Guest

Cisco IOS Software Releases 12.2 SB

Generic Routing Encapsulation Tunnel IP Source and Destination VRF Membership

  • Viewing Options

  • PDF (417.7 KB)
  • Feedback
Generic Routing Encapsulation Tunnel IP Source and Destination VRF Membership

Table Of Contents

Generic Routing Encapsulation Tunnel IP Source and Destination VRF Membership

Contents

Restrictions for GRE Tunnel IP Source and Destination VRF Membership

Information About GRE Tunnel IP Source and Destination VRF Membership

How to Configure GRE Tunnel IP Source and Destination VRF Membership

Configuration Example for GRE Tunnel IP Source and Destination VRF Membership

Additional References

Related Documents

Standards

MIBs

RFCs

Technical Assistance

Command Reference

tunnel vrf

Feature Information for GRE Tunnel IP Source and Destination VRF Membership

Obtaining Documentation, Obtaining Support, and Security Guidelines


Generic Routing Encapsulation Tunnel IP Source and Destination VRF Membership


Last Updated: April, 2007

The Generic Routing Encapsulation Tunnel IP Source and Destination VRF Membership feature allows you to configure the source and destination of a tunnel to belong to any virtual private network (VPN) routing and forwarding (VRF) table.

Finding Feature Information in This Module

Your Cisco IOS software release may not support all of the features documented in this module. To reach links to specific feature documentation in this module and to see a list of the releases in which each feature is supported, use the "Feature Information for GRE Tunnel IP Source and Destination VRF Membership" section.

Finding Support Information for Platforms and Cisco IOS Software Images

Use Cisco Feature Navigator to find information about platform support and Cisco IOS software image support. Access Cisco Feature Navigator at http://www.cisco.com/go/fn. You must have an account on Cisco.com. If you do not have an account or have forgotten your username or password, click Cancel at the login dialog box and follow the instructions that appear.

Contents

Restrictions for GRE Tunnel IP Source and Destination VRF Membership

Restrictions for GRE Tunnel IP Source and Destination VRF Membership

Information About GRE Tunnel IP Source and Destination VRF Membership

How to Configure GRE Tunnel IP Source and Destination VRF Membership

Configuration Example for GRE Tunnel IP Source and Destination VRF Membership

Additional References

Command Reference

Feature Information for GRE Tunnel IP Source and Destination VRF Membership

Obtaining Documentation, Obtaining Support, and Security Guidelines

Restrictions for GRE Tunnel IP Source and Destination VRF Membership

Cisco 10000 Series Routers

Both ends of the tunnel must reside within the same VRF.

The VRF associated with the tunnel vrf command is the same as the VRF associated with the physical interface over which the tunnel sends packets (outer IP packet routing).

The VRF associated with the tunnel by using the ip vrf forwarding command is the VRF that the packets are to be forwarded in as the packets exit the tunnel (inner IP packet routing).

The Cisco 10000 series router does not support the fragmentation of multicast packets passing through a multicast tunnel.

Information About GRE Tunnel IP Source and Destination VRF Membership

This feature allows you to configure the source and destination of a tunnel to belong to any Virtual Private Network (VPN) routing and forwarding (VRF) table. A VRF table stores routing data for each VPN. The VRF table defines the VPN membership of a customer site attached to the network access server (NAS). Each VRF table comprises an IP routing table, a derived Cisco Express Forwarding (CEF) table, and guidelines and routing protocol parameters that control the information that is included in the routing table.

Previously, GRE IP tunnels required the IP tunnel destination to be in the global routing table. The implementation of this feature allows you to configure a tunnel source and destination to belong to any VRF. As with existing GRE tunnels, the tunnel becomes disabled if no route to the tunnel destination is defined.

How to Configure GRE Tunnel IP Source and Destination VRF Membership

SUMMARY STEPS

1. enable

2. configure {terminal | memory | network}

3. interface tunnel number

4. ip vrf forwarding vrf-name

5. ip address ip-address subnet-mask

6. tunnel source (ip-address | type number)

7. tunnel destination ip-address {hostname | ip-address}

8. tunnel vrf vrf-name

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

enable

Example:

Router> enable

Enables higher privilege levels, such as privileged EXEC mode.

Enter your password if prompted.

Step 2 

configure terminal

Example:

Router# configure terminal

Enters global configuration mode.

Step 3 

interface tunnel number

Example:

Router(config)# interface tunnel 0

Enters interface configuration mode for the specified interface.

number is the number associated with the tunnel interface.

Step 4 

ip vrf forwarding vrf-name


Example:

Router(config-if)# ip vrf forwarding green

Associates a virtual private network (VPN) routing and forwarding (VRF) instance with an interface or subinterface.

vrf-name is the name assigned to a VRF.

Step 5 

ip address ip-address subnet-mask

Example:

Router(config-if)# ip address 10.7.7.7 255.255.255.255

Specifies the interface IP address and subnet mask.

ip-address specifies the IP address of the interface.

subnet-mask specifies the subnet mask of the interface.

Step 6 

tunnel source {ip-address | type number}

Example:

Router(config-if)# tunnel source loop 0

Specifies the source of the tunnel interface.

ip-address specifies the IP address to use as the source address for packets in the tunnel.

type specifies the interface type (for example, serial).

number specifies the port, connector, or interface card number. The numbers are assigned at the factory at the time of installation or when added to a system, and can be displayed using the show interfaces command.

Step 7 

Router(config-if)# tunnel destination {hostname | ip-address}

Example:

Router(config-if)# tunnel destination 10.5.5.5

Defines the tunnel destination.

hostname specifies the name of the host destination.

ip-address specifies the IP address of the host destination.

