[an error occurred while processing this directive]

Networking Software (IOS & NX-OS)

MPLS Traffic Engineering over GRE Tunnel Support

Hierarchical Navigation

Downloads

 Feedback

Table Of Contents

Configuring MPLS Traffic Engineering over Generic Routing Encapsulation Tunnel Support

Finding Feature Information

Contents

Prerequisites for Configuring MPLS TE over GRE Tunnel Support

Restrictions for Configuring MPLS TE over GRE Tunnel Support

Information About Configuring MPLS TE over GRE Tunnel Support

MPLS TE over GRE Tunnel Support Overview

Benefits of MPLS TE over GRE Tunnel Support

How to Configure MPLS TE over GRE Tunnel Support

Configuring Resource Reservation Protocol Bandwidth

Configuring an MPLS TE Tunnel

Configuring an MPLS TE Tunnel over GRE

Configuration Examples for MPLS TE over GRE Tunnel Support

Example: Configuring MPLS TE over GRE Tunnel Support

Additional References

Related Documents

Standards

MIBs

RFCs

Technical Assistance

Feature Information for MPLS TE over GRE Tunnel Support


Configuring MPLS Traffic Engineering over Generic Routing Encapsulation Tunnel Support

First Published: July 22, 2011
Last Updated: July 22, 2011

The MPLS Traffic Engineering over Generic Routing Encapsulation Tunnel Support feature enables applications to establish Traffic Engineering (TE) tunnels over virtual interfaces.

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest feature information and caveats, see the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the "Feature Information for MPLS TE over GRE Tunnel Support" section.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.

Contents

Prerequisites for Configuring MPLS TE over GRE Tunnel Support

Restrictions for Configuring MPLS TE over GRE Tunnel Support

Information About Configuring MPLS TE over GRE Tunnel Support

How to Configure MPLS TE over GRE Tunnel Support

Configuration Examples for MPLS TE over GRE Tunnel Support

Additional References

Feature Information for MPLS TE over GRE Tunnel Support

Prerequisites for Configuring MPLS TE over GRE Tunnel Support

Your network must support the following:

Cisco Express Forwarding

External data encryptors

Intermediate System-to-Intermediate System (IS-IS) or Open Shortest Path First (OSPF)

IPsec that is enabled on the Generic Routing Encapsulation (GRE) nodes to implement GRE traffic encryption

Multiprotocol Labeling Switching (MPLS) TE that is configured on the interface and on GRE tunnels

MPLS TE tunnels

Routing loops will result if GRE tunnels and TE tunnels coexist within the same routing domain. Create separate routing domains by either configuring GRE overlay with static routing for GRE packets or using two separate routing processes: one for the GRE overlay and another for TE tunnels.

Restrictions for Configuring MPLS TE over GRE Tunnel Support

The following TE features are not supported over GRE tunnels, so they should not be configured for TE tunnels that may traverse GRE tunnels:

Autoroute destinations

Automatic bandwidth adjustment

Autotunnel primary one-hop tunnels

Bidirectional Forwarding Detection (BFD)-triggered Fast Reroute (FRR)

Class-Based Tunnel Selection (CBTS)

Diff-Serve Aware TE (DS-TE)

Explicit path options that identify excluded nodes

Interarea/autonomous systems MPLS TE

Point-to-multipoint TE

Shared Risk Link Groups (SRLGs)

Tunnel-Based Admission Control (TBAC)

GRE tunnels do not support Cisco nonstop forwarding (NSF) with stateful switchover (SSO). If a switchover occurs, traffic loss occurs for TE over GRE, and the TE tunnels are resignaled.

The MPLS TE over GRE Tunnel Support feature is supported on the shared port adapters (SPAs) Interface Processor (SIP)-400 with Gig V2 SPA and on Cisco 7600 Series Ethernet Services + line card on the Cisco 7600 series routers. This feature is not supported on other cards.

Information About Configuring MPLS TE over GRE Tunnel Support

MPLS TE over GRE Tunnel Support Overview

Benefits of MPLS TE over GRE Tunnel Support

MPLS TE over GRE Tunnel Support Overview

The MPLS TE tunnels provide transport for label switching data through an MPLS network using a path, which is constraint-based, and is not restricted to the Interior Gateway Protocol (IGP) shortest cost path. TE tunnels are usually established over physical links between adjacent routers. However, some applications require establishing TE tunnels over virtual interfaces such as GRE tunnels. Federal Information Processing Standard (FIPS) 140-2 compliance mandates that federal customers require traffic encryption throughout their network infrastructure, which is referred to as Type-I encryption level of security. Type-I encryption environments differentiate between encrypted and unencrypted networks. The encrypted network is the secure part of the network that is in a secure facility, where encryption is not required. The unencrypted network is the unsecured part of the network where traffic encryption is required.

