Lab

Addressing Table

 

Device Interface IP Address Subnet Mask Default Gateway
WEST G0/1 172.16.1.1 255.255.255.0 N/A
S0/0/0 (DCE) 10.1.1.1 255.255.255.252 N/A
Tunnel0 172.16.12.1 255.255.255.252 N/A
ISP S0/0/0 10.1.1.2 255.255.255.252 N/A
S0/0/1 (DCE) 10.2.2.2 255.255.255.252 N/A
EAST G0/1 172.16.2.1 255.255.255.0 N/A
S0/0/1 10.2.2.1 255.255.255.252 N/A
Tunnel0 172.16.12.2 255.255.255.252 N/A
PC-A NIC 172.16.1.3 255.255.255.0 172.16.1.1
PC-C NIC 172.16.2.3 255.255.255.0 172.16.2.1
Configure default routes to the ISP router.

 

WEST(config)# ip route 0.0.0.0 0.0.0.0 10.1.1.2

 

EAST(config)# ip route 0.0.0.0 0.0.0.0 10.2.2.2

  • Configure the PCs.

Assign IP addresses and default gateways to the PCs according to the Addressing Table.

  • Verify connectivity.

At this point, the PCs are unable to ping each other. Each PC should be able to ping its default gateway. The routers are able to ping the serial interfaces of the other routers in the topology. If not, troubleshoot until you can verify connectivity.

  • Save your running configuration.
  • Configure a GRE Tunnel
Part 2, configure a GRE tunnel between the WEST and EAST routers.
Configure the GRE tunnel interface.
  • Configure the tunnel interface on the WEST router. Use S0/0/0 on WEST as the tunnel source interface and 10.2.2.1 as the tunnel destination on the EAST router.

WEST(config)# interface tunnel 0

WEST(config-if)# ip address 172.16.12.1 255.255.255.252

WEST(config-if)# tunnel source s0/0/0

WEST(config-if)# tunnel destination 10.2.2.1

  1. Configure the tunnel interface on the EAST router. Use S0/0/1 on EAST as the tunnel source interface and 10.1.1.1 as the tunnel destination on the WEST router.

EAST(config)# interface tunnel 0

EAST(config-if)# ip address 172.16.12.2 255.255.255.252

EAST(config-if)# tunnel source 10.2.2.1

EAST(config-if)# tunnel destination 10.1.1.1

Note: For the tunnel source command, either the interface name or the IP address can be used as the source.

Verify that the GRE tunnel is functional.

  • Verify the status of the tunnel interface on the WEST and EAST routers.

WEST# show ip interface brief

Interface                  IP-Address      OK? Method Status                Protocol

Embedded-Service-Engine0/0 unassigned      YES unset  administratively down down

GigabitEthernet0/0         unassigned      YES unset  administratively down down

GigabitEthernet0/1         172.16.1.1      YES manual up                    up

Serial0/0/0                10.1.1.1        YES manual up                    up

Serial0/0/1                unassigned      YES unset  administratively down down

Tunnel0                    172.16.12.1     YES manual up                    up

 

EAST# show ip interface brief

Interface                  IP-Address      OK? Method Status                Protocol

Embedded-Service-Engine0/0 unassigned      YES unset  administratively down down

GigabitEthernet0/0         unassigned      YES unset  administratively down down

GigabitEthernet0/1         172.16.2.1      YES manual up                    up

Serial0/0/0                unassigned      YES unset  administratively down down

Serial0/0/1                10.2.2.1        YES manual up                    up

Tunnel0                    172.16.12.2     YES manual up                    up

  • Issue the show interfaces tunnel 0 command to verify the tunneling protocol, tunnel source, and tunnel destination used in this tunnel.

What is the tunneling protocol used? What are the tunnel source and destination IP addresses associated with GRE tunnel on each router?

 

  • Ping across the tunnel from the WEST router to the EAST router using the IP address of the tunnel interface.

WEST# ping 172.16.12.2

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.16.12.2, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 32/34/36 ms

  1. Use the traceroute command on the WEST to determine the path to the tunnel interface on the EAST router. What is the path to the EAST router? ____________________________________________________________________________________
  2. Ping and trace the route across the tunnel from the EAST router to the WEST router using the IP address of the tunnel interface.

What is the path to the WEST router from the EAST router? ____________________________________

With which interfaces are these IP addresses associated? Why? _____________________

  • Enable Routing over the GRE Tunnel

In Part 3, you will configure OSPF routing so that the LANs on the WEST and EAST routers can communicate using the GRE tunnel.

After the GRE tunnel is set up, the routing protocol can be implemented. For GRE tunneling, a network statement will include the IP network of the tunnel, instead of the network associated with the serial interface. just like you would with other interfaces, such as Serial and Ethernet.

Remember that the ISP router is not participating in this routing process. Or else, the recursive routing will occur!!!

Configure OSPF routing for area 0 over the tunnel.

Configure OSPF process ID 1 using area 0 on the WEST router for the 172.16.1.0/24 and 172.16.12.0/24 networks.

WEST(config)# router ospf 1

WEST(config-router)# network 172.16.1.0 0.0.0.255 area 0

WEST(config-router)# network 172.16.12.0 0.0.0.3 area 0

Configure OSPF process ID 1 using area 0 on the EAST router for the 172.16.2.0/24 and 172.16.12.0/24 networks.

EAST(config)# router ospf 1

EAST(config-router)# network 172.16.2.0 0.0.0.255 area 0

EAST(config-router)# network 172.16.12.0 0.0.0.3 area 0

Now from PC-C issue the tracert 172.16.1.3 command,

is should show similar message like:

tracert 172.16.1.3

1 172.16.2.1                  9.0005 ms                     9.0002 ms                      9.016 ms

2 172.16.12.1                9.003 ms                       9.0004 ms                      9.039 ms

3 *                   *                   *

4 172.16.1.3         17.009 ms

Possible issue:
Recursive routing:

Core Issue

If the tunnel interface learns that the best path to the tunnel destination is through the tunnel itself, the interface shuts down temporarily.

A recursive routing error occur when router does route look up for Prefix A points at prefix B and a lookup for prefix B points at prefix A.This problem can be easily identify by IOS message “%TUN-5-RECURDOWN: Tunnel0 temporarily disabled”.Another symptom of this problem is continuously flapping of EIGRP,OSPF,or BGP neighbors, when the neighbors are over a GRE tunnel.

Resolution

To avoid recursive routing problems, keep passenger and transport network routing information disjointed with one of these methods:

->Use a different Autonomous System (AS) number or tag.
->Use a different routing protocol.
->Use static routes to override the first hop, but watch for routing loops.

Related info: https://supportforums.cisco.com/document/96211/gre-recursive-loops