Skip to main content

GRE Tunnel at NSSA Area

We also know about GRE tunnel at VPN topics. That can connect private LAN over public LAN. We can use GRE tunnel another way.In this scenario we can't use virtual link because area 2 is NSSA area so we try with GRE tunnel.
       Figure 1.1
Just create tunnel at ABR Routers. Put the tunnel network to area 0.
Figure 1.2
We imagine like figure 1.2.

R2
int tun 0 
ip add 172.16.1.1 255.255.255.252
tunnel source 10.1.23.2
tunnel destination 10.1.34.4
ip ospf 1 area 0

R4
int tunnel 0
ip add 172.16.1.2 255.255.255.252
tunnel source 10.1.34.4 
tunnel destination 10.1.23.2 
ip ospf 1 area 0

One of the point to notice tunnel source and destination are must ABR's network and same area. When you configure difference area network tunnel will flapping.This scenario I use the physical interfaces.

After Tunnel is up we will see the Router 4 neighbor like that.
Neighbor ID     Pri   State           Dead Time   Address         Interface
2.2.2.2           0   FULL/  -        00:00:31    172.16.1.1      Tunnel0
3.3.3.3           1   FULL/BDR        00:00:30    10.1.34.3       FastEthernet0/0

And router 2 also.

Before 

R1
     10.0.0.0/30 is subnetted, 3 subnets
O IA    10.1.23.0 [110/2] via 10.1.12.2, 01:21:47, FastEthernet0/0
O IA    10.1.34.0 [110/3] via 10.1.12.2, 01:21:47, FastEthernet0/0

After 

R1
     172.16.0.0/30 is subnetted, 1 subnets
O       172.16.1.0 [110/11112] via 10.1.12.2, 00:00:12, FastEthernet0/0
O IA 192.168.4.0/24 [110/11113] via 10.1.12.2, 00:00:12, FastEthernet0/0
     10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
O IA    10.1.23.0/24 [110/2] via 10.1.12.2, 00:00:12, FastEthernet0/0
O IA    10.1.34.0/24 [110/3] via 10.1.12.2, 00:00:12, FastEthernet0/0

OSPF Database
                Summary Net Link States (Area 0)

Link ID         ADV Router      Age         Seq#       Checksum
10.1.23.0       2.2.2.2         446         0x80000006 0x00C04C
10.1.23.0       4.4.4.4         301         0x80000001 0x009870
10.1.34.0       2.2.2.2         306         0x80000003 0x0057AC
10.1.34.0       4.4.4.4         301         0x80000001 0x0015E9
192.168.1.0     1.1.1.1         1227        0x80000004 0x00B218
192.168.4.0     4.4.4.4         301         0x80000001 0x003D81

At router 2 you can verify the route information. 

R2
Neighbor ID     Pri   State           Dead Time   Address         Interface
4.4.4.4           0   FULL/  -        00:00:35    172.16.1.2      Tunnel0
1.1.1.1           1   FULL/BDR        00:00:33    10.1.12.1       FastEthernet0/0
3.3.3.3           1   FULL/BDR        00:00:34    10.1.23.3       FastEthernet1/0

Routing entry for 192.168.4.0/24
  Known via "ospf 1", distance 110, metric 11112, type inter area
  Last update from 172.16.1.2 on Tunnel0, 00:12:18 ago
  Routing Descriptor Blocks:
  * 172.16.1.2, from 4.4.4.4, 00:12:18 ago, via Tunnel0
      Route metric is 11112, traffic share count is 1

Testing

R1#ping 192.168.4.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.4.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/47/100 ms

R1#traceroute 192.168.4.1
Type escape sequence to abort.
Tracing the route to 192.168.4.1

  1 10.1.12.2 28 msec 40 msec 16 msec
  2 172.16.1.2 56 msec 84 msec 100 msec

Labels:

Comments

Post a Comment

Popular posts from this blog

Access-list at SVI

SVI (Switch Virtual Interfaces) We use the SVI for inter vlan routing. In this scenario I will configure the access list with SVI. In this scenario I want to permit vlan 10 network to vlan 50 Server farm. Vlan 10 and vlan 20 can communicate each other. First create vlan and then interface vlan#. Switch(config)#vlan 10 Switch(config)#interface vlan 10 Switch(config-if)#ip address 192.168.10.254 255.255.255.0 Switch(config)#vlan 20 Switch(config)#interface vlan 20 Switch(config-if)#ip address 192.168.20.254 255.255.255.0 Switch(config)#vlan 50 Switch(config)#interface vlan 50 Switch(config-if)#ip address 192.168.50.254 255.255.255.0 when we finish the vlan interface create make sure the switch port are belong to each vlan. Port to vlan assign configure is Switch(config)#interface g0/1 Switch(config-if)#switchport access vlan 10 Switch(config)#interface g0/2 Switch(config-if)#switchport access vlan 20 Switch(config)#int...
1 comment
Read more

OSPF Stub

The following restrictions apply to stub areas:     You cannot create a virtual link through a stub area.   A stub area cannot contain an AS boundary router.   You cannot configure the backbone as a stub area.   You cannot configure an area as both a stub area and an not-so-stubby area (NSSA). Ref : Juniper.net
Post a Comment
Read more

Why does OSPF need backbone area?

Why does OSPF require all traffic between non-backbone areas to pass through a backbone area (area 0)?   Because inter-area OSPF is distance vector, it is vulnerable to routing loops. It avoids loops by mandating a loop-free inter-area topology, in which traffic from one area can only reach another area through area 0. Ref : Jeff Doyle article at Network world http://www.networkworld.com/article/2348778/cisco-subnet/my-favorite-interview-question.html
Post a Comment
Read more