Generic Routing Encapsulation Tunnel IP Source and Destination VRF Membership

Similar documents
DHCP Lease Limit per ATM/RBE Unnumbered Interface

Suppress BGP Advertisement for Inactive Routes

IS-IS Incremental SPF

OSPF Incremental SPF

BGP Enforce the First Autonomous System Path

QoS Child Service Policy for Priority Class

Configuring Multiple Basic Service Set Identifiers and Microsoft WPS IE SSIDL

PPPoE Session Recovery After Reload

DHCP Option 82 Support for Routed Bridge Encapsulation

MPLS MTU Command Changes

VPDN Group Session Limiting

Configuring the Cisco IOS DHCP Relay Agent

IMA Dynamic Bandwidth

Protocol-Independent MAC ACL Filtering on the Cisco Series Internet Router

Logging to Local Nonvolatile Storage (ATA Disk)

OSPF RFC 3623 Graceful Restart Helper Mode

Configuring Route Maps to Control the Distribution of MPLS Labels Between Routers in an MPLS VPN

RADIUS NAS-IP-Address Attribute Configurability

PPPoE Client DDR Idle Timer

Configuring an Intermediate IP Multicast Helper Between Broadcast-Only Networks

SSG Service Profile Caching

DHCP ODAP Server Support

PPP/MLP MRRU Negotiation Configuration

RADIUS Tunnel Preference for Load Balancing and Fail-Over

DHCP Relay MPLS VPN Support

Cisco Unity Express Voic System User s Guide

Cisco Voice Applications OID MIB

Per IP Subscriber DHCP Triggered RADIUS Accounting

Installing IEC Rack Mounting Brackets on the ONS SDH Shelf Assembly

Cisco Smart Business Communications System Teleworker Set Up

Configuring MPLS Multi-VRF (VRF-lite)

Contextual Configuration Diff Utility

IP SLAs Random Scheduler

Using Application Level Gateways with NAT

Frame Relay Conditional Debug Support

Configuring Token Ring LAN Emulation for Multiprotocol over ATM

BECN and FECN Marking for Frame Relay over MPLS

Modified LNS Dead-Cache Handling

Extended NAS-Port-Type and NAS-Port Support

Cisco Aironet Directional Antenna (AIR-ANT-SE-WiFi-D)

ISSU and SSO DHCP High Availability Features

Autosense of MUX/SNAP Encapsulation and PPPoA/PPPoE on ATM PVCs

Route Processor Redundancy Plus (RPR+)

Cisco Software Licensing Information for Cisco Unified Communications 500 Series for Small Business

Maintenance Checklists for Cisco Unity VPIM Networking (with Microsoft Exchange)

Wireless LAN Error Messages

PPPoE Session Limits per NAS Port

MPLS VPN: VRF Selection Based on Source IP Address

Packet Classification Using the Frame Relay DLCI Number

Cisco Aironet 1500 Series Access Point Large Pole Mounting Kit Instructions

Configuring Virtual Interfaces

IP Event Dampening. Feature History for the IP Event Dampening feature

This feature was introduced. This feature was integrated into Cisco IOS Release 12.2(27)SBA.

Connecting Cisco DSU/CSU High-Speed WAN Interface Cards

Cisco 806, Cisco 820 Series, Cisco 830 Series, SOHO 70 Series and SOHO 90 Series Routers ROM Monitor Download Procedures

LAN Emulation Overview

VPDN LNS Address Checking

RADIUS Logical Line ID

Troubleshooting ISA with Session Monitoring and Distributed Conditional Debugging

Cisco Unified MeetingPlace for Microsoft Office Communicator

Low Latency Queueing with Priority Percentage Support

ATM VP Average Traffic Rate

PPPoE Service Selection

Cisco Unified Mobile Communicator 3.0 User Portal Guide

Release Notes for Cisco Security Agent for Cisco Unified MeetingPlace Release 6.0(7)

MPLS VPN OSPF and Sham-Link Support

Wireless LAN Overview

Application Firewall Instant Message Traffic Enforcement

Installing the Cisco ONS Deep Door Kit

Connecting Cisco WLAN Controller Enhanced Network Modules to the Network

Chunk Validation During Scheduler Heapcheck

PPPoE Agent Remote-ID and DSL Line Characteristics Enhancement

Cisco Report Server Readme

Cisco 10-Gigabit Fibre Channel X2 Transceiver Module Installation Note

Release Notes for Cisco Aironet Client Utility and Driver, Version 3.0 for Mac OS

L2VPN Pseudowire Switching

Exclusive Configuration Change Access and Access Session Locking

Applying the Tunnel Template on the Home Agent

RSVP Message Authentication

Maintenance Checklists for Microsoft Exchange on a Cisco Unity System

MPLS Traffic Engineering Fast Reroute Link Protection

This module was first published on May 2, 2005, and last updated on May 2, 2005.