Step 8 

Router(config-if)# tunnel vrf vrf-name

Example:

Router(config-if)# tunnel vrf finance1

Associates a VPN routing and forwarding (VRF) instance with a specific tunnel destination.

vrf-name is the name assigned to a VRF.


Configuration Example for GRE Tunnel IP Source and Destination VRF Membership

In this example, packets received on interface e0 using VRF green are forwarded out of the tunnel through interface e1 using VRF blue.

ip vrf blue
 rd 1:1

ip vrf green
 rd 1:2

interface loop0
 ip vrf forwarding blue
 ip address 10.7.7.7 255.255.255.255

interface tunnel0
 ip vrf forwarding green
 ip address 10.3.3.3 255.255.255.0
 tunnel source loop 0
 tunnel destination 10.5.5.5
 tunnel vrf blue

interface ethernet0
 ip vrf forwarding green
 ip address 10.1.1.1 255.255.255.0

interface ethernet1
 ip vrf forwarding blue
 ip address 10.2.2.2 255.255.255.0

 ip route vrf blue 10.5.5.5 255.255.255.0 ethernet 1

Additional References

Related Documents

Related Topic
Document Title

VRF tables

"Configuring Multiprotocol Label Switching" chapter of the Cisco IOS Switching Services Configuration Guide, Release 12.2

Tunnels

Cisco IOS Interface Configuration Guide, Release 12.2


Standards

Standard
Title

No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature


MIBs

MIB
MIBs Link

No new or modified MIBs are supported by this feature, and support for existing MIBs has not been modified by this feature.

To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL:

http://www.cisco.com/go/mibs


RFCs

RFC
Title

No new or modified RFCs are supported by this feature, and support for existing RFCs has not been modified by this feature.


Technical Assistance

Description
Link

The Cisco Technical Support & Documentation website contains thousands of pages of searchable technical content, including links to products, technologies, solutions, technical tips, and tools. Registered Cisco.com users can log in from this page to access even more content.

http://www.cisco.com/techsupport


Command Reference

This section documents the new command. All other commands used with this feature are documented in the Cisco IOS Release 12.2 command reference publications.

tunnel vrf

tunnel vrf

To associate a VPN routing and forwarding (VRF) instance with a specific tunnel destination, interface or subinterface, use the tunnel vrf command in global configuration mode or interface configuration mode. To disassociate a VRF from the tunnel destination, use the no form of this command.

tunnel vrf vrf-name

no tunnel vrf vrf-name

Syntax Description

vrf-name

Name assigned to a VRF.


Defaults

The default destination is determined by the global routing table.

Command Modes

Global configuration
Interface configuration

Command History

Release
Modification

12.0(23)S

This command was introduced.

12.3(2)T

This command was integrated into Cisco IOS Release 12.3(2)T.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2(31)SB5

This command was integrated into Cisco IOS Release 12.2(31)SB5.


Usage Guidelines

The tunnel source and destination must be in the same VRF.

Either the IP VRF or the tunnel VRF can be set to the global routing table (using the no ip vrf forwarding vrf command or the no tunnel vrf vrf command).

The tunnel is disabled if no route to the tunnel destination is defined. If the tunnel VRF is set, there must be a route to that destination in the VRF.

Cisco 10000 Series Router

The VRF associated with the tunnel vrf command is the same as the VRF associated with the physical interface over which the tunnel sends packets (outer IP packet routing).

Examples

The following example shows how to associate a VRF with a tunnel destination. The router looks up the tunnel endpoint, 10.5.5.5, in the blue VRF.

interface tunnel0
 ip vrf forwarding green
 ip address 10.3.3.3 255.255.255.0
 tunnel source loop 0
 tunnel destination 10.5.5.5
 tunnel vrf blue

Related Commands

Command
Description

ip route vrf

Establishes static routes for a VRF.

ip vrf

Configures a VRF routing table.

ip vrf forwarding

Associates a VPN VRF instance with an interface or subinterface.

tunnel destination

Specifies the destination for a tunnel interface.

tunnel source

Sets the source address for a tunnel interface.


Feature Information for GRE Tunnel IP Source and Destination VRF Membership

Table 1 lists the release history for this feature.

Not all commands may be available in your Cisco IOS software release. For release information about a specific command, see the command reference documentation.

Cisco IOS software images are specific to a Cisco IOS software release, a feature set, and a platform. Use Cisco Feature Navigator to find information about platform support and Cisco IOS software image support. Access Cisco Feature Navigator at http://www.cisco.com/go/fn. You must have an account on Cisco.com. If you do not have an account or have forgotten your username or password, click Cancel at the login dialog box and follow the instructions that appear.


Note Table 1 lists only the Cisco IOS software release that introduced support for a given feature in a given Cisco IOS software release train. Unless noted otherwise, subsequent releases of that Cisco IOS software release train also support that feature.


Table 1 Feature Information for GRE Tunnel IP Source and Destination VRF Membership 

Feature Name
Releases
Feature Information

GRE Tunnel IP Source and Destination VRF Membership

12.0(23)S
12.2(31)SB5

Allows you to configure the source and destination of a tunnel to belong to any VPN VRF table.

In 12.0(23)S, this feature was introduced.

In 12.2(31)SB5, support was added for the Cisco 10000 series router for the PRE2 and PRE3.

The following command was introduced by this feature: tunnel vrf.


Obtaining Documentation, Obtaining Support, and Security Guidelines

For information on obtaining documentation, obtaining support, providing documentation feedback, security guidelines, and also recommended aliases and general Cisco documents, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:

http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html

All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0704R)

Copyright © 2007 Cisco Systems, Inc. All rights reserved.