Interfaces Configuration Guide, Cisco DCNM for LAN, Release 6.x
Configuring IP Tunnels
Downloads: This chapterpdf (PDF - 192.0KB) The complete bookPDF (PDF - 7.16MB) | Feedback

Configuring IP Tunnels

Table Of Contents

Configuring IP Tunnels

Information About IP Tunnels

IP Tunnel Overview

GRE Tunnels

Path MTU Discovery

Virtualization Support

High Availability

Licensing Requirements for IP Tunnels

Prerequisites for IP Tunnels

Field Descriptions for Tunnel Interfaces

Tunnel: Details Tab: Tunnel Details Section

Tunnels: Details Tab: Source Section

Tunnel: Statistics Tab

Default Settings

Platform Support

Configuring IP Tunnels

Enabling Tunneling

Creating a Tunnel Interface

Deleting a Tunnel Interface

Monitoring Tunnel Interfaces

Additional References

Related Documents

Standards

Feature History for Configuring IP Tunnels


Configuring IP Tunnels



Note The Cisco NX-OS release that is running on a managed device may not support all the features or settings described in this chapter. For the latest feature information and caveats, see the documentation and release notes for your platform and software release.


This chapter describes how to configure IP tunnels using Generic Route Encapsulation (GRE) using the Cisco Data Center Network Manager (DCNM).

This chapter includes the following sections:

Information About IP Tunnels

Licensing Requirements for IP Tunnels

Prerequisites for IP Tunnels

Default Settings

Platform Support

Configuring IP Tunnels

Monitoring Tunnel Interfaces

Field Descriptions for Tunnel Interfaces

Additional References

Feature History for Configuring IP Tunnels

Information About IP Tunnels

IP tunnels can encapsulate a same-layer or higher layer protocol and transport the result over IP through a tunnel created between two devices.

This section includes the following topics:

IP Tunnel Overview

GRE Tunnels

Path MTU Discovery

Virtualization Support

High Availability

IP Tunnel Overview

IP tunnels consists of the following three main components:

Passenger protocol—The protocol that needs to be encapsulated. IPv4 is an example of a passenger protocol.

Carrier protocol—The protocol that is used to encapsulate the passenger protocol. Cisco NX-OS supports GRE as a carrier protocol.

Transport protocol—The protocol that is used to carry the encapsulated protocol. IPv4 is an example of a transport protocol.

An IP tunnel takes a passenger protocol, such as IPv4, and encapsulates that protocol within a carrier protocol, such as GRE. The device then transmits this carrier protocol over a transport protocol, such as IPv4.

You configure a tunnel interface with matching characteristics on each end of the tunnel.

For more information, see the "Configuring IP Tunnels" section.

You must enable the tunnel feature before you can see configure it. Beginning in Cisco NX-OS Release 4.2, the system automatically takes a checkpoint prior to disabling the feature, and you can roll back to this checkpoint. See the Cisco Nexus 7000 Series NX-OS System Management Configuration Guide, Release 5.x, for information on roll backs and checkpoints.

GRE Tunnels


Note Beginning with Cisco NX-OS Release 5.1(1), the software supports multicasting over GRE tunnels.


You can use generic routing encapsulation (GRE) as the carrier protocol for a variety of passenger protocols.

Figure 7-1 shows the IP tunnel components for a GRE tunnel. The original passenger protocol packet becomes the GRE payload and the device adds a GRE header to the packet. The device then adds the transport protocol header to the packet and transmits it.

Figure 7-1 GRE PDU

Path MTU Discovery

Path maximum transmission unit (MTU) discovery (PMTUD) prevents fragmentation in the path between two endpoints by dynamically determining the lowest MTU along the path from the packet's source to its destination. PMTUD reduces the send MTU value for the connection if the interface receives information that the packet would require fragmentation.

When you enable PMTUD, the interface sets the Don't Fragment (DF) bit on all packets that traverse the tunnel. If a packet that enters the tunnel encounters a link with a smaller MTU than the MTU value for the packet, the remote link drops the packet and sends an ICMP message back to the sender of the packet. This message indicates that fragmentation was required (but not permitted) and provides the MTU of the link that dropped the packet.


Note PMTUD on a tunnel interface requires that the tunnel endpoint can receive ICMP messages generated by devices in the path of the tunnel. Check that ICMP messages can be received before using PMTUD over firewall connections.


