Generic Routing Encapsulation Tunnel IP Source and Destination VRF Membership

Available Languages

Download Options

PDF (417.7 KB)
View with Adobe Reader on a variety of devices

Updated:November 2, 2007

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Generic Routing Encapsulation Tunnel IP Source and Destination VRF Membership

Table Of Contents

Generic Routing Encapsulation Tunnel IP Source and Destination VRF Membership

Contents

Restrictions for GRE Tunnel IP Source and Destination VRF Membership

Information About GRE Tunnel IP Source and Destination VRF Membership

How to Configure GRE Tunnel IP Source and Destination VRF Membership

Configuration Example for GRE Tunnel IP Source and Destination VRF Membership

Additional References

Related Documents

Standards

MIBs

RFCs

Technical Assistance

Command Reference

tunnel vrf

Feature Information for GRE Tunnel IP Source and Destination VRF Membership

Obtaining Documentation, Obtaining Support, and Security Guidelines

Generic Routing Encapsulation Tunnel IP Source and Destination VRF Membership

Last Updated: April, 2007

The Generic Routing Encapsulation Tunnel IP Source and Destination VRF Membership feature allows you to configure the source and destination of a tunnel to belong to any virtual private network (VPN) routing and forwarding (VRF) table.

Finding Feature Information in This Module

Your Cisco IOS software release may not support all of the features documented in this module. To reach links to specific feature documentation in this module and to see a list of the releases in which each feature is supported, use the "Feature Information for GRE Tunnel IP Source and Destination VRF Membership" section.

Finding Support Information for Platforms and Cisco IOS Software Images

Use Cisco Feature Navigator to find information about platform support and Cisco IOS software image support. Access Cisco Feature Navigator at http://www.cisco.com/go/fn. You must have an account on Cisco.com. If you do not have an account or have forgotten your username or password, click Cancel at the login dialog box and follow the instructions that appear.

Contents

•Restrictions for GRE Tunnel IP Source and Destination VRF Membership

•Restrictions for GRE Tunnel IP Source and Destination VRF Membership

•Information About GRE Tunnel IP Source and Destination VRF Membership

•How to Configure GRE Tunnel IP Source and Destination VRF Membership

•Configuration Example for GRE Tunnel IP Source and Destination VRF Membership

•Additional References

•Command Reference

•Feature Information for GRE Tunnel IP Source and Destination VRF Membership

•Obtaining Documentation, Obtaining Support, and Security Guidelines

Restrictions for GRE Tunnel IP Source and Destination VRF Membership

Cisco 10000 Series Routers

•Both ends of the tunnel must reside within the same VRF.

•The VRF associated with the tunnel vrf command is the same as the VRF associated with the physical interface over which the tunnel sends packets (outer IP packet routing).

•The VRF associated with the tunnel by using the ip vrf forwarding command is the VRF that the packets are to be forwarded in as the packets exit the tunnel (inner IP packet routing).

•The Cisco 10000 series router does not support the fragmentation of multicast packets passing through a multicast tunnel.

Information About GRE Tunnel IP Source and Destination VRF Membership

This feature allows you to configure the source and destination of a tunnel to belong to any Virtual Private Network (VPN) routing and forwarding (VRF) table. A VRF table stores routing data for each VPN. The VRF table defines the VPN membership of a customer site attached to the network access server (NAS). Each VRF table comprises an IP routing table, a derived Cisco Express Forwarding (CEF) table, and guidelines and routing protocol parameters that control the information that is included in the routing table.

Previously, GRE IP tunnels required the IP tunnel destination to be in the global routing table. The implementation of this feature allows you to configure a tunnel source and destination to belong to any VRF. As with existing GRE tunnels, the tunnel becomes disabled if no route to the tunnel destination is defined.

