RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738]
Uhm, Why don't you just put the command there and see what's going on. I don't mess with 12.2.15Tx any more since, FYI, it has a bug with EIGRP stub connected - forgot the bugID, but if you have a spoke with that command, the hub won't withdraw routes even if the hub doesn't have that route any longer. Okay, to the main topic - I run 12.3.1 on a 7206VXR and I could configure bridge-group on the tunnel interface. interface Tunnel10 bandwidth 1500 ip unnumbered Loopback1 ip mtu 1440 ip hello-interval eigrp 2002 10 ip hold-time eigrp 2002 40 keepalive 10 4 tunnel source 172.16.1.140 tunnel destination 172.16.3.144 bridge-group 1 bridge-group 1 spanning-disabled But it does say this : CS140(config-if)#bridge-group 1 % This command is an unreleased and unsupported feature -luan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Reimer, Fred Sent: Tuesday, July 22, 2003 5:48 PM To: [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Wow, I hope you don't try that on your CCIE lab! Last I heard, bridging was not supported on tunnel interfaces. At least it's not on the 12.2(15)T5 running on a 2651XM router I just tested. If you find a (recent, supported) version of IOS that supports bridge-group in a tunnel interface please let me know. I think proxy ARP is more what is needed here, if we are talking about IP traffic. If not, then IOS should support the other protocol in the tunnel (it supports AppleTalk, Banyan VINES,CLNS, DECnet, IP, or IPX). If it's raw NetBIOS or SNA, then setup DLSW peers... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Luan Nguyen [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 22, 2003 4:20 PM To: [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Uhm. Never done this or heard of this before. I would just do something like: Interface LAN 1 Bridge-group 1 Interface tunnel 1 Source WAN Destination REMOTE_WAN Bridge-group 1 Since, concurrent routing and bridging makes it possible to both route and bridge a specific protocol on separate interfaces within a router, then WAN just route and LAN/Tunnel just bridge :) If that not work for you, then maybe try intergrated routing and bridging - create a BVI and source the tunnel from that interface. -luan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 22, 2003 1:34 PM To: [EMAIL PROTECTED] Subject: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Hello, A question barely came up to mind: Would it be possible to join a broadcast domain, not by means of a LAN switch but from one remote router to another, using GRE Tunnels? Since I haven't done it before, I kind of thought that it'll be possible. For instance, having: R1eth0(no ip address)--GRE TUNNEL-Ser0--CLOUD--GRE_TUNN--Ser1---R2eth0(no ip address) , where arp packets may flow from R1 to R2 via this GRE Tunnel. Under this scenario and simply put, can R1'sLAN be also part of R2'sLAN? If it's possible, how could the config be like? Best regards, Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72909t=72738 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: GRE TUNNEL/Ethernet-broadcast-like? [7:72738]
I concur, even if you are a consarned top poster. ;- As I understand it, the IOS version chosen for the CCIE Lab is done so for the purpose of allowing for the possibility of testing certain features. The proctors ( or at least those with whom I had my discussions ) are adamant that any given lab can be configured using the particular IOS, and that there are no bugs involving features that are tested. That said, this newsgroup also serves as a general Cisco informational group. Non lab topics have always been a part of the thrill of this group, or at least it has been for me, for the last 4 years or so. There is a list dedicated to CCIE study, which has a different tone, and it a bit less free form ( and a lot less fun, IMHO ) than this one. You can check the groupstudy web site for the archives to get an idea of the flavor. Reimer, Fred wrote in message news:[EMAIL PROTECTED] Let me set the record straight. My only goal here is to prepare and succeed in passing the Cisco CCIE written and lab exams. I know that there are features and options that are available in certain versions of IOS, and those options can be, and are likely un-useful, to CCIE candidates. However, it should be the focus of this group to understand and comprehend the specific feature available in the IOS releases that are used in the written and lab exams. It makes no sense, and in a certain view is detrimental, to bring up features that are only available in versions of IOS that will not be used in the testing criteria. If there have been any features that are available in the exams that I incorrectly misrepresented, then please correct me. I will be taking the written and lab exams in the near future, and would definitely benefit from the feedback of this group. I don't think it is useful to inject features that are available in IOS versions that will not be used in the testing into this discussion. Again, correct me if I'm wrong. I'm new to this group, so this may be out of line... