GRE Tunnel at NSSA Area

We also know about GRE tunnel at VPN topics. That can connect private LAN over public LAN. We can use GRE tunnel another way.In this scenario we can't use virtual link because area 2 is NSSA area so we try with GRE tunnel.

       Figure 1.1

Just create tunnel at ABR Routers. Put the tunnel network to area 0.

Figure 1.2

We imagine like figure 1.2.

R2

int tun 0 

ip add 172.16.1.1 255.255.255.252

tunnel source 10.1.23.2

tunnel destination 10.1.34.4

ip ospf 1 area 0

R4

int tunnel 0

ip add 172.16.1.2 255.255.255.252

tunnel source 10.1.34.4 

tunnel destination 10.1.23.2 

ip ospf 1 area 0

One of the point to notice tunnel source and destination are must ABR's network and same area. When you configure difference area network tunnel will flapping.This scenario I use the physical interfaces.

After Tunnel is up we will see the Router 4 neighbor like that.

Neighbor ID     Pri   State           Dead Time   Address         Interface
2.2.2.2           0   FULL/  -        00:00:31    172.16.1.1      Tunnel0
3.3.3.3           1   FULL/BDR        00:00:30    10.1.34.3       FastEthernet0/0

And router 2 also.

Before 

R1

     10.0.0.0/30 is subnetted, 3 subnets
O IA    10.1.23.0 [110/2] via 10.1.12.2, 01:21:47, FastEthernet0/0
O IA    10.1.34.0 [110/3] via 10.1.12.2, 01:21:47, FastEthernet0/0

After 

R1

     172.16.0.0/30 is subnetted, 1 subnets

O       172.16.1.0 [110/11112] via 10.1.12.2, 00:00:12, FastEthernet0/0

O IA 192.168.4.0/24 [110/11113] via 10.1.12.2, 00:00:12, FastEthernet0/0

     10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks

O IA    10.1.23.0/24 [110/2] via 10.1.12.2, 00:00:12, FastEthernet0/0

O IA    10.1.34.0/24 [110/3] via 10.1.12.2, 00:00:12, FastEthernet0/0

OSPF Database

                Summary Net Link States (Area 0)

Link ID         ADV Router      Age         Seq#       Checksum

10.1.23.0       2.2.2.2         446         0x80000006 0x00C04C

10.1.23.0       4.4.4.4         301         0x80000001 0x009870

10.1.34.0       2.2.2.2         306         0x80000003 0x0057AC

10.1.34.0       4.4.4.4         301         0x80000001 0x0015E9

192.168.1.0     1.1.1.1         1227        0x80000004 0x00B218

192.168.4.0     4.4.4.4         301         0x80000001 0x003D81

At router 2 you can verify the route information. 

R2

Neighbor ID     Pri   State           Dead Time   Address         Interface

4.4.4.4           0   FULL/  -        00:00:35    172.16.1.2      Tunnel0

1.1.1.1           1   FULL/BDR        00:00:33    10.1.12.1       FastEthernet0/0

3.3.3.3           1   FULL/BDR        00:00:34    10.1.23.3       FastEthernet1/0

Routing entry for 192.168.4.0/24
  Known via "ospf 1", distance 110, metric 11112, type inter area
  Last update from 172.16.1.2 on Tunnel0, 00:12:18 ago
  Routing Descriptor Blocks:
  * 172.16.1.2, from 4.4.4.4, 00:12:18 ago, via Tunnel0
      Route metric is 11112, traffic share count is 1

Testing

R1#ping 192.168.4.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.4.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 20/47/100 ms

R1#traceroute 192.168.4.1

Type escape sequence to abort.

Tracing the route to 192.168.4.1

  1 10.1.12.2 28 msec 40 msec 16 msec

  2 172.16.1.2 56 msec 84 msec 100 msec