Two common methods of traffic encryption are as follows:

External crypto devices

Cisco IOS IPsec, which is the encryption embedded into Cisco IOS software

External crypto devices operate in Layer 2 (L2), providing link layer encryption of ATM and SONET traffic. Due to the migration of L2 networks to the IP network, there is an increasing adoption of IP crypto devices and IPsec. This transition requires that the traffic encryption happens at the IP layer. The IP-based forwarding of service traffic, such as IP or Layer 3 (L3)/L2 VPN MPLS traffic, is implemented only through GRE tunnels.

Benefits of MPLS TE over GRE Tunnel Support

Enables you to leverage MPLS segmentation capabilities, such as Layer 2 and Layer 3 VPN, on GRE tunnel transport.

Enables you to deploy MPLS TE to implement explicit path forwarding, FRR, and bandwidth management of traffic over GRE tunnels.

Helps maintain the TE capabilities currently supported by ATM legacy networks.

How to Configure MPLS TE over GRE Tunnel Support

Configuring Resource Reservation Protocol Bandwidth (required)

Configuring an MPLS TE Tunnel (required)

Configuring an MPLS TE Tunnel over GRE (required)

Configuring Resource Reservation Protocol Bandwidth

SUMMARY STEPS

1. enable

2. configure terminal

3. interface tunnel number

4. bandwidth kbps

5. ip address ip-address mask

6. mpls traffic-eng tunnels

7. tunnel source type number

8. tunnel destination {host-name | ip-address | ipv6-address}

9. ip rsvp bandwidth

10. end

DETAILED STEPS
 
Command or Action
Purpose

Step 1 

enable

Example:

Router> enable

Enables privileged EXEC mode.

Enter your password if prompted.

Step 2 

configure terminal

Example:

Router# configure terminal

Enters global configuration mode.

Step 3 

interface tunnel number

Example:

Router(config)# interface tunnel 0

Configures a tunnel interface and enters interface configuration mode for the specified tunnel interface.

Step 4 

bandwidth kbps

Example:

Router(config-if)# bandwidth 100000

Sets the total bandwidth for a bandwidth pool.

Step 5 

ip address ip-address mask

Example:

Router(config-if)# ip address 172.16.0.0 255.255.255.254

Configures a primary IP address for an interface.

Step 6 

mpls traffic-eng tunnels

Example:

Router(config-if)# mpls traffic-eng tunnels

Enables traffic engineering tunnel signaling on the interface.

Step 7 

tunnel source type number

Example:

Router(config-if)# tunnel source loopback 1

Configures the source address for the tunnel interface.

Step 8 

tunnel destination {host-name | ip-address | ipv6-address}

Example:

Router(config-if)# tunnel destination 192.168.1.1

Specifies the destination for a tunnel.

The ip-address argument is the IP address of the host destination expressed in dotted decimal notation.

Step 9 

ip rsvp bandwidth

Example:

Router(config-if)# ip rsvp bandwidth

Enables RSVP for IP on an interface.

Step 10 

end

Example:

Router(config-if)# end

(Optional) Exits interface configuration mode and returns to privileged EXEC mode.

Configuring an MPLS TE Tunnel

SUMMARY STEPS

1. enable

2. configure terminal

3. interface tunnel number

4. ip unnumbered type number

5. tunnel destination {host-name | ip-address | ipv6-address}

6. mpls traffic-eng tunnels

7. tunnel mpls traffic-eng priority setup-priority [hold-priority]

8. tunnel mpls traffic-eng bandwidth kbps

9. tunnel mpls traffic-eng path-option number dynamic

10. tunnel mpls traffic-eng fast-reroute

11. end

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

enable

Example:

Router> enable

Enables privileged EXEC mode.

Enter your password if prompted.

Step 2 

configure terminal

Example:

Router# configure terminal

Enters global configuration mode.

Step 3 

interface tunnel number

Example:

Router(config)# interface tunnel 10

Configures a tunnel interface and enters interface configuration mode for the specified tunnel interface.

Step 4 

ip unnumbered type number

Example:

Router(config-if)# ip unnumbered loopback 0

Assigns an IP address to the tunnel interface.