Connecting Cisco 4-Port FXS/DID Voice Interface Cards

Corporate Headquarters: Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA USA

Using Microsoft Outlook to Schedule and Join Cisco Unified MeetingPlace Express Meetings

Configuring ISA Accounting

Installation Notes for Catalyst 3750-E and Catalyst 3560-E Switch Fan Modules

MIB Quick Reference for the Cisco ONS Series

Site Preparation and Network Communications Requirements

White Paper: Using Microsoft Windows Server 2003 with Cisco Unity 4.0(4)

QoS: Color-Aware Policer

IP SLAs Proactive Threshold Monitoring

Support of Provisionable QoS for Signaling Traffic

Cisco Virtual Office End User Instructions for Cisco 1811 Router Set Up at Home or Small Office

MPLS Traffic Engineering (TE) Scalability Enhancements

Maintenance Checklists for Active Directory on a Cisco Unity System with Exchange as the Message Store

Release Notes for Cisco ONS MA Release 9.01

Cisco Video Surveillance Virtual Matrix Client Configuration Guide

Catalyst 2955 Switch DIN Rail Clip Installation Notes

Configuring ISG VRF Transfer (Cisco IOS Release 12.2(28)SB)

Transcription:

Generic Routing Encapsulation Tunnel IP Source and Destination VRF Membership Last Updated: April, 2007 The feature allows you to configure the source and destination of a tunnel to belong to any virtual private network (VPN) routing and forwarding (VRF) table. Finding Feature Information in This Module Your Cisco IOS software release may not support all of the features documented in this module. To reach links to specific feature documentation in this module and to see a list of the releases in which each feature is supported, use the Feature Information for GRE Tunnel IP Source and Destination VRF Membership section on page 7. Finding Support Information for Platforms and Cisco IOS Software Images Use Cisco Feature Navigator to find information about platform support and Cisco IOS software image support. Access Cisco Feature Navigator at http://www.cisco.com/go/fn. You must have an account on Cisco.com. If you do not have an account or have forgotten your username or password, click Cancel at the login dialog box and follow the instructions that appear. Contents Restrictions for GRE Tunnel IP Source and Destination VRF Membership, page 2 Restrictions for GRE Tunnel IP Source and Destination VRF Membership, page 2 Information About GRE Tunnel IP Source and Destination VRF Membership, page 2 How to Configure GRE Tunnel IP Source and Destination VRF Membership, page 2 Configuration Example for GRE Tunnel IP Source and Destination VRF Membership, page 4 Additional References, page 4 Command Reference, page 5 Feature Information for GRE Tunnel IP Source and Destination VRF Membership, page 7 Americas Headquarters: Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA 2007 Cisco Systems, Inc. All rights reserved.

Restrictions for GRE Tunnel IP Source and Destination VRF Membership Obtaining Documentation, Obtaining Support, and Security Guidelines, page 8 Restrictions for GRE Tunnel IP Source and Destination VRF Membership Cisco 10000 Series Routers Both ends of the tunnel must reside within the same VRF. The VRF associated with the tunnel vrf command is the same as the VRF associated with the physical interface over which the tunnel sends packets (outer IP packet routing). The VRF associated with the tunnel by using the ip vrf forwarding command is the VRF that the packets are to be forwarded in as the packets exit the tunnel (inner IP packet routing). The Cisco 10000 series router does not support the fragmentation of multicast packets passing through a multicast tunnel. Information About GRE Tunnel IP Source and Destination VRF Membership This feature allows you to configure the source and destination of a tunnel to belong to any Virtual Private Network (VPN) routing and forwarding (VRF) table. A VRF table stores routing data for each VPN. The VRF table defines the VPN membership of a customer site attached to the network access server (NAS). Each VRF table comprises an IP routing table, a derived Cisco Express Forwarding (CEF) table, and guidelines and routing protocol parameters that control the information that is included in the routing table. Previously, GRE IP tunnels required the IP tunnel destination to be in the global routing table. The implementation of this feature allows you to configure a tunnel source and destination to belong to any VRF. As with existing GRE tunnels, the tunnel becomes disabled if no route to the tunnel destination is defined. How to Configure GRE Tunnel IP Source and Destination VRF Membership SUMMARY STEPS 1. enable 2. configure {terminal memory network} 3. interface tunnel number 4. ip vrf forwarding vrf-name 5. ip address ip-address subnet-mask 6. tunnel source (ip-address type number) 7. tunnel destination ip-address {hostname ip-address} 2

