Table Of Contents
Licensing Requirements for IP Tunnels
Verifying IP Tunnel Configuration
IP Tunnel Configuration Example
Configuring IP Tunnels
This chapter describes how to configure IP tunnels using Generic Route Encapsulation (GRE) on the device.
This chapter includes the following sections:
•
Licensing Requirements for IP Tunnels
•
•
Information About IP Tunnels
IP tunnels can encapsulate a same-layer or higher layer protocol and transport the result over IP through a tunnel created between two devices.
This section includes the following topics:
Overview of IP Tunnels
IP tunnels consists of the following three main components:
•
•
•
An IP tunnel takes a passenger protocol, such as IPv4, and encapsulates that protocol within a carrier protocol, such as GRE. The device then transmits this carrier protocol over a transport protocol, such as IPv4.
You configure a tunnel interface with matching characteristics on each end of the tunnel. For more information, see the "Configuring IP Tunnels" section.
GRE Tunnels
You can use GRE as the carrier protocol for a variety of passenger protocols.
Figure 6-1 shows the IP tunnel components for a GRE tunnel. The original passenger protocol packet becomes the GRE payload and the device adds a GRE header to the packet. The device then adds the transport protocol header to the packet and transmits it.
Figure 6-1 GRE PDU
Path MTU Discovery
Path maximum transmission unit (MTU) discovery (PMTUD) prevents fragmentation in the path between two endpoints by dynamically determining the lowest MTU along the path from the packet's source to its destination. PMTUD reduces the send MTU value for the connection if the interface receives information that the packet would require fragmentation.
When you enable PMTUD, the interface sets the Don't Fragment (DF) bit on all packets that traverse the tunnel. If a packet that enters the tunnel encounters a link with a smaller MTU than the MTU value for the packet, the remote link drops the packet and sends an ICMP message back to the sender of the packet. This message indicates that fragmentation was required (but not permitted) and provides the MTU of the link that dropped the packet.
Note
Virtualization Support
You can configure IP tunnels only in the default virtual device context (VDC) and the default Virtual Routing and Forwarding (VRF) instance.
By default, Cisco NX-OS places you in the default VDC and default VRF.
See the Cisco Nexus 7000 Series NX-OS Virtual Device Context Configuration Guide, Release 4.0 for information about VDCs and see the Cisco Nexus 7000 Series NX-OS Unicast Routing Configuration Guide, Release 4.0 for information about VRFs.
High Availability
IP tunnels support stateful restarts. A stateful restart occurs on a supervisor switchover. After the switchover, Cisco NX-OS applies the runtime configuration after the switchover.
Licensing Requirements for IP Tunnels
The following table shows the licensing requirements for this feature:
Prerequisites for IP Tunnels
IP tunnels have the following prerequisites:
•
•
•
•
Guidelines and Limitations
IP tunnels have the following guidelines and limitations:
•
Configuring IP Tunnels
This section includes the following topics:
Note
Enabling Tunneling
You must enable the tunneling feature before you can configure any IP tunnels.
DETAILED STEPS
feature tunnel
Example:
switch(config)# feature tunnel
Enables the tunneling feature.
Creating a Tunnel Interface
You can create a tunnel interface and then configure this logical interface for your IP tunnel.
BEFORE YOU BEGIN
Ensure that you have enabled the tunneling feature.
SUMMARY STEPS
1.
2.
3.
4.
5.
6.
DETAILED STEPS
Use the no interface tunnel command to remove the tunnel interface and all associated configuration.
no interface tunnel number
Example:
switch(config)# no interface tunnel 1
Deletes the tunnel interface and the associated configuration.
You can configure the following optional parameters to tune the tunnel in interface configuration mode:
The following example shows how to create a tunnel interface:
switch# config t
switch(config)# interface tunnel 1
switch(config-if)# tunnel source ethernet 1/2
switch(config-if)# tunnel destination 192.0.2.1
switch(config-if)# copy running-config startup-config
Configuring a GRE Tunnel
You can set a tunnel interface to GRE tunnel mode.
BEFORE YOU BEGIN
Ensure that you have enabled the tunneling feature.
SUMMARY STEPS
1.
2.
3.
4.
5.
DETAILED STEPS
The following example shows how to configure the tunnel interface to GRE and set the GRE tunnel keepalives:
switch# config t
switch(config)# interface tunnel 1
switch(config-if)# tunnel mode gre ip
switch(config-if)# copy running-config startup-config
Enabling Path MTU Discovery
To enable path MTU discovery on a tunnel, use the following command in interface configuration mode:
Verifying IP Tunnel Configuration
To verify IP tunnel configuration information, use the following commands:
IP Tunnel Configuration Example
The following example shows a simple GRE tunnel. Ethernet 1/2 is the tunnel source for router A and the tunnel destination for router B. Ethernet interface 2/1 is the tunnel source for router B and the tunnel destination for router A.
router A:
feature tunnelinterface tunnel 0ip address 209.165.20.2/8tunnel source ethernet 1/2tunnel destination 192.0.2.2tunnel mode gre iptunnel path-mtu-discovery 25 1500interface ethernet1/2ip address 192.0.2.55/8router B:
feature tunnelinterface tunnel 0ip address 209.165.20.1/8tunnel source ethernet2/1tunnel destination 192.0.2.55tunnel mode gre ipinterface ethernet 2/1ip address 192.0.2.2/8Default Settings
Table 6-1 lists the default settings for IP tunnel parameters.
Table 6-1 Default IP Tunnel Parameters
Path MTU discovery age timer
10 seconds
Path MTU discovery minimum MTU
64
Tunnel feature
disabled
Additional References
For additional information related to implementing IP tunnels, see the following sections:
Related Documents
Standards
No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature.
—