An MPLS TE tunnel interface should be unnumbered because it represents a unidirectional link.

Step 5 

tunnel destination {host-name | ip-address | ipv6-address}

Example:

Router(config-if)# tunnel destination 192.168.2.2

Specifies the destination for a tunnel.

The ip-address argument is the IP address of the host destination expressed in dotted decimal notation.

Step 6 

mpls traffic-eng tunnels

Example:

Router(config-if)# mpls traffic-eng tunnels

Enables traffic engineering tunnel signaling on the interface.

Step 7 

tunnel mpls traffic-eng priority setup-priority [hold-priority]

Example:

Router(config-if)# tunnel mpls traffic-eng priority 7 7

Configures the setup and reservation priority for the tunnel.

Step 8 

tunnel mpls traffic-eng bandwidth kbps

Example:

Router(config-if)# tunnel mpls traffic-eng bandwidth 10

Configures the bandwidth required for the tunnel.

Step 9 

tunnel mpls traffic-eng path-option number dynamic

Example:

Router(config-if)# tunnel mpls traffic-eng path-option 10 dynamic

Configures the path option for the tunnel.

Step 10 

tunnel mpls traffic-eng fast-reroute

Example:

Router(config-if)# tunnel mpls traffic-eng fast-reroute

Enables an MPLS TE tunnel to use an established backup tunnel in the event of a link or node failure.

Step 11 

end

Example:

Router(config-if)# end

(Optional) Exits interface configuration mode and returns to privileged EXEC mode.

Configuring an MPLS TE Tunnel over GRE

SUMMARY STEPS

1. enable

2. configure terminal

3. interface tunnel number

4. ip unnumbered loopback number

5. tunnel destination ip-address

6. tunnel mpls traffic-eng autoroute announce

7. tunnel mode mpls traffic-eng

8. tunnel mpls traffic-eng path-option number dynamic

9. end

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

enable

Example:

Router> enable

Enables privileged EXEC mode.

Enter your password if prompted.

Step 2 

configure terminal

Example:

Router# configure terminal

Enters global configuration mode.

Step 3 

interface tunnel number

Example:

Router(config)# interface tunnel 100

Configures a tunnel interface and enters interface configuration mode for the specified tunnel interface.

Step 4 

ip unnumbered loopback number

Example:

Router(config-if)# ip unnumbered loopback 0

Assigns an IP address to the tunnel interface.

An MPLS TE tunnel interface should be unnumbered because it represents a unidirectional link.

Step 5 

tunnel destination ip-address

Example:

Router(config-if)# tunnel destination 10.255.1.2

Specifies the destination for a tunnel.

The ip-address argument is the IP address of the host destination expressed in dotted decimal notation.

Step 6 

tunnel mpls traffic-eng autoroute announce

Example:

Router(config-if)# tunnel mpls traffic-eng autoroute announce

Specifies that the IGP should use the tunnel in its enhanced shortest path first (SPF) calculation.

Step 7 

tunnel mode mpls traffic-eng

Example:

Router(config-if)# tunnel mode mpls traffic-eng

Sets the encapsulation mode of the tunnel to MPLS TE.

Step 8 

tunnel mpls traffic-eng path-option number dynamic

Example:

Router(config-if)# tunnel mpls traffic-eng path-option 10 dynamic

Configures a path option for the MPLS TE tunnel.

If you specify the dynamic keyword, the Cisco IOS software checks both the physical bandwidth of the interface and the available TE bandwidth to make sure that the requested amount of bandwidth does not exceed the physical bandwidth of any link.

Step 9 

end

Example:

Router(config-if)# end

(Optional) Exits interface configuration mode and returns to privileged EXEC mode.

Configuration Examples for MPLS TE over GRE Tunnel Support

Example: Configuring MPLS TE over GRE Tunnel Support

Example: Configuring MPLS TE over GRE Tunnel Support

The following example shows how to configure MPLS TE over a GRE tunnel between two routers: Router 1 and Router 2. The first loopback interface is used for router identification, and the other for reachability. One OSPF is used for TE and the other for reachability.

