Hello all,
Does GRE work on unidirectional links ?
I need to configure a GRE tunnel over a one-way link .. from Router A to Router B. (There is no return path from router B to Router A). If I configure a GRE tunnel the regular way will it work ?
Thanks,
-kartik
In article , kartik wrote: :Does GRE work on unidirectional links ?
:I need to configure a GRE tunnel over a one-way link .. from Router A :to Router B. (There is no return path from router B to Router A). If I :configure a GRE tunnel the regular way will it work ?
Perhaps you could leave off the 'tunnel source' on router B, or perhaps you could use a "source" which was the NULL interface, or a loopback interface that nothing was going into.
When you say there is no return path, do you mean that no packets at all can get back, or do you mean that no *data* is intended to flow? Looking briefly through the documentation, it looks to me that a simple GRE tunnel without keepalives might work without any back-packets at all. I suspect that if you introduced encryption onto the tunnel that the encryption might perhaps need communications back, but that's something that would need to be checked.
Thank you for your response. I think I am very close ... but ...
I tried but without a "tunnel source" the tunnel interface on Router B does not come up. Here is a snippet of my configuration on Routers A and B ..
I can tell from the Router A serial interface stats connected to the one-way link that my multicast packets are getting tunnelled and are going through to the one way link....
Router B is receiving it on its serial link but the packets as evidenced by the serial interface statistics. However it never get de-capsulated and forwarded on the LAN of ROuter B. ######################################################## ROUTER A ! interface Tunnel0 ip unnumbered FastEthernet0/0.1 ip pim dense-mode ip igmp join-group 239.232.1.20 tunnel source FastEthernet0/0.1 tunnel destination 192.168.10.15 !
interface FastEthernet0/0.1 description Vlan1 Video and Data encapsulation dot1Q 1 native ip address 10.7.10.1 255.255.255.128 no ip redirects no ip unreachables no ip proxy-arp ip pim dense-mode ip igmp join-group 239.232.1.20
!interface Serial1/0 description One Way Out ONLY Link bandwidth 384 ip address 1.1.1.1 255.255.255.0 no ip redirects no ip unreachables no ip proxy-arp !
ip route 192.168.10.15 255.255.255.255 Serial1/0 ###############################################
ROUTER B
! interface Loopback0 ip address 6.6.6.6 255.255.255.0 ip pim dense-mode ip igmp join-group 239.232.1.20 ! interface Tunnel0 no ip address ip pim dense-mode ip igmp join-group 239.232.1.20 tunnel source FastEthernet0/0 tunnel destination 6.6.6.6 ! interface FastEthernet0/0 description $ETH-LAN$ ip address 192.168.10.15 255.255.255.0 ip pim dense-mode ip igmp join-group 239.232.1.20
ip mroute 0.0.0.0 0.0.0.0 Tunnel0
Thank you
-Kartik
In article , kartik wrote: :I tried but without a "tunnel source" the tunnel interface on Router B :does not come up. Here is a snippet of my configuration on Routers A :and B ..
I have done little GRE myself, so I'm probably off-base, but...
:ROUTER A
Leave as is. The tunnel traffic exits the router via a serial interface.
:ROUTER B
Hmmmm... not sure that's right.
It seems to me that the tunnel destination might need to be the 10.7.10.1 of Router A's FE interface, which you are borrowing for the tunnel via the "ip unnumbered" statement. If the tunnel destination does not match the other sender, then the router isn't going to know -which- GRE tunnel it is dealing with (since there might be several.)
You don't have a Serial interface shown to receive the data.
If you don't want any packets going back, you shouldn't be routing them to the Tunnel0.
To prevent traffic from going back along the tunnel, put in an access list and apply it "out" Tunnel0 on Router B.
Thank you ! I have this working now. You are right, the
Since i do not have a return path from Router B to Router A I tricked router B by configuring a loopback interface with the same IP address as the tunnel A source interface. Then I configured tunnel source and tunnel destination IPs as per the rules above.
Thank you very much for you help.
-Kartik
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.