How to Configure GRE Tunnel IP Source and Destination VRF Membership

SUMMARY STEPS

1. enable

2. configure {terminal | memory | network}

3. interface tunnel number

4. ip vrf forwarding vrf-name

5. ip address ip-address subnet-mask

6. tunnel source (ip-address | type number)

7. tunnel destination ip-address {hostname | ip-address}

8. tunnel vrf vrf-name

DETAILED STEPS
Command or Action

Purpose

Step 1

enable

Example:

Router> enable

Enables higher privilege levels, such as privileged EXEC mode.

•Enter your password if prompted.

Step 2

configure terminal

Example:

Router# configure terminal

Enters global configuration mode.

Step 3

interface tunnel number

Example:

Router(config)# interface tunnel 0

Enters interface configuration mode for the specified interface.

•number is the number associated with the tunnel interface.
Step 4
ip vrf forwarding vrf-name
Example:

Router(config-if)# ip vrf forwarding green
Associates a virtual private network (VPN) routing and forwarding (VRF) instance with an interface or subinterface.

•vrf-name is the name assigned to a VRF.
Step 5

ip address ip-address subnet-mask

Example:

Router(config-if)# ip address 10.7.7.7 255.255.255.255

Specifies the interface IP address and subnet mask.

•ip-address specifies the IP address of the interface.

•subnet-mask specifies the subnet mask of the interface.

Step 6

tunnel source {ip-address | type number}

Example:

Router(config-if)# tunnel source loop 0

Specifies the source of the tunnel interface.

•ip-address specifies the IP address to use as the source address for packets in the tunnel.

•type specifies the interface type (for example, serial).

•number specifies the port, connector, or interface card number. The numbers are assigned at the factory at the time of installation or when added to a system, and can be displayed using the show interfaces command.

Step 7

Router(config-if)# tunnel destination {hostname | ip-address}

Example:

Router(config-if)# tunnel destination 10.5.5.5

Defines the tunnel destination.

hostname specifies the name of the host destination.

ip-address specifies the IP address of the host destination.

Step 8

Router(config-if)# tunnel vrf vrf-name

Example:

Router(config-if)# tunnel vrf finance1

Associates a VPN routing and forwarding (VRF) instance with a specific tunnel destination.

vrf-name is the name assigned to a VRF.
Configuration Example for GRE Tunnel IP Source and Destination VRF Membership

In this example, packets received on interface e0 using VRF green are forwarded out of the tunnel through interface e1 using VRF blue.
ip vrf blue
 rd 1:1
ip vrf green
 rd 1:2
interface loop0
 ip vrf forwarding blue
 ip address 10.7.7.7 255.255.255.255
interface tunnel0
 ip vrf forwarding green
 ip address 10.3.3.3 255.255.255.0
 tunnel source loop 0
 tunnel destination 10.5.5.5
 tunnel vrf blue
interface ethernet0
 ip vrf forwarding green
 ip address 10.1.1.1 255.255.255.0
interface ethernet1
 ip vrf forwarding blue
 ip address 10.2.2.2 255.255.255.0
 ip route vrf blue 10.5.5.5 255.255.255.0 ethernet 1
Additional References

Related Documents

Related Topic

Document Title

VRF tables

"Configuring Multiprotocol Label Switching" chapter of the Cisco IOS Switching Services Configuration Guide, Release 12.2

Tunnels

Cisco IOS Interface Configuration Guide, Release 12.2

Standards

Standard

Title

No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature

—

MIBs

MIB

MIBs Link

No new or modified MIBs are supported by this feature, and support for existing MIBs has not been modified by this feature.

To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL:

http://www.cisco.com/go/mibs

RFCs

RFC

Title

No new or modified RFCs are supported by this feature, and support for existing RFCs has not been modified by this feature.

—

Technical Assistance

Description

Link

The Cisco Technical Support & Documentation website contains thousands of pages of searchable technical content, including links to products, technologies, solutions, technical tips, and tools. Registered Cisco.com users can log in from this page to access even more content.

http://www.cisco.com/techsupport

Command Reference

This section documents the new command. All other commands used with this feature are documented in the Cisco IOS Release 12.2 command reference publications.

