Hi Rashed,
Dynamic GRE tunnel VPN are useful where you don't have MPLS labeled-path between the PEs.
As per RFC2547, packet coming from CE are forwarded by PE by pushing two labels(Upper and Bottom). Intermediate P routers will forward these packets based on the bottom label and eventually when packet arrives on the other side PE, packets would be forwarded based on the Upper Label.
However, in case of non-MPLS routers being deployed in network, then VPNs may not work.
Hence in this case where, there are non-MPLS "P" routers, VPNs can still be deployed with dynamic GRE.
When a PE router receives a VPN route from other side PE, it looks for BGP nexthop entry in "inet.3" table as part of route resolution. If this lookup fails, then the routes are hidden. By configuring dynamic GRE, the PEER address would be installed in "inet.3" table which makes these routes as active.
Example:
Toplogy:
=======
CE1------PE1------P------PE2------CE2
[edit]
suryak@PE1# show protocols bgp
group int {
type internal;
local-address 1.1.1.1;
neighbor 3.3.3.3 {
family inet-vpn {
unicast;
}
}
}
[edit]
suryak@PE1# show routing-instances
VPNA {
instance-type vrf;
interface ge-3/0/0.0;
route-distinguisher 65000:1;
vrf-target target:100:100;
protocols {
bgp {
group CE1 {
neighbor 172.168.1.1 {
peer-as 100;
}
}
}
}
}
[edit]
suryak@PE1# show routing-options
router-id 1.1.1.1;
autonomous-system 65000;
dynamic-tunnels {
hun-box {
source-address 1.1.1.1;
gre;
destination-networks {
3.3.3.3/32;
}
}
}
[edit]
suryak@PE1# run show route 3.3.3.3
inet.0: 42 destinations, 42 routes (41 active, 0 holddown, 1 hidden)
+ = Active Route, - = Last Active, * = Both
3.3.3.3/32 *[OSPF/10] 00:28:20, metric 2
> to 10.8.1.2 via ge-3/2/0.0
inet.3: 1 destinations, 2 routes (1 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
3.3.3.3/32 *[Tunnel/300] 00:21:03
> via gr-5/2/0.32769
[Tunnel/300] 00:23:06
Tunnel
[edit]
suryak@PE1# run show bgp summary
Groups: 2 Peers: 2 Down peers: 0
Table Tot Paths Act Paths Suppressed History Damp State Pending
bgp.l3vpn.0 2 2 0 0 0 0
Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped...
3.3.3.3 65000 65 62 0 0 26:13 Establ
bgp.l3vpn.0: 2/2/2/0
VPNA.inet.0: 2/2/2/0
172.168.1.1 100 64 65 0 0 27:23 Establ
VPNA.inet.0: 1/1/1/0
[edit]
suryak@PE1# run show route receive-protocol bgp 3.3.3.3 extensive
inet.0: 42 destinations, 42 routes (41 active, 0 holddown, 1 hidden)
inet.3: 1 destinations, 2 routes (1 active, 0 holddown, 0 hidden)
VPNA.inet.0: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden)
* 120.120.0.0/24 (1 entry, 1 announced)
Import Accepted
Route Distinguisher: 65000:3
VPN Label: 299824
Nexthop: 3.3.3.3
Localpref: 100
AS path: 200 I
Communities: target:100:100
* 172.169.0.0/30 (1 entry, 1 announced)
Import Accepted
Route Distinguisher: 65000:3
VPN Label: 299824
Nexthop: 3.3.3.3
Localpref: 100
AS path: I
Communities: target:100:100
iso.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
mpls.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden)
bgp.l3vpn.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden)
* 65000:3:120.120.0.0/24 (1 entry, 0 announced)
Import Accepted
Route Distinguisher: 65000:3
VPN Label: 299824
Nexthop: 3.3.3.3
Localpref: 100
AS path: 200 I
Communities: target:100:100
* 65000:3:172.169.0.0/30 (1 entry, 0 announced)
Import Accepted
Route Distinguisher: 65000:3
VPN Label: 299824
Nexthop: 3.3.3.3
Localpref: 100
AS path: I
Communities: target:100:100
inet6.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden)
[edit]
suryak@PE1# run show route forwarding-table destination 120.120.0.0 vpn VPNA
Routing table: VPNA.inet
Internet:
Destination Type RtRef Next hop Type Index NhRef Netif
120.120.0.0/24 user 0 indr 2097150 3
Push 299824 621 2 gr-5/2/0.32769
Regards
Surya Prakash
If you think I answered you query, please accept the solution
In case your liked it, Kudos would be appreciated.