Table Of Contents
Generic Routing Encapsulation Tunnel IP Source and Destination VRF Membership
Restrictions for GRE Tunnel IP Source and Destination VRF Membership
Information About GRE Tunnel IP Source and Destination VRF Membership
How to Configure GRE Tunnel IP Source and Destination VRF Membership
Configuration Example for GRE Tunnel IP Source and Destination VRF Membership
Feature Information for GRE Tunnel IP Source and Destination VRF Membership
Obtaining Documentation, Obtaining Support, and Security Guidelines
Generic Routing Encapsulation Tunnel IP Source and Destination VRF Membership
Last Updated: April, 2007The Generic Routing Encapsulation Tunnel IP Source and Destination VRF Membership feature allows you to configure the source and destination of a tunnel to belong to any virtual private network (VPN) routing and forwarding (VRF) table.
Finding Feature Information in This Module
Your Cisco IOS software release may not support all of the features documented in this module. To reach links to specific feature documentation in this module and to see a list of the releases in which each feature is supported, use the "Feature Information for GRE Tunnel IP Source and Destination VRF Membership" section.
Finding Support Information for Platforms and Cisco IOS Software Images
Use Cisco Feature Navigator to find information about platform support and Cisco IOS software image support. Access Cisco Feature Navigator at http://www.cisco.com/go/fn. You must have an account on Cisco.com. If you do not have an account or have forgotten your username or password, click Cancel at the login dialog box and follow the instructions that appear.
Contents
•Restrictions for GRE Tunnel IP Source and Destination VRF Membership
•Restrictions for GRE Tunnel IP Source and Destination VRF Membership
•Information About GRE Tunnel IP Source and Destination VRF Membership
•How to Configure GRE Tunnel IP Source and Destination VRF Membership
•Configuration Example for GRE Tunnel IP Source and Destination VRF Membership
•Feature Information for GRE Tunnel IP Source and Destination VRF Membership
•Obtaining Documentation, Obtaining Support, and Security Guidelines
Restrictions for GRE Tunnel IP Source and Destination VRF Membership
Cisco 10000 Series Routers
•Both ends of the tunnel must reside within the same VRF.
•The VRF associated with the tunnel vrf command is the same as the VRF associated with the physical interface over which the tunnel sends packets (outer IP packet routing).
•The VRF associated with the tunnel by using the ip vrf forwarding command is the VRF that the packets are to be forwarded in as the packets exit the tunnel (inner IP packet routing).
•The Cisco 10000 series router does not support the fragmentation of multicast packets passing through a multicast tunnel.
Information About GRE Tunnel IP Source and Destination VRF Membership
This feature allows you to configure the source and destination of a tunnel to belong to any Virtual Private Network (VPN) routing and forwarding (VRF) table. A VRF table stores routing data for each VPN. The VRF table defines the VPN membership of a customer site attached to the network access server (NAS). Each VRF table comprises an IP routing table, a derived Cisco Express Forwarding (CEF) table, and guidelines and routing protocol parameters that control the information that is included in the routing table.
Previously, GRE IP tunnels required the IP tunnel destination to be in the global routing table. The implementation of this feature allows you to configure a tunnel source and destination to belong to any VRF. As with existing GRE tunnels, the tunnel becomes disabled if no route to the tunnel destination is defined.
How to Configure GRE Tunnel IP Source and Destination VRF Membership
SUMMARY STEPS
1. enable
2. configure {terminal | memory | network}
3. interface tunnel number
4. ip vrf forwarding vrf-name
5. ip address ip-address subnet-mask
6. tunnel source (ip-address | type number)
7. tunnel destination ip-address {hostname | ip-address}
8. tunnel vrf vrf-name
DETAILED STEPS
Configuration Example for GRE Tunnel IP Source and Destination VRF Membership
In this example, packets received on interface e0 using VRF green are forwarded out of the tunnel through interface e1 using VRF blue.
ip vrf bluerd 1:1ip vrf greenrd 1:2interface loop0ip vrf forwarding blueip address 10.7.7.7 255.255.255.255interface tunnel0ip vrf forwarding greenip address 10.3.3.3 255.255.255.0tunnel source loop 0tunnel destination 10.5.5.5tunnel vrf blueinterface ethernet0ip vrf forwarding greenip address 10.1.1.1 255.255.255.0interface ethernet1ip vrf forwarding blueip address 10.2.2.2 255.255.255.0ip route vrf blue 10.5.5.5 255.255.255.0 ethernet 1Additional References
Related Documents
Standards
Standard TitleNo new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature
—
MIBs
RFCs
RFC TitleNo new or modified RFCs are supported by this feature, and support for existing RFCs has not been modified by this feature.
—
Technical Assistance
Command Reference
This section documents the new command. All other commands used with this feature are documented in the Cisco IOS Release 12.2 command reference publications.
tunnel vrf
To associate a VPN routing and forwarding (VRF) instance with a specific tunnel destination, interface or subinterface, use the tunnel vrf command in global configuration mode or interface configuration mode. To disassociate a VRF from the tunnel destination, use the no form of this command.
tunnel vrf vrf-name
no tunnel vrf vrf-name
Syntax Description
Defaults
The default destination is determined by the global routing table.
Command Modes
Global configuration
Interface configurationCommand History
Usage Guidelines
The tunnel source and destination must be in the same VRF.
Either the IP VRF or the tunnel VRF can be set to the global routing table (using the no ip vrf forwarding vrf command or the no tunnel vrf vrf command).
The tunnel is disabled if no route to the tunnel destination is defined. If the tunnel VRF is set, there must be a route to that destination in the VRF.
Cisco 10000 Series Router
The VRF associated with the tunnel vrf command is the same as the VRF associated with the physical interface over which the tunnel sends packets (outer IP packet routing).
Examples
The following example shows how to associate a VRF with a tunnel destination. The router looks up the tunnel endpoint, 10.5.5.5, in the blue VRF.
interface tunnel0ip vrf forwarding greenip address 10.3.3.3 255.255.255.0tunnel source loop 0tunnel destination 10.5.5.5tunnel vrf blueRelated Commands
Feature Information for GRE Tunnel IP Source and Destination VRF Membership
Table 1 lists the release history for this feature.
Not all commands may be available in your Cisco IOS software release. For release information about a specific command, see the command reference documentation.
Cisco IOS software images are specific to a Cisco IOS software release, a feature set, and a platform. Use Cisco Feature Navigator to find information about platform support and Cisco IOS software image support. Access Cisco Feature Navigator at http://www.cisco.com/go/fn. You must have an account on Cisco.com. If you do not have an account or have forgotten your username or password, click Cancel at the login dialog box and follow the instructions that appear.
Note Table 1 lists only the Cisco IOS software release that introduced support for a given feature in a given Cisco IOS software release train. Unless noted otherwise, subsequent releases of that Cisco IOS software release train also support that feature.
Obtaining Documentation, Obtaining Support, and Security Guidelines
For information on obtaining documentation, obtaining support, providing documentation feedback, security guidelines, and also recommended aliases and general Cisco documents, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:
http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html
CCVP, the Cisco Logo, and the Cisco Square Bridge logo are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn is a service mark of Cisco Systems, Inc.; and Access Registrar, Aironet, BPX, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, IP/TV, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, iQuick Study, LightStream, Linksys, MeetingPlace, MGX, Networking Academy, Network Registrar, Packet, PIX, ProConnect, RateMUX, ScriptShare, SlideCast, SMARTnet, StackWise, The Fastest Way to Increase Your Internet Quotient, and TransPath are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0704R)
Copyright © 2007 Cisco Systems, Inc. All rights reserved.