Re: GRE/IPSEC Tunnel and loopback interface
- From: Bod43@xxxxxxxxxxxxx
- Date: 30 Apr 2007 07:05:41 -0700
On 30 Apr, 12:01, "Mimmus" <viggi...@xxxxxxxxxxx> wrote:
Hi,
I have two internal routers with a serial interface connected to a "public"
network (indeed it is the Internet but ISP allows communication only between
two routers).
As a backup link, I have to configure a GRE/IPSEC tunnel between routers,
also carrying OSPF traffic for dynamic routing between sites.
Provider gave me a /30 for point-to-point link and a /29, for each site..
In all documents, I'm reading that I need to assign an IP from /29 to a
loopback interface.
Problem is that I'm not using loopback interfaces on my routers (I know... I
know... they are useful...) and, in any case, I don't like having a public
IP on my loopback.
Is there some other way to proceed?
You can use ANY ingerface on the router as a tunnel
souce/destination.
The reason that loopbacks are preferred in general is that
with some network designs it is possible for the tunnel
source/dest interface to go down and even though there
is another path the tunnel will do down too. The loopbacks are
always up.
I do not have a perfect picture of you network I don't think,
but if each router has only one outside interface
and no other path then there will be no disadvantage in
using the external interface to terminate the tunnel.
Beware recursive routing.
I ALWAYS put in static routing to the tunnel endpoints.
.
- Follow-Ups:
- Re: GRE/IPSEC Tunnel and loopback interface
- From: Mimmus
- Re: GRE/IPSEC Tunnel and loopback interface
- References:
- GRE/IPSEC Tunnel and loopback interface
- From: Mimmus
- GRE/IPSEC Tunnel and loopback interface
- Prev by Date: Catalyst 4003 port speeds
- Next by Date: STANDBY-3-DUPADDR
- Previous by thread: GRE/IPSEC Tunnel and loopback interface
- Next by thread: Re: GRE/IPSEC Tunnel and loopback interface
- Index(es):
Relevant Pages
|