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Reimer, Fred Sent: Tuesday, July 22, 2003 11:30 PM To: Luan Nguyen; 'Reimer, Fred'; [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] 12.2(15)T5 is a recommended version for the IP v4 exploit, as far as I know, see (http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml). Are you suggesting that it is not appropriate? Do you recommend that we configure an unreleased and unsupported feature? I would not recommend that in a CCIE lab, as they are historically behind in IOS releases, and will not likely support a configuration in a 12.3 version specific command, as a valid solution since they are not even going to support 12.2 until this Fall... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Luan Nguyen [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 22, 2003 10:02 PM To: 'Reimer, Fred'; [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Uhm, Why don't you just put the command there and see what's going on. I don't mess with 12.2.15Tx any more since, FYI, it has a bug with EIGRP stub connected - forgot the bugID, but if you have a spoke with that command, the hub won't withdraw routes even if the hub doesn't have that route any longer. Okay, to the main topic - I run 12.3.1 on a 7206VXR and I could configure bridge-group on the tunnel interface. interface Tunnel10 bandwidth 1500 ip unnumbered Loopback1 ip mtu 1440 ip hello-interval eigrp 2002 10 ip hold-time eigrp 2002 40 keepalive 10 4 tunnel source 172.16.1.140 tunnel destination 172.16.3.144 bridge-group 1 bridge-group 1 spanning-disabled But it does say this : CS140(config-if)#bridge-group 1 % This command is an unreleased and unsupported
Re: GRE TUNNEL/Ethernet-broadcast-like? [7:72738]
Fred, A few years ago this list was opened up to questions and discussions that aren't necessarily related to certification. In fact, discussions don't even have to be Cisco-related, although they usually are. You'll quite often see stuff like this around here, and many times people simply want to know if something can be done, not whether it's a good idea for it to be done. :-) I have my doubts that this could be configured in such a way as to be reliable and stable, but who knows. I even gave a suggestion earlier that I now think won't work. I'm too tired at the moment to try it out, though. John - Original Message - From: Reimer, Fred To: Sent: Tuesday, July 22, 2003 9:29 PM Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] 12.2(15)T5 is a recommended version for the IP v4 exploit, as far as I know, see (http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml). Are you suggesting that it is not appropriate? Do you recommend that we configure an unreleased and unsupported feature? I would not recommend that in a CCIE lab, as they are historically behind in IOS releases, and will not likely support a configuration in a 12.3 version specific command, as a valid solution since they are not even going to support 12.2 until this Fall... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Luan Nguyen [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 22, 2003 10:02 PM To: 'Reimer, Fred'; [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Uhm, Why don't you just put the command there and see what's going on. I don't mess with 12.2.15Tx any more since, FYI, it has a bug with EIGRP stub connected - forgot the bugID, but if you have a spoke with that command, the hub won't withdraw routes even if the hub doesn't have that route any longer. Okay, to the main topic - I run 12.3.1 on a 7206VXR and I could configure bridge-group on the tunnel interface. interface Tunnel10 bandwidth 1500 ip unnumbered Loopback1 ip mtu 1440 ip hello-interval eigrp 2002 10 ip hold-time eigrp 2002 40 keepalive 10 4 tunnel source 172.16.1.140 tunnel destination 172.16.3.144 bridge-group 1 bridge-group 1 spanning-disabled But it does say this : CS140(config-if)#bridge-group 1 % This command is an unreleased and unsupported feature -luan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Reimer, Fred Sent: Tuesday, July 22, 2003 5:48 PM To: [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Wow, I hope you don't try that on your CCIE lab! Last I heard, bridging was not supported on tunnel interfaces. At least it's not on the 12.2(15)T5 running on a 2651XM router I just tested. If you find a (recent, supported) version of IOS that supports bridge-group in a tunnel interface please let me know. I think proxy ARP is more what is needed here, if we are talking about IP traffic. If not, then IOS should support the other protocol in the tunnel (it supports AppleTalk, Banyan VINES,CLNS, DECnet, IP, or IPX). If it's raw NetBIOS or SNA, then setup DLSW peers... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Luan Nguyen [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 22, 2003 4:20 PM To: [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Uhm. Never done this or heard of this before. I would just do something like: Interface LAN 1 Bridge-group 1 Interface tunnel 1 Source WAN Destination REMOTE_WAN Bridge-group 1 Since, concurrent routing and bridging makes it possible to both route and bridge a specific protocol on separate interfaces within a router, then WAN just route and LAN/Tunnel just bridge :) If that not work for you, then maybe
RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738]
Hello, Didn't mean anything - just some information in case you guys not just study but doing work for your company also. And like John said, I was curious to see if you could do broadcast over the tunnel since when talk about GRE, mostly it could implement multicast and not a mention of broadcast. There's no right or wrong - just information. Didn't mean to upset anyone Guess I am a bit different, I don't want to take the ccie lab any more :) too tired of that - just want to learn more about tech in general 12.2.15T5 is fine - we were using that T train anyway, just ran across some bugs that prompt us to go with 12.3.1. If you are in the vpn business, then this 12.3 code is quite good since it supports vam2 card...etc To me personally, those kind of questions sometime good - since those could be asked by the customers -luan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of John Neiberger Sent: Wednesday, July 23, 2003 1:46 AM To: [EMAIL PROTECTED] Subject: Re: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Fred, A few years ago this list was opened up to questions and discussions that aren't necessarily related to certification. In fact, discussions don't even have to be Cisco-related, although they usually are. You'll quite often see stuff like this around here, and many times people simply want to know if something can be done, not whether it's a good idea for it to be done. :-) I have my doubts that this could be configured in such a way as to be reliable and stable, but who knows. I even gave a suggestion earlier that I now think won't work. I'm too tired at the moment to try it out, though. John - Original Message - From: Reimer, Fred To: Sent: Tuesday, July 22, 2003 9:29 PM Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] 12.2(15)T5 is a recommended version for the IP v4 exploit, as far as I know, see (http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml). Are you suggesting that it is not appropriate? Do you recommend that we configure an unreleased and unsupported feature? I would not recommend that in a CCIE lab, as they are historically behind in IOS releases, and will not likely support a configuration in a 12.3 version specific command, as a valid solution since they are not even going to support 12.2 until this Fall... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Luan Nguyen [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 22, 2003 10:02 PM To: 'Reimer, Fred'; [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Uhm, Why don't you just put the command there and see what's going on. I don't mess with 12.2.15Tx any more since, FYI, it has a bug with EIGRP stub connected - forgot the bugID, but if you have a spoke with that command, the hub won't withdraw routes even if the hub doesn't have that route any longer. Okay, to the main topic - I run 12.3.1 on a 7206VXR and I could configure bridge-group on the tunnel interface. interface Tunnel10 bandwidth 1500 ip unnumbered Loopback1 ip mtu 1440 ip hello-interval eigrp 2002 10 ip hold-time eigrp 2002 40 keepalive 10 4 tunnel source 172.16.1.140 tunnel destination 172.16.3.144 bridge-group 1 bridge-group 1 spanning-disabled But it does say this : CS140(config-if)#bridge-group 1 % This command is an unreleased and unsupported feature -luan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Reimer, Fred Sent: Tuesday, July 22, 2003 5:48 PM To: [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Wow, I hope you don't try that on your CCIE lab! Last I heard, bridging was not supported on tunnel interfaces. At least it's not on the 12.2(15)T5 running on a 2651XM router I just tested. If you find a (recent, supported) version of IOS that supports bridge-group in a tunnel interface please let me know. I think proxy ARP is more what is needed here, if we are talking about IP traffic. If not, then IOS should support the other protocol in the tunnel (it supports AppleTalk, Banyan VINES,CLNS, DECnet, IP, or IPX). If it's raw NetBIOS or SNA, then setup DLSW peers... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE
RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738]
Oops, I was typing bridge? And it wasn't showing up, so I assumed that it was not available in 12.2(15)T5. It appears that it is, but you have to type out the whole command. Still, I wouldn't use it. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Luan Nguyen [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 23, 2003 8:50 AM To: 'Reimer, Fred' Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Hello, I was just trying to suggest maybe put the command bridge-group there to see if 12.2.15T5 takes it or not - whether that will work...etc, is a different story - just for information - didn't mean it in the context of ccie lab -luan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Reimer, Fred Sent: Tuesday, July 22, 2003 11:30 PM To: [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] 12.2(15)T5 is a recommended version for the IP v4 exploit, as far as I know, see (http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml). Are you suggesting that it is not appropriate? Do you recommend that we configure an unreleased and unsupported feature? I would not recommend that in a CCIE lab, as they are historically behind in IOS releases, and will not likely support a configuration in a 12.3 version specific command, as a valid solution since they are not even going to support 12.2 until this Fall... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Luan Nguyen [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 22, 2003 10:02 PM To: 'Reimer, Fred'; [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Uhm, Why don't you just put the command there and see what's going on. I don't mess with 12.2.15Tx any more since, FYI, it has a bug with EIGRP stub connected - forgot the bugID, but if you have a spoke with that command, the hub won't withdraw routes even if the hub doesn't have that route any longer. Okay, to the main topic - I run 12.3.1 on a 7206VXR and I could configure bridge-group on the tunnel interface. interface Tunnel10 bandwidth 1500 ip unnumbered Loopback1 ip mtu 1440 ip hello-interval eigrp 2002 10 ip hold-time eigrp 2002 40 keepalive 10 4 tunnel source 172.16.1.140 tunnel destination 172.16.3.144 bridge-group 1 bridge-group 1 spanning-disabled But it does say this : CS140(config-if)#bridge-group 1 % This command is an unreleased and unsupported feature -luan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Reimer, Fred Sent: Tuesday, July 22, 2003 5:48 PM To: [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Wow, I hope you don't try that on your CCIE lab! Last I heard, bridging was not supported on tunnel interfaces. At least it's not on the 12.2(15)T5 running on a 2651XM router I just tested. If you find a (recent, supported) version of IOS that supports bridge-group in a tunnel interface please let me know. I think proxy ARP is more what is needed here, if we are talking about IP traffic. If not, then IOS should support the other protocol in the tunnel (it supports AppleTalk, Banyan VINES,CLNS, DECnet, IP, or IPX). If it's raw NetBIOS or SNA, then setup DLSW peers... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer
RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738]
Ah O.K. My apologies then. It slipped my mind that there is a separate group for the CCIE lab and that this was more of a general group. Sorry for the inappropriate post. The question is still out there though, although it may me possible to configure a bridge-group on a tunnel interface in 12.3.1, would anyone recommend it? Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: John Neiberger [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 23, 2003 1:46 AM To: [EMAIL PROTECTED] Subject: Re: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Fred, A few years ago this list was opened up to questions and discussions that aren't necessarily related to certification. In fact, discussions don't even have to be Cisco-related, although they usually are. You'll quite often see stuff like this around here, and many times people simply want to know if something can be done, not whether it's a good idea for it to be done. :-) I have my doubts that this could be configured in such a way as to be reliable and stable, but who knows. I even gave a suggestion earlier that I now think won't work. I'm too tired at the moment to try it out, though. John - Original Message - From: Reimer, Fred To: Sent: Tuesday, July 22, 2003 9:29 PM Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] 12.2(15)T5 is a recommended version for the IP v4 exploit, as far as I know, see (http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml). Are you suggesting that it is not appropriate? Do you recommend that we configure an unreleased and unsupported feature? I would not recommend that in a CCIE lab, as they are historically behind in IOS releases, and will not likely support a configuration in a 12.3 version specific command, as a valid solution since they are not even going to support 12.2 until this Fall... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Luan Nguyen [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 22, 2003 10:02 PM To: 'Reimer, Fred'; [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Uhm, Why don't you just put the command there and see what's going on. I don't mess with 12.2.15Tx any more since, FYI, it has a bug with EIGRP stub connected - forgot the bugID, but if you have a spoke with that command, the hub won't withdraw routes even if the hub doesn't have that route any longer. Okay, to the main topic - I run 12.3.1 on a 7206VXR and I could configure bridge-group on the tunnel interface. interface Tunnel10 bandwidth 1500 ip unnumbered Loopback1 ip mtu 1440 ip hello-interval eigrp 2002 10 ip hold-time eigrp 2002 40 keepalive 10 4 tunnel source 172.16.1.140 tunnel destination 172.16.3.144 bridge-group 1 bridge-group 