Controllerless Networks

 View Only
last person joined: 18 hours ago 

Instant Mode - the controllerless Wi-Fi solution that's easy to set up, is loaded with security and smarts, and won't break your budget
Back to discussions
Expand all | Collapse all

GRE over IPsec (hub&spoke) Issue

This thread has been viewed 9 times

  • 1.  GRE over IPsec (hub&spoke) Issue

    Posted Feb 04, 2021 06:46 PM
    GRE is configured over IPSec, the IPSec VPN is hub and spoke mode.  The GRE interface is running OSPF. keepalive was disabled on GRE interface,

    At the issue time,  GRE interface on spoke can't receive ospf hello packets,  but GRE interface on Hub can receive ospf hellow packet.

    We need to "clear crypto ipsec sa" to recovery the ospf neighbor.

    (7005-2) *[mynode] #show ip ospf interface tunnel 1

    Tunnel 1 is up, line protocol is up
    Internet Address 172.17.100.134, Mask 255.255.255.252, Area 0.0.0.0
    Router ID 172.17.100.4, Network Type POINT_TO_POINT, Cost: 10
    Transmit Delay is 1 sec, State PTPST, Priority 1
    Timer intervals configured, Hello 10, Dead 40, Retransmit 5
    Neighbor Count is 0
    Tx Stat: Hellos 5160 DbDescr 2 LsReq 1 LsUpdate 163 LsAck 113 Pkts 5439
    Tx Err: BufNull 0 BufCorrupt 0 NoMem 0 SendFail 0
    Rx Stat: Hellos 4228 DbDescr 3 LsReq 1 LsUpdate 262 LsAck 13 Pkts 4507
    LoopSend 0 RxVirtualLink 0
    Rx Err: DisCd 0 BadVer 0 BadNet 0 BadArea 0 BadDstAdr 0 BadAuType 0
    BadAuth 0 BadNeigh 0 BadPckType 0 BadVirtLink 0
    IntfDown 0 MySource 0 Legal 0


    (7005-2) *[mynode] #show ip ospf interface tunnel 1

    Tunnel 1 is up, line protocol is up
    Internet Address 172.17.100.134, Mask 255.255.255.252, Area 0.0.0.0
    Router ID 172.17.100.4, Network Type POINT_TO_POINT, Cost: 10
    Transmit Delay is 1 sec, State PTPST, Priority 1
    Timer intervals configured, Hello 10, Dead 40, Retransmit 5
    Neighbor Count is 0
    Tx Stat: Hellos 5161 DbDescr 2 LsReq 1 LsUpdate 163 LsAck 113 Pkts 5440
    Tx Err: BufNull 0 BufCorrupt 0 NoMem 0 SendFail 0
    Rx Stat: Hellos 4228 DbDescr 3 LsReq 1 LsUpdate 262 LsAck 13 Pkts 4507
    LoopSend 0 RxVirtualLink 0
    Rx Err: DisCd 0 BadVer 0 BadNet 0 BadArea 0 BadDstAdr 0 BadAuType 0
    BadAuth 0 BadNeigh 0 BadPckType 0 BadVirtLink 0
    IntfDown 0 MySource 0 Legal 0


    Hub GRE interface:
    (HQ-1) [mynode] #show interface tunnel 1

    Tunnel 1 is up line protocol is up
    Description: Site-1-Primary
    Internet address is 172.17.100.129 255.255.255.252
    Source 172.17.100.1
    Destination 172.17.100.3
    Tunnel mtu is set to 1100
    Tunnel is an IP GRE TUNNEL
    Tunnel is Trusted
    Inter Tunnel Flooding is enabled
    OSPF is enabled on this interface
    Tunnel keepalive is disabled
    Keepalive type is Default
    Tunnel keepalive interval is 10 seconds, retries 3
    ICMP keepalive is disabled
    Tunnel is down 0 times


    ------------------------------
    wei zhang
    ------------------------------