Virtualization Support

You can configure IP tunnels only in the default virtual device context (VDC) and the default Virtual Routing and Forwarding (VRF) instance.

Beginning with Cisco DCNM Release 4.2, you can configure a tunnel interface as a member of any VDC. By default, Cisco DCNM places you in the default VDC and default VRF unless you specifically configure another VDC. A tunnel configured in one VDC is isolated from a tunnel with the same number configured in another VDC. For example, Tunnel 0 in VDC 1 is independent of tunnel 0 in VDC 2.

See the Virtual Device Context Configuration Guide, Cisco DCNM for LAN, Release 5.x, for information about VDCs and see the Unicast Configuration Guide, Cisco DCNM for LAN, Release 5.x, for information about VRFs.

High Availability

IP tunnels support stateful restarts. A stateful restart occurs on a supervisor switchover. After the switchover, Cisco NX-OS applies the runtime configuration after the switchover.

Licensing Requirements for IP Tunnels

The following table shows the licensing requirements for this feature:

Product
License Requirement

Cisco DCNM

IP tunnels require a LAN Enterprise license. For a complete explanation of the DCNM licensing scheme and how to obtain and apply licenses, see the Cisco DCNM Installation and Licensing Guide, Release 5.x.

Cisco NX-OS

IP tunnels require an Enterprise Services license. For a complete explanation of the Cisco NX-OS licensing scheme and how to obtain and apply licenses, see the Cisco NX-OS Licensing Guide.


Prerequisites for IP Tunnels

IP tunnels have the following prerequisites:

You must be familiar with TCP/IP fundamentals to configure IP tunnels.

You are logged on to the switch.

You have installed the Enterprise Services license for Cisco NX-OS.

You have installed the LAN Enterprise license for Cisco DCNM.

You must enable the tunneling feature in a device before you can configure and enable any IP tunnels.

For Cisco NX-OS Release 5.0(1) and later, the maximum number of supported tunnel interfaces was changed to 4095.

Field Descriptions for Tunnel Interfaces

This section includes the following field descriptions for tunnel interfaces:

Tunnel: Details Tab: Tunnel Details Section

Tunnels: Details Tab: Source Section

Tunnel: Statistics Tab

Tunnel: Details Tab: Tunnel Details Section

Table 7-1 Tunnel: Details: Tunnel

Field
Description

Device

Display only. Name of device where tunnel interface exists.

Tunnel ID

Display only. Tunnel interface number.

Description

String that describes the tunnel interface.

Admin Status

Administrative status of the tunnel interface. The default is down.

Oper Status

Operational status of the tunnel interface.

MTU

MTU value for this tunnel.

IP Address

IPv4 address in dotted decimal notation.

Net mask

Network mask for the IPv4 address, in dotted decimal notation.

IPv6 Address

IPv6 prefix in x:x:x::x/length format.


Tunnels: Details Tab: Source Section

Table 7-2 Tunnels: Details: Source  

Field
Description
Local Endpoint

Interface

Interface for the tunnel source address.

IP Address

IPv4 address, in dotted decimal notation for the tunnel source address.

Remote Endpoint

Host Name

Device name for tunnel destination.

IP Address

IPv4 address, in dotted decimal notation for the tunnel destination address.


Tunnel: Statistics Tab

Table 7-3 Tunnel: Statistics Tab 

Field
Description

Status

Status of statistics collection. Roll over Status to get a popup tip.

Select Parameters

List of statistics that can be gathered on tunnel interfaces.

Show Overview Chart

Overview popup of statistics.


Default Settings

Table 7-4 lists the default settings for IP tunnel parameters.

Table 7-4 Default IP Tunnel Parameters 

Parameters
Default

Path MTU discovery age timer

10 minutes

Path MTU discovery minimum MTU

64

Tunnel feature

Disabled


Platform Support

The following platform supports this feature. For platform-specific information, including guidelines and limitations, system defaults, and configuration limits, see the corresponding documentation.

Platform
Documentation

Cisco Nexus 7000 Series Switches

Cisco Nexus 7000 Series Switches Documentation


Configuring IP Tunnels

You can access IP tunnels from the Interfaces feature selection. Figure 7-2 shows how to configure IP tunnels.

