The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This chapter contains the following sections:
IP tunnels can encapsulate a same-layer or higher-layer protocol and transport the result over IP through a tunnel created between two devices.
IP tunnels consists of the following three main components:
An IP tunnel takes a passenger protocol, such as IPv4, and encapsulates that protocol within a carrier protocol, such as GRE. The device then transmits this carrier protocol over a transport protocol, such as IPv4.
You configure a tunnel interface with matching characteristics on each end of the tunnel.
You must enable the tunnel feature before you can configure it.
You can use GRE as the carrier protocol for a variety of passenger protocols.
The figure shows the IP tunnel components for a GRE tunnel. The original passenger protocol packet becomes the GRE payload and the device adds a GRE header to the packet. The device then adds the transport protocol header to the packet and transmits it.
Product |
License Requirement |
---|---|
Cisco NX-OS |
IP tunnels require an Enterprise Services license. For a complete explanation of the Cisco NX-OS licensing scheme and how to obtain and apply licenses, see the Cisco NX-OS Licensing Guide. |
IP tunnels have the following prerequisites:
IP tunnels have the following configuration guidelines and limitations:
The following table lists the default settings for IP tunnel parameters.
Parameters |
Default |
---|---|
Tunnel feature |
Disabled |
Configuring IP Tunnels
You must enable the tunneling feature before you can configure any IP tunnels.
This example shows how to enable the tunnel feature:
switch# configure terminal switch(config)# feature tunnel switch(config)# exit switch(config)# copy running-config startup-config
You can create a tunnel interface and then configure this logical interface for your IP tunnel.
Both the tunnel source and the tunnel destination must exist within the same virtual routing and forwarding ( VRF) instance.
Ensure that you have enabled the tunneling feature.
This example shows how to create a tunnel interface:
switch# configure terminal switch(config)# interface tunnel 1 switch(config)# tunnel source ethernet 1/2 switch(config)# tunnel destination 192.0.2.1 switch(config)# copy running-config startup-config
You can set a tunnel interface to GRE tunnel mode.
Ensure that you have enabled the tunneling feature.
This example shows how to create the tunnel interface to GRE and set the GRE tunnel keepalives:
switch# configure terminal switch(config)# interface tunnel 1 switch(config)# tunnel mode gre ip switch(config)# copy running-config startup-config
You can add a tunnel interface to a VRF.
Ensure that you have enabled the tunneling feature.
Assign the IP address for a tunnel interface after you have configured the interface for a VRF.
This example shows how to add a tunnel interface to the VRF:
switch# configure terminal switch(config)# interface tunnel 0 switch(config-if)# vrf member RemoteOfficeVRF switch(config-if)# ip address 209.0.2.1/16 switch(config-if)# copy running-config startup-config
To verify IP tunnel configuration information, perform one of the following tasks:
Command | Purpose |
---|---|
show interface tunnel number |
Displays the configuration for the tunnel interface (MTU, protocol, transport, and VRF). Displays input and output packets, bytes, and packet rates. |
show interface tunnel number brief |
Displays the operational status, IP address, encapsulation type, and MTU of the tunnel interface. |
show interface tunnel number description |
Displays the configured description of the tunnel interface. |
show interface tunnel number status |
Displays the operational status of the tunnel interface. |
show interface tunnel number status err-disabled |
Displays the error disabled status of the tunnel interface. |
This example shows a simple GRE tunnel. Ethernet 1/2 is the tunnel source for router A and the tunnel destination for router B. Ethernet interface 1/3 is the tunnel source for router B and the tunnel destination for router A.
router A: feature tunnel interface tunnel 0 ip address 209.165.20.2/8 tunnel source ethernet 1/2 tunnel destination 192.0.2.2 tunnel mode gre ip interface ethernet1/2 ip address 192.0.2.55/8 router B: feature tunnel interface tunnel 0 ip address 209.165.20.1/8 tunnel source ethernet 1/3 tunnel destination 192.0.2.55 tunnel mode gre ip interface ethernet 1/3 ip address 192.0.2.2/8
Related Topics | Document Title |
---|---|
IP Tunnel commands |
Cisco Nexus 3000 Series Interfaces Command Reference |
No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature.
Feature Name |
Release |
Feature Information |
---|---|---|
5.0(3)U4(1) |