Router 1 

configure terminal

no logging console

mpls traffic-eng tunnels

interface Loopback 0

 ip address 172.16.1.1 255.255.255.255

 no shutdown

!

interface Loopback 1

 ip address 10.255.1.1 255.255.255.0

 no shutdown

!

interface gigabitethernet 1/1

 ip address 172.16.1.1 255.255.255.255

 ip rsvp bandwidth 100000

 no shutdown

!

router ospf 172

 router-id 172.16.1.1

 network 172.16.0.0 0.0.255.255 area 0

 mpls traffic-eng router-id Loopback 0

 mpls traffic-eng area 0

 no shutdown

!

router ospf 10

 router-id 10.255.1.1

 network 10.255.0.0 0.0.255.255 area 0

 no shutdown

!

interface Tunnel l0

bandwidth 20000

 ip address 172.16.0.1 255.255.255.252

 mpls traffic-eng tunnels

 keepalive 10 3

 tunnel source Loopback 1

 tunnel destination 10.255.1.2

 ip rsvp bandwidth 15000 sub-pool 5000

!

!

interface tunnel 100 

ip unnumbered loopback 0

tunnel destination 192.168.10.10

tunnel mpls traffic-eng autoroute announce

tunnel mode mpls traffic-eng

tunnel mpls traffic-eng path-option 10 dynamic

!

end


Router 2

configure terminal

no logging console

mpls traffic-eng tunnels

interface Loopback 0

 ip address 172.16.1.2 255.255.255.255

 no shutdown

!

interface Loopback 1

 ip address 10.255.1.2 255.255.255.255

 no shutdown

!

interface gigabitethernet 1/1

 ip address 10.255.0.2 255.255.255.252

 ip rsvp bandwidth 100000

 no shutdown

!

router ospf 172

 router-id 172.16.1.2

 network 172.16.0.0 0.0.255.255 area 0

 mpls traffic-eng router-id Loopback 0

 mpls traffic-eng area 0

 no shutdown

!

router ospf 10

 router-id 10.255.1.2

 network 10.255.0.0 0.0.255.255 area 0

 no shutdown

!

!

interface Tunnel 0 

bandwidth 20000

 ip address 172.16.0.2 255.255.255.252

 mpls traffic-eng tunnels

 keepalive 10 3

 tunnel source Loopback 1

 tunnel destination 10.255.1.1

 ip rsvp bandwidth 15000 sub-pool 5000

!

!

interface tunnel 100 

ip unnumbered loopback 0

tunnel destination 172.16.1.1

tunnel mpls traffic-eng autoroute announce

tunnel mode mpls traffic-eng

tunnel mpls traffic-eng path-option 10 dynamic

!

end

Additional References

Related Documents

Related Topic
Document Title

Cisco IOS commands

Cisco IOS Master Commands List, All Releases

MPLS commands: complete command syntax, command mode, command history, defaults, usage guidelines, and examples

Cisco IOS Multiprotocol Label Switching Command Reference


Standards

Standard
Title

FIPS 140-2

Security Requirements for Cryptographic Modules.


MIBs

MIB
MIBs Link

MPLS-TE-STD-MIB

To locate and download MIBs for selected platforms, Cisco  IOS releases, and feature sets, use Cisco MIB Locator found at the following URL:

http://www.cisco.com/go/mibs


RFCs

RFC
Title

RFC 3812

MPLS TE Management Information Base (MIB)


Technical Assistance

Description
Link

The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password.

http://www.cisco.com/cisco/web/support/index.html


Feature Information for MPLS TE over GRE Tunnel Support

Table 1 lists the release history for MPLS TE over GRE Tunnel Support.

Use Cisco Feature Navigator to find information about platform support and software image support. Cisco Feature Navigator enables you to determine which software images support a specific software release, feature set, or platform. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.

Note Table 1 lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

Table 1 Feature Information for MPLS TE over GRE Tunnel Support

Feature Name
Releases
Feature Information

MPLS TE over GRE Tunnel Support

15.2(1)T

The MPLS TE over GRE Tunnel Support feature enables applications to establish traffic engineering tunnels over virtual interfaces.

The following sections provide information about this feature:

MPLS TE over GRE Tunnel Support Overview

Benefits of MPLS TE over GRE Tunnel Support

How to Configure MPLS TE over GRE Tunnel Support

The following commands were introduced or modified: mpls traffic-eng tunnels, tunnel mpls traffic-eng autoroute announce. tunnel mpls traffic-eng bandwidth, tunnel mpls traffic-eng fast-reroute, tunnel mpls traffic-eng path-option, tunnel mpls traffic-eng priority.


Cisco and the Cisco Logo are trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/go/trademarks. Third party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1005R)

Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.

© 2011 Cisco Systems, Inc. All rights reserved.

[an error occurred while processing this directive]