•tunnel vrf

tunnel vrf

To associate a VPN routing and forwarding (VRF) instance with a specific tunnel destination, interface or subinterface, use the tunnel vrf command in global configuration mode or interface configuration mode. To disassociate a VRF from the tunnel destination, use the no form of this command.

tunnel vrf vrf-name

no tunnel vrf vrf-name

Syntax Description

vrf-name

Name assigned to a VRF.

Defaults

The default destination is determined by the global routing table.

Command Modes

Global configuration
Interface configuration

Command History

Release

Modification

12.0(23)S

This command was introduced.

12.3(2)T

This command was integrated into Cisco IOS Release 12.3(2)T.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2(31)SB5

This command was integrated into Cisco IOS Release 12.2(31)SB5.

Usage Guidelines

The tunnel source and destination must be in the same VRF.

Either the IP VRF or the tunnel VRF can be set to the global routing table (using the no ip vrf forwarding vrf command or the no tunnel vrf vrf command).

The tunnel is disabled if no route to the tunnel destination is defined. If the tunnel VRF is set, there must be a route to that destination in the VRF.

Cisco 10000 Series Router

The VRF associated with the tunnel vrf command is the same as the VRF associated with the physical interface over which the tunnel sends packets (outer IP packet routing).

Examples

The following example shows how to associate a VRF with a tunnel destination. The router looks up the tunnel endpoint, 10.5.5.5, in the blue VRF.
interface tunnel0
 ip vrf forwarding green
 ip address 10.3.3.3 255.255.255.0
 tunnel source loop 0
 tunnel destination 10.5.5.5
 tunnel vrf blue
Related Commands

Command

Description

ip route vrf

Establishes static routes for a VRF.

ip vrf

Configures a VRF routing table.

ip vrf forwarding

Associates a VPN VRF instance with an interface or subinterface.

tunnel destination

Specifies the destination for a tunnel interface.

tunnel source

Sets the source address for a tunnel interface.

Feature Information for GRE Tunnel IP Source and Destination VRF Membership

Table 1 lists the release history for this feature.

Not all commands may be available in your Cisco IOS software release. For release information about a specific command, see the command reference documentation.

Cisco IOS software images are specific to a Cisco IOS software release, a feature set, and a platform. Use Cisco Feature Navigator to find information about platform support and Cisco IOS software image support. Access Cisco Feature Navigator at http://www.cisco.com/go/fn. You must have an account on Cisco.com. If you do not have an account or have forgotten your username or password, click Cancel at the login dialog box and follow the instructions that appear.

Note Table 1 lists only the Cisco IOS software release that introduced support for a given feature in a given Cisco IOS software release train. Unless noted otherwise, subsequent releases of that Cisco IOS software release train also support that feature.

Table 1 Feature Information for GRE Tunnel IP Source and Destination VRF Membership

Feature Name

Releases

Feature Information

GRE Tunnel IP Source and Destination VRF Membership

12.0(23)S
12.2(31)SB5

Allows you to configure the source and destination of a tunnel to belong to any VPN VRF table.

In 12.0(23)S, this feature was introduced.

In 12.2(31)SB5, support was added for the Cisco 10000 series router for the PRE2 and PRE3.

The following command was introduced by this feature: tunnel vrf.

Obtaining Documentation, Obtaining Support, and Security Guidelines

For information on obtaining documentation, obtaining support, providing documentation feedback, security guidelines, and also recommended aliases and general Cisco documents, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:

http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html

CCVP, the Cisco Logo, and the Cisco Square Bridge logo are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn is a service mark of Cisco Systems, Inc.; and Access Registrar, Aironet, BPX, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, IP/TV, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, iQuick Study, LightStream, Linksys, MeetingPlace, MGX, Networking Academy, Network Registrar, Packet, PIX, ProConnect, RateMUX, ScriptShare, SlideCast, SMARTnet, StackWise, The Fastest Way to Increase Your Internet Quotient, and TransPath are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.

All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0704R)

Copyright © 2007 Cisco Systems, Inc. All rights reserved.