How to Configure GRE Tunnel IP Source and Destination VRF Membership DETAILED STEPS 8. tunnel vrf vrf-name Step 1 Step 2 Command or Action enable Router> enable configure terminal Purpose Enables higher privilege levels, such as privileged EXEC mode. Enter your password if prompted. Enters global configuration mode. Step 3 Step 4 Step 5 Step 6 Step 7 Step 8 Router# configure terminal interface tunnel number Router(config)# interface tunnel 0 ip vrf forwarding vrf-name Router(config-if)# ip vrf forwarding green ip address ip-address subnet-mask Router(config-if)# ip address 10.7.7.7 255.255.255.255 tunnel source {ip-address type number} Router(config-if)# tunnel source loop 0 Router(config-if)# tunnel destination {hostname ip-address} Router(config-if)# tunnel destination 10.5.5.5 Router(config-if)# tunnel vrf vrf-name Router(config-if)# tunnel vrf finance1 Enters interface configuration mode for the specified interface. number is the number associated with the tunnel interface. Associates a virtual private network (VPN) routing and forwarding (VRF) instance with an interface or subinterface. vrf-name is the name assigned to a VRF. Specifies the interface IP address and subnet mask. ip-address specifies the IP address of the interface. subnet-mask specifies the subnet mask of the interface. Specifies the source of the tunnel interface. ip-address specifies the IP address to use as the source address for packets in the tunnel. type specifies the interface type (for example, serial). number specifies the port, connector, or interface card number. The numbers are assigned at the factory at the time of installation or when added to a system, and can be displayed using the show interfaces command. Defines the tunnel destination. hostname specifies the name of the host destination. ip-address specifies the IP address of the host destination. Associates a VPN routing and forwarding (VRF) instance with a specific tunnel destination. vrf-name is the name assigned to a VRF. 3

Configuration Example for GRE Tunnel IP Source and Destination VRF Membership Configuration Example for GRE Tunnel IP Source and Destination VRF Membership In this example, packets received on interface e0 using VRF green are forwarded out of the tunnel through interface e1 using VRF blue. Remote LAN A e0 e1 10.3.3.3 10.7.7.7 VRF Green VRF Blue Remote LAN B ip vrf blue rd 1:1 ip vrf green rd 1:2 interface loop0 ip vrf forwarding blue ip address 10.7.7.7 255.255.255.255 interface tunnel0 ip vrf forwarding green ip address 10.3.3.3 255.255.255.0 tunnel source loop 0 tunnel destination 10.5.5.5 tunnel vrf blue interface ethernet0 ip vrf forwarding green ip address 10.1.1.1 255.255.255.0 interface ethernet1 ip vrf forwarding blue ip address 10.2.2.2 255.255.255.0 ip route vrf blue 10.5.5.5 255.255.255.0 ethernet 1 Additional References Related Documents Related Topic Document Title VRF tables "Configuring Multiprotocol Label Switching" chapter of the Cisco IOS Switching Services Configuration Guide, Release 12.2 Tunnels Cisco IOS Interface Configuration Guide, Release 12.2 4

Command Reference Standards Standard No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature Title MIBs MIB No new or modified MIBs are supported by this feature, and support for existing MIBs has not been modified by this feature. MIBs Link To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL: http://www.cisco.com/go/mibs RFCs RFC No new or modified RFCs are supported by this feature, and support for existing RFCs has not been modified by this feature. Title Technical Assistance Description The Cisco Technical Support & Documentation website contains thousands of pages of searchable technical content, including links to products, technologies, solutions, technical tips, and tools. Registered Cisco.com users can log in from this page to access even more content. Link http://www.cisco.com/techsupport Command Reference This section documents the new command. All other commands used with this feature are documented in the Cisco IOS Release 12.2 command reference publications. tunnel vrf 5

