Re: GRE tunnel : Loop

From: Pavel Bykov (slidersv@gmail.com)
Date: Tue Nov 18 2008 - 22:56:17 ARST

This is great, Antonio.

I was thinking along the way of
1. Not advertising 2.2.2.2 and 1.1.1.1 in OSPF process 1 (Router ID in OSPF
does not have to be reachable)
2. Advertise only 2.2.2.2 and 1.1.1.1 using second OSPF process (in the
initial email, i understood OSPF only requirement)

I.e.
R1:
router ospf 1
router-id 1.1.1.1
network 200.0.0.1 0.0.0.0 area 0 <- Enable OSPF on Tunnel
network 20.20.20.0 0.0.0.255 area 0 <- Network we want to advertise
over tunnel

router ospf 2
router-id 10.20.30.40
network 1.1.1.1 0.0.0.0 area 0 <- advertise loopback into OSPF,
to enable tunnel establishment.
network 21.21.21.1 0.0.0.0 area 0 <- Enable OSPF on Serial 1/1
network 12.12.12.1 0.0.0.0 area 0 <- Enable OSPF on Serial 1/0

So now OSPF 2 will take care of tunnel and OSPF 1 will take care of tunnel
routing.
They are not running on the conflicting interfaces, so there shouldn't be a
problem.

Also Static routes can easily be used instead of second OSPF process (Just
as well as PBR or default network)

On Mon, Nov 17, 2008 at 5:38 PM, Antonio Soares <amsoares@netcabo.pt> wrote:

> Usually in these type of scenarios there are 3 steps:
>
> 1) Adjust the OSPF cost of the interface.
> 2) Avoid recursive routing.
> 3) Permit/deny the desired networks.
>
> ######################################################################################
> Step #1)
>
> ######################################################################################
> R1#sh ip route ospf
> 2.0.0.0/32 is subnetted, 1 subnets
> O 2.2.2.2 [110/65] via 21.21.21.2, 00:00:12, Serial1/1
> [110/65] via 12.12.12.2, 00:00:12, Serial1/0
> 20.0.0.0/24 is subnetted, 1 subnets
> O 20.20.20.0 [110/65] via 21.21.21.2, 00:00:12, Serial1/1
> [110/65] via 12.12.12.2, 00:00:12, Serial1/0
> R1#
> R1#sh ip ospf int | inc Cost
> Process ID 1, Router ID 1.1.1.1, Network Type POINT_TO_POINT, Cost: 11111
> Process ID 1, Router ID 1.1.1.1, Network Type BROADCAST, Cost: 1
> Process ID 1, Router ID 1.1.1.1, Network Type LOOPBACK, Cost: 1
> Process ID 1, Router ID 1.1.1.1, Network Type POINT_TO_POINT, Cost: 64
> Process ID 1, Router ID 1.1.1.1, Network Type POINT_TO_POINT, Cost: 64
> R1#
> R1#conf t
> Enter configuration commands, one per line. End with CNTL/Z.
> R1(config)#int tu12
> R1(config-if)#ip ospf cost 64
> R1(config-if)#end
> R1#
> 00:27:58: %SYS-5-CONFIG_I: Configured from console by console
> R1#
> R1#sh ip route ospf
> 2.0.0.0/32 is subnetted, 1 subnets
> O 2.2.2.2 [110/65] via 200.0.0.2, 00:00:01, Tunnel12
> [110/65] via 21.21.21.2, 00:00:01, Serial1/1
> [110/65] via 12.12.12.2, 00:00:01, Serial1/0
> 20.0.0.0/24 is subnetted, 1 subnets
> O 20.20.20.0 [110/65] via 200.0.0.2, 00:00:01, Tunnel12
> [110/65] via 21.21.21.2, 00:00:01, Serial1/1
> [110/65] via 12.12.12.2, 00:00:01, Serial1/0
> R1#
>
> ######################################################################################
> Step #2)
>
> ######################################################################################
> R1#
> 00:28:27: %TUN-5-RECURDOWN: Tunnel12 temporarily disabled due to recursive
> routing
> 00:28:28: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel12, changed
> state to down
> 00:28:28: %OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Tunnel12 from FULL to
> DOWN, Neighbor Down: Interface down or detached
> R1#
>
> R1#
> R1#conf t
> Enter configuration commands, one per line. End with CNTL/Z.
> R1(config)#ip access-list standard no-ospf-recursive-routing
> R1(config-std-nacl)# deny 2.2.2.2
> R1(config-std-nacl)# permit any
> R1(config-std-nacl)#router ospf 1
> R1(config-router)#distribute-list no-ospf-recursive-routing in Tunnel12
> R1(config-router)#end
> R1#
> R1#
> 00:29:24: %SYS-5-CONFIG_I: Configured from console by console
> R1#
> 00:29:38: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel12, changed
> state to up
> R1#
> R1#
> R1#
> 00:29:41: %OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Tunnel12 from LOADING
> to FULL, Loading Done
> R1#sh ip route ospf
> 2.0.0.0/32 is subnetted, 1 subnets
> O 2.2.2.2 [110/65] via 21.21.21.2, 00:00:04, Serial1/1
> [110/65] via 12.12.12.2, 00:00:04, Serial1/0
> 20.0.0.0/24 is subnetted, 1 subnets
> O 20.20.20.0 [110/65] via 200.0.0.2, 00:00:04, Tunnel12
> [110/65] via 21.21.21.2, 00:00:04, Serial1/1
> [110/65] via 12.12.12.2, 00:00:04, Serial1/0
> R1#
>
> ######################################################################################
> Step #3)
>
> ######################################################################################
> R1#
> R1#conf t
> Enter configuration commands, one per line. End with CNTL/Z.
> R1(config)#ip access-list standard only-tunnel-destination
> R1(config-std-nacl)# permit 2.2.2.2
> R1(config-std-nacl)#
> R1(config-std-nacl)#router ospf 1
> R1(config-router)# distribute-list only-tunnel-destination in Serial1/0
> R1(config-router)# distribute-list only-tunnel-destination in Serial1/1
> R1(config-router)#
> R1(config-router)#end
> R1#
> R1#
> 00:31:23: %SYS-5-CONFIG_I: Configured from console by console
> R1#
> R1#
> R1#sh ip route ospf
> 2.0.0.0/32 is subnetted, 1 subnets
> O 2.2.2.2 [110/65] via 21.21.21.2, 00:00:11, Serial1/1
> [110/65] via 12.12.12.2, 00:00:11, Serial1/0
> 20.0.0.0/24 is subnetted, 1 subnets
> O 20.20.20.0 [110/65] via 200.0.0.2, 00:00:11, Tunnel12
> R1#
> R1#
>
>
>
>
> Regards,
>
> Antonio Soares, CCIE #18473 (R&S)
> amsoares@netcabo.pt
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> GAURAV MADAN
> Sent: segunda-feira, 17 de Novembro de 2008 14:14
> To: ccie forum
> Subject: GRE tunnel : Loop
>
> Hi All
>
> This is 2nd time i am asking related question on this forum .. PLss excuse
> me for that .. i still couldnt get the concept .
>
> f0/0 f0/0
> | |
> R1========= Serial========= R2
> ========= FE =========
>
> 1) I want comm between f0/0 of R1 and f0/0 of R2.
> 2) I want this to go via GRE tunnel . I want to use 1 and only 1 protocol
> OSPF .
> 3) Tunnel should be able to sustain failures in one of link between 2
> routers.
>
> R1
> ------
> interface Tunnel12
> ip address 200.0.0.1 255.0.0.0
> keepalive 10 3
> tunnel source Loopback0
> tunnel destination 2.2.2.2
>
> R2
> -----
> interface Tunnel12
> ip address 200.0.0.2 255.0.0.0
> keepalive 10 3
> tunnel source Loopback0
> tunnel destination 1.1.1.1
>
> I do understand the fact that since I am learning tunn dest via ospf and
> hence can not establish OSPF adj on tunnel interface .
> Having said that what are the options to do this task keeping in mind all
> above req.
>
> I was able to do this by violating a few req :
> [A] I learnt 2.2.2.2 on R1 via rip and 1.1.1.1 on R2 via RIP . Hence OSPF
> can be est on tunn and hence communication was over OSPF .
>
> PLease suggest
> Gaurav Madan.
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
> 

-- 
Pavel Bykov
-------------------------------------------------
Stop the braindumps!
http://www.stopbraindumps.com/

Blogs and organic groups at http://www.ccie.net

This archive was generated by hypermail 2.1.4 : Mon Dec 01 2008 - 08:18:30 ARST