Figure 7-2 Configuring Tunnel Interfaces

For more information about Cisco DCNM features, see the Fundamentals Configuration Guide, Cisco DCNM for LAN, Release 5.x .

This section includes the following topics:

Enabling Tunneling

Creating a Tunnel Interface

Deleting a Tunnel Interface

Enabling Tunneling

You must enable the tunneling feature before you can configure any IP tunnels.

DETAILED STEPS


Step 1 From the Feature Selector pane, choose Interfaces > Logical > Tunnel.

The available devices appear in the Summary pane.

Step 2 From the Summary pane, double-click the device that you want to enable IP tunneling on.

Step 3 From the Details pane, click the Enable Tunnel Service link if present.

Step 4 From the menu bar, choose File > Deploy to apply your changes to the device.


Creating a Tunnel Interface

You can create a tunnel interface and then configure this logical interface for your IP tunnel.

BEFORE YOU BEGIN

Ensure that you have enabled the tunneling feature.

DETAILED STEPS


Step 1 From the Feature Selector pane, choose Interfaces > Logical > Tunnel.

The available devices appear in the Summary pane.

Step 2 From the Summary pane, double-click the device to display a list of existing tunnels.

Step 3 From the menu bar, choose Actions > New Tunnel.

The system highlights the new tunnel in the Summary pane, and tabs update in the Details pane.

Step 4 From the highlighted tunnel field, enter the tunnel number.

The number range is from 0 to 32767.

Step 5 From the Details pane, click the Tunnel Details tab.

The Tunnel Details tab appears.

Step 6 From the Tunnel Details tab, expand the General section.

The general tunnel information appears in the Details pane.

Step 7 (Optional) From the General section, set the IP Address field to the IPv4 address for this tunnel interface.

Step 8 (Optional) In the Network Mask field, set the network mask for this IPv4 address in dotted decimal notation.

Step 9 (Optional) In the IPv6 Address field, set the Primary/Prefix length field to the IPv6 address and prefix length for this tunnel interface.

The length range is from 1 to 128.

Step 10 (Optional) From the Description field, enter a string to describe this tunnel.

The string should be from 1 to 97 alphanumeric characters.

Step 11 From the Details tab, expand the Source section.

The tunnel source and destination appears in the Details pane.

Step 12 From the local endpoint area, select either an interface or an IP address to act as the tunnel source.

Step 13 From the Remote endpoint area, select either an host or an IP address to act as the tunnel destination.

Step 14 From the menu bar, choose File > Deploy to apply your changes to the device.


Deleting a Tunnel Interface

You can delete tunnel interfaces.

DETAILED STEPS


Step 1 From the Feature Selector pane, choose Interfaces > Logical > Tunnel.

The available devices appear in the Summary pane.

Step 2 From the Summary pane, double-click the device to display a list of existing tunnels.

Step 3 Click on the tunnel that you want to delete.

Step 4 From the menu bar, choose Actions > Delete Tunnel.

Step 5 Click Yes in the confirmation popup window to apply your changes to the device.


Monitoring Tunnel Interfaces

You can configure DCNM to collect tunnel interface statistics. Choose Interfaces > Logical > Tunnel from the Feature Selector and navigate to the interface that you want to collect statistics on.

You see the Port Traffic Statistics window. You can collect statistics on input and output (packet and byte) counters, broadcast, multicast, and unicast traffic.

See the Fundamentals Configuration Guide, Cisco DCNM for LAN, Release 5.x , for more information on collecting statistics for layer 3 interfaces.

Additional References

For additional information related to implementing IP tunnels, see the following sections:

Related Documents

Standards

Related Documents

Related Topic
Document Title

IP Tunnel commands

Cisco Nexus 7000 Series NX-OS Interfaces Command Reference

IP Fragmentation and Path MTU discovery

Resolve IP Fragmentation, MTU, MSS, and PMTUD Issues with GRE and IPSEC


Standards

Standards
Title

No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature.


Feature History for Configuring IP Tunnels

Table 7-5 lists the release history for this feature.

Table 7-5 Feature History for Configuring IP Tunnels 

Feature Name
Releases
Feature Information

IP tunnels

4.0(1)

This features was introduced.

IP tunnels in VDC other than default

4.2(1)

This features was introduced.