux based platforms such as DD-WRT, ROuterOS and Linux itself and it works perfectly. I also tried with this IOS ver:
Cisco IOS Software, 3600 Software (C3640-JK9O3S-M), Version 12.4(16a
which is the example configuration Im posting.
1 - Create Tunnel Between Routers sourcing Loopback0
int tunnel x
tunnel source loop0
tunnel dest x.x.x.x
2 - Configure a IEEE Bridge on each Router and attach the tunnel Interface**
with the desired LAN interface, in this case Fa0/0
bridge 1 protocol ieee
interface tunnel x
**NOTE: This config is "not supported" by the IOS and it is a hidden command itself (at least on the tunnel if.) You'll get this message:
% This command is an unreleased and unsupported feature <--------
But technically this is a valid configuration an the router hopefully will accept the config.
What Rémi was trying to do is a specific feature which was developed to process Ethernet frames and forward them over a GRE tunnel. What this most recent post suggests is to enable bridging of frames from an Ethernet interface over the GRE tunnel which is a significantly different thing. It might or might not achieve the requirements that Rémi was working with.
The most current post notes the warning message generated when you configure the bridge-group on the tunnel interface and asserts that this is a technically valid configuration. Perhaps that is true. It is certainly not a supported configuration.
Perhaps we should be careful of how we understand and use terms. I believe that many of us equate "not supported" with "not work" and in many cases it is true that what is not supported does not work. But there certainly are cases where something is not supported but might work (at least in some circumstances). When Cisco announces that some feature is supported then they are saying that they stand behind this feature and if something about it does not work then they will fix it. When Cisco does not support something (like bridging over a GRE tunnel) they are saying you can use this at your own risk - and if something does not work the way that you expect then do not complain to Cisco about it. It is fine to do this kind of thing in a lab but we should be cautious about using it in a production network. Rémi and anyone who contemplate using this solution need to consider this risk.
I also note that the suggested config is somewhat incomplete. Configuring the bridge-group and assigning the bridge-group to both interfaces is standard bridging. There is also a bridge irb command but none of the other commands needed to make irb really work.
Thanks for the update.
I take a quick look but unfortunately, with this version of IOS-XE, it seems that I can't attach a tunnel interface to a bridge-domain (service instance ethernet is refused)
Didn't noticed your post.
In IOS_XE you don't need to bridge the Tunnel anymore. Remember this is legacy.
Take a look to this paper from the XE ver3S: