I have to use a Cisco router supporting a huge amount of GRE tunnels (with RIP or BGP running on every tunnel). Which model is the best choice if the number of tunnels is 100? Which one if the tunnels are 400?
The limitation of the interfaces is bind to the IDB (Interface Descriptor Blocks) limit which is a function of the IOS and the Platform.
You can use the show idb command on your platforms to see what the limits will be on your gear.
Each tunnel interface definition, such as Universal Transport Interface (UTI), Generic Routing Encapsulation (GRE), Multiprotocol Label Switching Traffic Engineering (MPLS TE), or Any Transport over MPLS (AToM) consumes an HWIDB plus one SWIDB per tunnel, plus an additional SWIDB for each additional sub-interface, for example, a Frame Relay PVC, that is tunneled. The tunnel IDBs are in addition to the original interface(s) that are tunneled.
I have run 400 GRE tunnels (running a dynamic routing protocol on each tunnel) on a 7200 router (with the G1 processor) and it did it very well. The 7200 can scale well beyond 400 tunnels. You might run that many tunnels on a router lower in the product line, but for us the best choice was the 7200.
Be aware that part of the challenge is not only maintaining that many interfaces (and Mohammed is right to introduce the topic of IDB as one of the limiting factors) but the real challenge is to maintain the number of neighbor relationships, sending and receiving hello messages, tracking neighbor state, and processing the routing updates. These activities are in the control plane (not the data place where packet forwarding is done) and you need a good processor for the control plane.
when you say you have 400 GRE tunnels with dynamic protocol on each you mean that the 7200 router is able to manage 400 neighborship of the routing protocol at the same time?
thanks in advance
Yes the 7200 manages 400 GRE tunnels and 400 EIGRP neighbors all at the same time. It is working very well for this.
my fear is that even if with 100 or 400 GRE tunnels the IDB limit is not exceeded, the router is not able to support them in terms of CPU utilization and memory. Is it possible to perform a better rating in some way?
I think that Rick's reply is more than perfect addressing your fear, it shall depend on what routing protocols, how many neighbor and so on, i've never reached that number of GRE tunnels on a single router, however i've one of our PEs (7206VXR-NPEG1), having over than 200 customers' subinterfaces, many of them are running RIP, EIGRP and even a couple of them running BGP as PE-CE routing protocol.
Though ISR limits exceeds your maximum number of GRE Tunnel requirement, take note that GRE forces the router to encapsulate every packet to another packet inside IP Tunnels which adds to cpu load. There is no matrix for number of GRE Tunnel to Router model. Your best bet is the model that Rick is currently using with 400 GRE Tunnel which is 7200/G1. Alas, there is no accelerator for GRE Tunnel (unlike VPN).
Can you please let me know where I can I find the maximum number of GRE tunnels that can be supported on a 7301 Router ?
IDB wise more than 8,000 tunnels could be configured but I am after the recommended maximum when static routes are in use versus BGP routing.
Thank you in advance.
In theory yes multipoint tunnels could be used but currently there are just under 1100 tunnels configured on the 7301 and I would like to know how far away from the maximum limit this number is.
Thanks for your reply.