GRE/IPSEC Tunnel and loopback interface

Hi, I have two internal routers with a serial interface connected to a "public" network (indeed it is the Internet but ISP allows communication only between two routers). As a backup link, I have to configure a GRE/IPSEC tunnel between routers, also carrying OSPF traffic for dynamic routing between sites. Provider gave me a /30 for point-to-point link and a /29, for each site.. In all documents, I'm reading that I need to assign an IP from /29 to a loopback interface. Problem is that I'm not using loopback interfaces on my routers (I know... I know... they are useful...) and, in any case, I don't like having a public IP on my loopback. Is there some other way to proceed?

Thanks Mimmus

Reply to
Loading thread data ...

You can use ANY ingerface on the router as a tunnel souce/destination.

The reason that loopbacks are preferred in general is that with some network designs it is possible for the tunnel source/dest interface to go down and even though there is another path the tunnel will do down too. The loopbacks are always up.

I do not have a perfect picture of you network I don't think, but if each router has only one outside interface and no other path then there will be no disadvantage in using the external interface to terminate the tunnel.

Beware recursive routing. I ALWAYS put in static routing to the tunnel endpoints.

Reply to

ha scritto nel messaggio news:

Exactly what I done! Tunnel is absolutely a Point-to-Point one and using the loopback interface caused some problems (see below...)

Ok, I experimented this :-( I don't know exactly why but, using the loopback interface, I had some loop, peraphs due to another indirect link between tunnel endopoints advertised by OSPF. I was not able to filter it.

Thanks again Mimmus

Reply to
Mimmus Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.