Yep, I would agree with Fred unless I tested it thoroughly. This may be one of those situations where it might seem to work but I wouldn't trust it in production. If it's simply an intellectual exercise it would be interesting to mock it up and see what happens when user traffic actually starts to cross the network. However, if this is for a production environment--or even for lab study--I don't know that I'd spend much time on it. Find a different way to do it! :-)
John >>> Reimer, Fred 7/23/03 7:48:37 AM >>> Oops, I was typing bridge? And it wasn't showing up, so I assumed that it was not available in 12.2(15)T5. It appears that it is, but you have to type out the whole command. Still, I wouldn't use it. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -----Original Message----- From: Luan Nguyen [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 23, 2003 8:50 AM To: 'Reimer, Fred' Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Hello, I was just trying to suggest maybe put the command bridge-group there to see if 12.2.15T5 takes it or not - whether that will work...etc, is a different story - just for information - didn't mean it in the context of ccie lab -luan -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Reimer, Fred Sent: Tuesday, July 22, 2003 11:30 PM To: [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] 12.2(15)T5 is a recommended version for the IP v4 exploit, as far as I know, see (http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml). Are you suggesting that it is not appropriate? Do you recommend that we configure an "unreleased and unsupported feature?" I would not recommend that in a CCIE lab, as they are historically behind in IOS releases, and will not likely support a configuration in a 12.3 version specific command, as a valid solution since they are not even going to support 12.2 until this Fall... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -----Original Message----- From: Luan Nguyen [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 22, 2003 10:02 PM To: 'Reimer, Fred'; [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Uhm, Why don't you just put the command there and see what's going on. I don't mess with 12.2.15Tx any more since, FYI, it has a bug with EIGRP stub connected - forgot the bugID, but if you have a spoke with that command, the hub won't withdraw routes even if the hub doesn't have that route any longer. Okay, to the main topic - I run 12.3.1 on a 7206VXR and I could configure bridge-group on the tunnel interface. interface Tunnel10 bandwidth 1500 ip unnumbered Loopback1 ip mtu 1440 ip hello-interval eigrp 2002 10 ip hold-time eigrp 2002 40 keepalive 10 4 tunnel source 172.16.1.140 tunnel destination 172.16.3.144 bridge-group 1 bridge-group 1 spanning-disabled But it does say this :" CS140(config-if)#bridge-group 1 % This command is an unreleased and unsupported feature -luan -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Reimer, Fred Sent: Tuesday, July 22, 2003 5:48 PM To: [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Wow, I hope you don't try that on your CCIE lab! Last I heard, bridging was not supported on tunnel interfaces. At least it's not on the 12.2(15)T5 running on a 2651XM router I just tested. If you find a (recent, supported) version of IOS that supports "bridge-group" in a tunnel interface please let me know. I think proxy ARP is more what is needed here, if we are talking about IP traffic. If not, then IOS should support the other protocol in the tunnel (it supports AppleTalk, Banyan VINES,CLNS, DECnet, IP, or IPX). If it's "raw" NetBIOS or SNA, then setup DLSW peers... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -----Original Message----- From: Luan Nguyen [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 22, 2003 4:20 PM To: [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Uhm. Never done this or heard of this before. I would just do something like: Interface LAN 1 Bridge-group 1 Interface tunnel 1 Source WAN Destination REMOTE_WAN Bridge-group 1 Since, concurrent routing and bridging makes it possible to both route and bridge a specific protocol on separate interfaces within a router, then WAN just route and LAN/Tunnel just bridge :) If that not work for you, then maybe try intergrated routing and bridging - create a BVI and source the tunnel from that interface. -luan -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 22, 2003 1:34 PM To: [EMAIL PROTECTED] Subject: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Hello, A question barely came up to mind: Would it be possible to "join" a broadcast domain, not by means of a LAN switch but from one remote router to another, using GRE Tunnels? Since I haven't done it before, I kind of thought that it'll be possible. For instance, having: R1eth0(no ip address)--GRE TUNNEL-Ser0--CLOUD--GRE_TUNN--Ser1---R2eth0(no ip address) , where arp packets may flow from R1 to R2 via this GRE Tunnel. Under this scenario and simply put, can R1'sLAN be also part of R2'sLAN? If it's possible, how could the config be like? Best regards, Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=72809&t=72738 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]