Guest

Cisco IOS Software Releases 12.2 SB

Generic Routing Encapsulation (GRE) Tunnel Keepalive

  • Viewing Options

  • PDF (170.6 KB)
  • Feedback
Generic Routing Encapsulation (GRE) Tunnel Keepalive

Table Of Contents

Generic Routing Encapsulation (GRE) Tunnel Keepalive

keepalive


Generic Routing Encapsulation (GRE) Tunnel Keepalive


The GRE Tunnel Keepalive feature provides the capability of configuring keepalive packets to be sent over IP-encapsulated GRE tunnels. You can specify the rate at which keepalives will be sent and the number of times that a device will continue to send keepalive packets without a response before the interface becomes inactive. GRE keepalive packets may be sent from both sides of a tunnel or from just one side.

Configuration Information

Configuration information is included in the "Implementing Tunnels" chapter in the Cisco IOS Interface and Hardware Component Configuration Guide, Release 12.4, at the following URL:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124cg/hif_c/inb_tun.htm

Command Reference Information

This section documents modified commands.

keepalive

keepalive

To enable keepalive packets and to specify the number of times that the Cisco IOS software tries to send keepalive packets without a response before bringing down the interface or before bringing the tunnel protocol down for a specific interface, use the keepalive command in interface configuration mode. When the keepalive function is enabled, a keepalive packet is sent at the specified time interval to keep the interface active. To turn off keepalive packets entirely, use the no form of this command.

keepalive [period [retries]]

no keepalive [period [retries]]

Syntax Description

period

(Optional) Integer value, in seconds, that represents the time interval between messages sent by the Cisco IOS software to ensure that a network interface is alive. Value must be greater than 0, and the default is 10.

retries

(Optional) Number of times that the device will continue to send keepalive packets without response before bringing the interface down. Integer value greater than 1 and less than 255. If omitted, the value that was previously set is used; if no value was specified previously, the default of 5 is used.

If this command is used with a tunnel interface, specifies the number of times that the device will continue to send keepalive packets without response before bringing the tunnel interface protocol down.


Command Default

No keepalive packets are sent.

Command Modes

Interface configuration

Command History

Release
Modification

10.0

This command was introduced.

12.2(8)T

The retries argument was added and made available on tunnel interfaces.

12.2(13)T

The default value for the retries argument was increased to 5.

12.2(28)SB

This command was integrated into Cisco IOS Release 12.2(28)SB.


Usage Guidelines

Keepalive Time Interval

You can configure the keepalive time interval, which is the frequency at which the Cisco IOS software sends messages to itself (Ethernet and Token Ring) or to the other end (serial and tunnel), to ensure that a network interface is alive. The interval is adjustable in 1-second increments down to 1 second. An interface is declared down after five update intervals have passed without receiving a keepalive packet unless the retry value is set higher. If you are running a Cisco IOS image prior to Cisco IOS Release 12.2(13)T, the default retry value is 3.


Note Ethernet interface drivers on some access platforms use keepalive time as the interval to test for network connectivity. By default, Ethernet link failure detection occurs between 1 and 9 seconds. Keepalive packets are still transmitted on the interface during this time.


Setting the keepalive timer to a low value is very useful for rapidly detecting Ethernet interface failures (transceiver cable disconnecting, cable not terminated, and so on).

Line Failure

A typical serial line failure involves losing Carrier Detect (CD) signal. Because this sort of failure is typically noticed within a few milliseconds, adjusting the keepalive timer for quicker routing recovery is generally not useful.

Keepalive Packets with Tunnel Interfaces

Generic routing encapsulation (GRE) keepalive packets may be sent from both sides of a tunnel or from just one side. If they are sent from both sides, the period and retry parameters can be different at each side of the link. If you configure keepalives on only one side of the tunnel, the tunnel interface on the sending side might perceive the tunnel interface on the receiving side to be down because the sending interface is not receiving keepalives. From the receiving side of the tunnel, the link appears normal because no keepalives were enabled on the second side of the link.

Dropped Packets

Keepalive packets are treated as ordinary packets, so it is possible that they will be dropped. To reduce the chance that dropped keepalive packets will cause the tunnel interface to be taken down, increase the number of retries.


Note When adjusting the keepalive timer for a very low bandwidth serial interface, large datagrams can
delay the smaller keepalive packets long enough to cause the line protocol to go down. You may
need to experiment to determine the best values to use for the timeout and the number of
retry attempts.


GRE Tunnels with IPsec

When GRE is used with IPsec, the keepalives are encrypted like any other traffic. As with user data packets, if the IKE and IPsec security associations are not already active on the GRE tunnel, the first GRE keepalive packet will trigger IKE/IPsec initialization.

Examples

The following example shows how to enable keepalive packets and set the keepalive interval to 3 seconds:

Router(config)# interface ethernet 0
Router(config-if)# keepalive 3

The following example shows how to enable keepalive packets and set the keepalive interval to 3 seconds and the retry value to 7:

Router(config)# interface tunnel 1
Router(config-if)# keepalive 3 7