	Command or Action	Purpose
Step 1	enable Example: Router> enable	Enables higher privilege levels, such as privileged EXEC mode. •Enter your password if prompted.
Step 2	configure terminal Example: Router# configure terminal	Enters global configuration mode.
Step 3	interface tunnel number Example: Router(config)# interface tunnel 0	Enters interface configuration mode for the specified interface. •number is the number associated with the tunnel interface.
Step 4	ip vrf forwarding vrf-name Example: Router(config-if)# ip vrf forwarding green	Associates a virtual private network (VPN) routing and forwarding (VRF) instance with an interface or subinterface. •vrf-name is the name assigned to a VRF.
Step 5	ip address ip-address subnet-mask Example: Router(config-if)# ip address 10.7.7.7 255.255.255.255	Specifies the interface IP address and subnet mask. •ip-address specifies the IP address of the interface. •subnet-mask specifies the subnet mask of the interface.
Step 6	tunnel source {ip-address \| type number} Example: Router(config-if)# tunnel source loop 0	Specifies the source of the tunnel interface. •ip-address specifies the IP address to use as the source address for packets in the tunnel. •type specifies the interface type (for example, serial). •number specifies the port, connector, or interface card number. The numbers are assigned at the factory at the time of installation or when added to a system, and can be displayed using the show interfaces command.
Step 7	Router(config-if)# tunnel destination {hostname \| ip-address} Example: Router(config-if)# tunnel destination 10.5.5.5	Defines the tunnel destination. hostname specifies the name of the host destination. ip-address specifies the IP address of the host destination.
Step 8	Router(config-if)# tunnel vrf vrf-name Example: Router(config-if)# tunnel vrf finance1	Associates a VPN routing and forwarding (VRF) instance with a specific tunnel destination. vrf-name is the name assigned to a VRF.

Related Topic	Document Title
VRF tables	"Configuring Multiprotocol Label Switching" chapter of the Cisco IOS Switching Services Configuration Guide, Release 12.2
Tunnels	Cisco IOS Interface Configuration Guide, Release 12.2

Standard	Title
No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature	—

MIB	MIBs Link
No new or modified MIBs are supported by this feature, and support for existing MIBs has not been modified by this feature.	To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL: http://www.cisco.com/go/mibs

RFC	Title
No new or modified RFCs are supported by this feature, and support for existing RFCs has not been modified by this feature.	—

Description	Link
The Cisco Technical Support & Documentation website contains thousands of pages of searchable technical content, including links to products, technologies, solutions, technical tips, and tools. Registered Cisco.com users can log in from this page to access even more content.	http://www.cisco.com/techsupport

vrf-name	Name assigned to a VRF.

Release	Modification
12.0(23)S	This command was introduced.
12.3(2)T	This command was integrated into Cisco IOS Release 12.3(2)T.
12.2(33)SRA	This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2(31)SB5	This command was integrated into Cisco IOS Release 12.2(31)SB5.

Command	Description
ip route vrf	Establishes static routes for a VRF.
ip vrf	Configures a VRF routing table.
ip vrf forwarding	Associates a VPN VRF instance with an interface or subinterface.
tunnel destination	Specifies the destination for a tunnel interface.
tunnel source	Sets the source address for a tunnel interface.

Table 1 Feature Information for GRE Tunnel IP Source and Destination VRF Membership
Feature Name	Releases	Feature Information
GRE Tunnel IP Source and Destination VRF Membership	12.0(23)S 12.2(31)SB5	Allows you to configure the source and destination of a tunnel to belong to any VPN VRF table. In 12.0(23)S, this feature was introduced. In 12.2(31)SB5, support was added for the Cisco 10000 series router for the PRE2 and PRE3. The following command was introduced by this feature: tunnel vrf.

Was this Document Helpful?

Feedback

Contact Cisco

Open a Support Case
(Requires a Cisco Service Contract)

This Document Applies to These Products

IOS Software Releases 12.2 SB