Wednesday, July 4, 2018

#100DaysOfLabbing - Day 1 & 2

It's actually day 3 as I write this but I wanted to put down some documentation I've been keeping in a text document.

I learned a few things doing the configs on Day 1 and Day 2. Some of them simpler than others but worth noting.

This is the DMVPN Cisco Validated Design Guide I mentioned:

https://supportforums.cisco.com/legacyfs/online/legacy/3/9/5/26593-DMVPNbk.pdf

Day 1

Day 2

Basic DMVPN


#1 Lesson Learned


!Hub

 int tun 0
ip add 10.123.234.1 255.255.255.0
tunnel source Gi0/0
tunnel mode gre multipoint
no shut

 !Spoke

 int tun 0
ip add 10.123.234.2 255.255.255.0
tunnel source Gi0/0
tunnel destination 10.123.234.1
no shut

! Broke
R2#sho int tun 0
Tunnel0 is up, line protocol is down
  Hardware is Tunnel
  Internet address is 10.123.234.2/24
  MTU 17916 bytes, BW 100 Kbit/sec, DLY 50000 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation TUNNEL, loopback not set
  Keepalive not set
  Tunnel linestate evaluation down - no output interface
  Tunnel source 172.17.100.2 (GigabitEthernet0/0), destination 10.123.234.1
   Tunnel Subblocks:
      src-track:
         Tunnel0 source tracking subblock associated with GigabitEthernet0/0
          Set of tunnels with source GigabitEthernet0/0, 1 member (includes iterators), on interface <OK>
  Tunnel protocol/transport GRE/IP
    Key disabled, sequencing disabled
    Checksumming of packets disabled
  Tunnel TTL 255, Fast tunneling enabled
  Tunnel transport MTU 1476 bytes
  Tunnel transmit bandwidth 8000 (kbps)
  Tunnel receive bandwidth 8000 (kbps)
  Last input never, output never, output hang never

 Lesson Learned: I made the error of incorrectly defining the tunnel destination. I defined it as the remote tunnel interface when actually I needed to use the public NBMA address.

Fixed:

R2#sho int tun 0
Tunnel0 is up, line protocol is up
  Hardware is Tunnel
  Internet address is 10.123.234.2/24
  MTU 17916 bytes, BW 100 Kbit/sec, DLY 50000 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation TUNNEL, loopback not set
  Keepalive not set
  Tunnel linestate evaluation up
  Tunnel source 172.17.100.2 (GigabitEthernet0/0), destination 172.17.100.1
   Tunnel Subblocks:
      src-track:
         Tunnel0 source tracking subblock associated with GigabitEthernet0/0
          Set of tunnels with source GigabitEthernet0/0, 1 member (includes iterators), on interface <OK>
  Tunnel protocol/transport GRE/IP
    Key disabled, sequencing disabled
    Checksumming of packets disabled
  Tunnel TTL 255, Fast tunneling enabled
  Tunnel transport MTU 1476 bytes
  Tunnel transmit bandwidth 8000 (kbps)
  Tunnel receive bandwidth 8000 (kbps)
  Last input never, output never, output hang never

Explanation: The tunnel interface linestate stays down until it has a valid exit interface and route to the remote tunnel destination.

#2 Lesson Learned - Tunnel Keepalives

In the output below you can see "Keepalive not set". Tunnel keepalives are not set by default. You can configure keepalives under the tunnel interface. You can do this be specifying just the keyword "keepalive" and press enter. This will give you the default value of keepalives sent every 10 seconds and will retry 3 times before considering the tunnel down. Conversely you can specify the keepalive values( example 5 seconds) the retry values can also be set but if they are excluded will default to 3 retries.

R4#sho int tun 0
Tunnel0 is up, line protocol is up
  Hardware is Tunnel
  Internet address is 10.123.234.4/24
  MTU 17916 bytes, BW 100 Kbit/sec, DLY 50000 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation TUNNEL, loopback not set
  Keepalive not set
[ ... output omitted ... ]


Keepalive with default values

R3(config-if)#keepalive ?
  <0-32767>  Keepalive period (default 10 seconds)
  <cr>

R3(config-if)#keepalive
R3(config-if)#
R3(config-if)#do sho int tun 0
Tunnel0 is up, line protocol is up
  Hardware is Tunnel
  Internet address is 10.123.234.3/24
  MTU 17916 bytes, BW 100 Kbit/sec, DLY 50000 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation TUNNEL, loopback not set
  Keepalive set (10 sec), retries 3
[ ... output omitted ... ]

Keepalive with defined values
R4(config)#int tun 0


R4(config-if)#keepalive 5
R4(config-if)#end
R4#
R4#sho int tun 0

Tunnel0 is up, line protocol is up
Hardware is Tunnel
Internet address is 10.123.234.4/24
MTU 17916 bytes, BW 100 Kbit/sec, DLY 50000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation TUNNEL, loopback not set
Keepalive set (5 sec), retries 3
[ ... output omitted ... ]
Posted by at
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)