Hi, I've got to terminate a remote site in to a customer's VRF using a GRE tunnel. The tunnel comes up and I can ping across the tunnel and I can also reach other hosts in the same VRF on the PE router that the tunnel terminates. However I cannot reach any hosts on other PE routers. For example, the traffic path is as follows
CE---GRE---PE-1---PE-2---FIREWALL I don't see any ICMP packets hitting the firewall. However, other hosts on PE1 are able to reach the firewall without any issues. The GRE tunnel on PE-1 is in the correct VRF interface Tunnel1 ip vrf forwarding XXX ip address 172.31.255.45 255.255.255.252 ip mtu 1460 tunnel source Loopback0 tunnel destination xxx.xxx.xxx.xxx end ON PE-1, I can see the correct route Routing entry for 10.200.0.0/24 Known via "bgp 20547", distance 200, metric 0, type internal Redistributing via ospf 2 Advertised by ospf 2 metric-type 1 subnets Last update from xxx.xxx.xxx.xxx 7w0d ago Routing Descriptor Blocks: * xxx.xxx.xxx.xxx (default), from xxx.xxx.xxx.xxx, 7w0d ago Route metric is 0, traffic share count is 1 AS Hops 0 MPLS Required I can see the forwarding table is correct and goes out of the right interface towards PE-2 Local Outgoing Prefix Bytes Label Outgoing Next Hop Label Label or VC or Tunnel Id Switched interface None 143 10.200.0.0/24[V] 0 Gi1/1.5 xxx.xxx.xxx.xxx And PE-2 has the correct local label and will remove it. 143 No Label 10.200.0.0/24[V] 0 Vl2055 172.31.255.49 It is strange how it only occurs with the GRE tunnel. Anyone have any suggestions on how I can troubleshoot this further? Thanks Tim Timothy Arnold Senior Engineer, Network & Security Group, UKSolutions Telephone: 0845 004 1333, option 2 Email: [EMAIL PROTECTED] Web: www.uksolutions.co.uk<http://www.uksolutions.co.uk/> UKS Ltd, Birmingham Road, Studley, Warwickshire, B80 7BG Registered in England Number 3036806 This email must be read in conjunction with the legal & service notices on http://www.uksolutions.co.uk/disclaimer _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/