tunnel vrf tunnel vrf To associate a VPN routing and forwarding (VRF) instance with a specific tunnel destination, interface or subinterface, use the tunnel vrf command in global configuration mode or interface configuration mode. To disassociate a VRF from the tunnel destination, use the no form of this command. tunnel vrf vrf-name no tunnel vrf vrf-name Syntax Description vrf-name Name assigned to a VRF. Defaults The default destination is determined by the global routing table. Command Modes Global configuration Interface configuration Command History Release 12.0(23)S 12.3(2)T 12.2(33)SRA 12.2(31)SB5 Modification This command was introduced. This command was integrated into Cisco IOS Release 12.3(2)T. This command was integrated into Cisco IOS Release 12.2(33)SRA. This command was integrated into Cisco IOS Release 12.2(31)SB5. Usage Guidelines The tunnel source and destination must be in the same VRF. Either the IP VRF or the tunnel VRF can be set to the global routing table (using the no ip vrf forwarding vrf command or the no tunnel vrf vrf command). The tunnel is disabled if no route to the tunnel destination is defined. If the tunnel VRF is set, there must be a route to that destination in the VRF. Cisco 10000 Series Router The VRF associated with the tunnel vrf command is the same as the VRF associated with the physical interface over which the tunnel sends packets (outer IP packet routing). Examples The following example shows how to associate a VRF with a tunnel destination. The router looks up the tunnel endpoint, 10.5.5.5, in the blue VRF. interface tunnel0 ip vrf forwarding green ip address 10.3.3.3 255.255.255.0 tunnel source loop 0 tunnel destination 10.5.5.5 tunnel vrf blue 6

Feature Information for GRE Tunnel IP Source and Destination VRF Membership Related Commands Command ip route vrf ip vrf ip vrf forwarding tunnel destination tunnel source Description Establishes static routes for a VRF. Configures a VRF routing table. Associates a VPN VRF instance with an interface or subinterface. Specifies the destination for a tunnel interface. Sets the source address for a tunnel interface. Feature Information for GRE Tunnel IP Source and Destination VRF Membership Table 1 lists the release history for this feature. Not all commands may be available in your Cisco IOS software release. For release information about a specific command, see the command reference documentation. Cisco IOS software images are specific to a Cisco IOS software release, a feature set, and a platform. Use Cisco Feature Navigator to find information about platform support and Cisco IOS software image support. Access Cisco Feature Navigator at http://www.cisco.com/go/fn. You must have an account on Cisco.com. If you do not have an account or have forgotten your username or password, click Cancel at the login dialog box and follow the instructions that appear. Note Table 1 lists only the Cisco IOS software release that introduced support for a given feature in a given Cisco IOS software release train. Unless noted otherwise, subsequent releases of that Cisco IOS software release train also support that feature. Table 1 Feature Information for GRE Tunnel IP Source and Destination VRF Membership Feature Name Releases Feature Information GRE Tunnel IP Source and Destination VRF Membership 12.0(23)S 12.2(31)SB5 Allows you to configure the source and destination of a tunnel to belong to any VPN VRF table. In 12.0(23)S, this feature was introduced. In 12.2(31)SB5, support was added for the Cisco 10000 series router for the PRE2 and PRE3. The following command was introduced by this feature: tunnel vrf. 7

Obtaining Documentation, Obtaining Support, and Security Guidelines Obtaining Documentation, Obtaining Support, and Security Guidelines For information on obtaining documentation, obtaining support, providing documentation feedback, security guidelines, and also recommended aliases and general Cisco documents, see the monthly What s New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at: http://www.cisco.com/en/us/docs/general/whatsnew/whatsnew.html CCVP, the Cisco Logo, and the Cisco Square Bridge logo are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn is a service mark of Cisco Systems, Inc.; and Access Registrar, Aironet, BPX, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iphone, IP/TV, iq Expertise, the iq logo, iq Net Readiness Scorecard, iquick Study, LightStream, Linksys, MeetingPlace, MGX, Networking Academy, Network Registrar, Packet, PIX, ProConnect, RateMUX, ScriptShare, SlideCast, SMARTnet, StackWise, The Fastest Way to Increase Your Internet Quotient, and TransPath are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries. All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0704R) Copyright 2007 Cisco Systems, Inc. All rights reserved. 8

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback