I just wondered is it possible to set up GRE tunnels over two equal cost paths!I test it with real equipments but i didnt get to the point that i wanted ,here is what i did :
I connect two Cisco routers with two serial interfaces together then i create loop back interface on both of them, then setup tunnel interfaces but for the destination address i use loopback interface of the other router and vice verso ,the problem is that somehow we should add the other routers loopback interface into routing table,it doesnt work properly with static routes and with dynamic routing we should use PBR to force traffic into the tunnels,my question is ,is it possible to setup GRE tunnels over two paths ????
I think the traffic pass through GRE will have same source/destination IP encapsulation, so per-destination load sharing will not be able to use 2 equal paths. You can try to change the load sharing to per packet on the 2 serial interfaces, see if that works.
Thanks letian,but the problem is how to setup this kind of connections,using loopbak interfaces are the true choice or not !!!
Perhaps I am slightly confused about what you are attempting to do. You describe two routers and two equal cost paths between the routers. But I am not clear whether your question is about a single GRE tunnel (whose traffic might take either of the paths) or two tunnels with a unique tunnel over each path? Perhaps you can clarify?
From your original post I am assuming that you are asking about a single GRE tunnel which would go over either (or both) of the equal cost links. I do not have quipment to test it right now, but I would think that something like this should work:
Assume router A has loopback 22.214.171.124 and that router B has loopback 126.96.36.199. Assume that you want the GRE tunnel to use subnet 192.168.1.0. Assume that the equal cost links use subnets 10.1.1.0 and 10.1.2.0. I believe that the config would be something like this on router A:
interface loopback 0
ip address 188.8.131.52 255.255.255.0
interface serial 0
ip address 10.1.1.1 255.255.255.252
interface serial 1
ip address 10.1.2.1 255.255.255.252
ip route 184.108.40.206 10.1.1.2
ip route 220.127.116.11 10.1.2.2
interface tunnel 0
ip address 192.168.1.1 255.255.255.252
tunnel source 18.104.22.168
tunnel destination 22.214.171.124
and the equivalent configuration on router B. I believe that this should work.
Dear Rburts ,
your answer was awesome,I did the same configuration as you mentioned,yes i want to create one tunnel over two redundant links,but the problem with your configuration is that if we had kind of MPLS or intranet network then if one of the serials on router A goes down because router A connected to the PE routers then router B would not be noticed that the serial is goes down and it should remove the static route from the routing table ,this is the problem that i had with loopbaks,and if we use dynamic routing protols i think then we should use PBR or something like this to force traffic into the tunnel do you think a better way for doing this kind of stuff???
I believe that there are options for sending traffic through the tunnel that are better than PBR.
The static routes were an easy and convenient way to illustrate the solution but static routes are not necessary to the solution. But what is essential is that there are routes in the routing table that establish connectivity to the tunnel destination and that those routes be independent of what is learned over the tunnel.
There are a couple of options that I can suggest which might resolve the issue of router B knowing the state of the connection to router A (especially important when A and B are not directly connected):
- you could configure a static route specifying next hop addresses and then configure Object Tracking to verify reachability of the next hop address.
- you could run a dynamic routing protocol between the routers and depend on the advertisement of the tunnel destination address..
Use loopback as tunnel end point IP is fine, as long as you have reachablity between the end point. So yes, this is supported.
The problem I were trying to say was the default cef load balancing might not work here. Since all traffic pass the tunnel will be encapsulate with the tunnel source and destination, so cef will pick one link and stick with it, the other link will not be used. To make traffic load balace between 2 links, you might need to change the default per-destination load balancing to per-packet mode.
Besides of GRE, you can also consider MLPPP. MLPPP can give you load sharing arocess 2 serial interfaces as well.
I agree with your point about the CEF load balancing method. I was not clear whether the original poster was interested in multiple paths to achieve load share or was interested in path diversity to provide redundancy and failover capability if the active path suffered a problem.
Certainly you are correct that to achieve load sharing the CEF default would use a single path and not share.
I think I misunderstood the poster's question. If redundant path is the requirement here, then yes, I agree with you; Static route with tracking option or dynamic routing protocol are better solutions.