1 spanning-disabled But it does say this : CS140(config-if)#bridge-group 1 % This command is an unreleased and unsupported feature -luan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Reimer, Fred Sent: Tuesday, July 22, 2003 5:48 PM To: [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Wow, I hope you don't try that on your CCIE lab! Last I heard, bridging was not supported on tunnel interfaces. At least it's not on the 12.2(15)T5 running on a 2651XM router I just tested. If you find a (recent, supported) version of IOS that supports bridge-group in a tunnel interface please let me know. I think proxy ARP is more what is needed here, if we are talking about IP traffic. If not, then IOS should support the other protocol in the tunnel (it supports AppleTalk, Banyan VINES,CLNS, DECnet, IP, or IPX). If it's raw NetBIOS or SNA, then setup DLSW peers... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847
RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738]
Uhm, Why don't you just put the command there and see what's going on. I don't mess with 12.2.15Tx any more since, FYI, it has a bug with EIGRP stub connected - forgot the bugID, but if you have a spoke with that command, the hub won't withdraw routes even if the hub doesn't have that route any longer. Okay, to the main topic - I run 12.3.1 on a 7206VXR and I could configure bridge-group on the tunnel interface. interface Tunnel10 bandwidth 1500 ip unnumbered Loopback1 ip mtu 1440 ip hello-interval eigrp 2002 10 ip hold-time eigrp 2002 40 keepalive 10 4 tunnel source 172.16.1.140 tunnel destination 172.16.3.144 bridge-group 1 bridge-group 1 spanning-disabled But it does say this : CS140(config-if)#bridge-group 1 % This command is an unreleased and unsupported feature -luan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Reimer, Fred Sent: Tuesday, July 22, 2003 5:48 PM To: [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Wow, I hope you don't try that on your CCIE lab! Last I heard, bridging was not supported on tunnel interfaces. At least it's not on the 12.2(15)T5 running on a 2651XM router I just tested. If you find a (recent, supported) version of IOS that supports bridge-group in a tunnel interface please let me know. I think proxy ARP is more what is needed here, if we are talking about IP traffic. If not, then IOS should support the other protocol in the tunnel (it supports AppleTalk, Banyan VINES,CLNS, DECnet, IP, or IPX). If it's raw NetBIOS or SNA, then setup DLSW peers... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Luan Nguyen [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 22, 2003 4:20 PM To: [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Uhm. Never done this or heard of this before. I would just do something like: Interface LAN 1 Bridge-group 1 Interface tunnel 1 Source WAN Destination REMOTE_WAN Bridge-group 1 Since, concurrent routing and bridging makes it possible to both route and bridge a specific protocol on separate interfaces within a router, then WAN just route and LAN/Tunnel just bridge :) If that not work for you, then maybe try intergrated routing and bridging - create a BVI and source the tunnel from that interface. -luan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 22, 2003 1:34 PM To: [EMAIL PROTECTED] Subject: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Hello, A question barely came up to mind: Would it be possible to join a broadcast domain, not by means of a LAN switch but from one remote router to another, using GRE Tunnels? Since I haven't done it before, I kind of thought that it'll be possible. For instance, having: R1eth0(no ip address)--GRE TUNNEL-Ser0--CLOUD--GRE_TUNN--Ser1---R2eth0(no ip address) , where arp packets may flow from R1 to R2 via this GRE Tunnel. Under this scenario and simply put, can R1'sLAN be also part of R2'sLAN? If it's possible, how could the config be like? Best regards, Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72805t=72738 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738]
Yep, I would agree with Fred unless I tested it thoroughly. This may be one of those situations where it might seem to work but I wouldn't trust it in production. If it's simply an intellectual exercise it would be interesting to mock it up and see what happens when user traffic actually starts to cross the network. However, if this is for a production environment--or even for lab study--I don't know that I'd spend much time on it. Find a different way to do it! :-) John Reimer, Fred 7/23/03 7:48:37 AM Oops, I was typing bridge? And it wasn't showing up, so I assumed that it was not available in 12.2(15)T5. It appears that it is, but you have to type out the whole command. Still, I wouldn't use it. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Luan Nguyen [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 23, 2003 8:50 AM To: 'Reimer, Fred' Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Hello, I was just trying to suggest maybe put the command bridge-group there to see if 12.2.15T5 takes it or not - whether that will work...etc, is a different story - just for information - didn't mean it in the context of ccie lab -luan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Reimer, Fred Sent: Tuesday, July 22, 2003 11:30 PM To: [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] 12.2(15)T5 is a recommended version for the IP v4 exploit, as far as I know, see (http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml). Are you suggesting that it is not appropriate? Do you recommend that we configure an unreleased and unsupported feature? I would not recommend that in a CCIE lab, as they are historically behind in IOS releases, and will not likely support a configuration in a 12.3 version specific command, as a valid solution since they are not even going to support 12.2 until this Fall... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Luan Nguyen [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 22, 2003 10:02 PM To: 'Reimer, Fred'; [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Uhm, Why don't you just put the command there and see what's going on. I don't mess with 12.2.15Tx any more since, FYI, it has a bug with EIGRP stub connected - forgot the bugID, but if you have a spoke with that command, the hub won't withdraw routes even if the hub doesn't have that route any longer. Okay, to the main topic - I run 12.3.1 on a 7206VXR and I could configure bridge-group on the tunnel interface. interface Tunnel10 bandwidth 1500 ip unnumbered Loopback1 ip mtu 1440 ip hello-interval eigrp 2002 10 ip hold-time eigrp 2002 40 keepalive 10 4 tunnel source 172.16.1.140 tunnel destination 172.16.3.144 bridge-group 1 bridge-group 1 spanning-disabled But it does say this : CS140(config-if)#bridge-group 1 % This command is an unreleased and unsupported feature -luan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Reimer, Fred Sent: Tuesday, July 22, 2003 5:48 PM To: [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Wow, I hope you don't try that on your CCIE lab! Last I heard, bridging was not supported on tunnel interfaces. At least it's not on the 12.2(15)T5 running on a 2651XM router I just tested. If you find a (recent, supported) version of IOS that supports bridge-group in a tunnel interface please let me know. I think proxy ARP is more what is needed here, if we are talking about IP traffic. If not, then IOS should support the other protocol in the tunnel (it supports AppleTalk, Banyan VINES,CLNS, DECnet, IP, or IPX). If it's raw NetBIOS or SNA, then setup DLSW peers... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA
RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738]
When I first triggered this question, certainly I took advantage of having a forum full of creative techie people. Why would I need to bridge 2 LANs, separated from a couple of routers or so, using a tunnel? Well, that question, indeed, came from one of our customers, and then my coming to think of ...why not. Like some guys said, if GRE tunnels can transport multicast traffic, why not broadcast traffic? I'll try out some guidelines you guys wrote earlier, like using IRB and so. I would like to think that this forum was created not only for asking certification questions but also for learning. I strongly believe that what technology can't do now, will do tomorrow. Best regards, Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72801t=72738 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: GRE TUNNEL/Ethernet-broadcast-like? [7:72738]
I don't have any routers on line at the moment, but you can bridge across any interface, physical or virtual, so far as I know. I have a customer network bridging over RLAN ( ATM host, DSL spokes ) working fine except once in a while the customer has to reload the host router because connectivity is mysteriously lost. Like about once every 14 months or so. clearing the cache does not help. restarting the interfaces does not help. only a reload does it. in defense of the design, the customer did not want to renumber when we upgraded from an ISDN dial up network to an RLAN John Neiberger wrote in message news:[EMAIL PROTECTED] Yep, I would agree with Fred unless I tested it thoroughly. This may be one of those situations where it might seem to work but I wouldn't trust it in production. If it's simply an intellectual exercise it would be interesting to mock it up and see what happens when user traffic actually starts to cross the network. However, if this is for a production environment--or even for lab study--I don't know that I'd spend much time on it. Find a different way to do it! :-) John Reimer, Fred 7/23/03 7:48:37 AM Oops, I was typing bridge? And it wasn't showing up, so I assumed that it was not available in 12.2(15)T5. It appears that it is, but you have to type out the whole command. Still, I wouldn't use it. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Luan Nguyen [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 23, 2003 8:50 AM To: 'Reimer, Fred' Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Hello, I was just trying to suggest maybe put the command bridge-group there to see if 12.2.15T5 takes it or not - whether that will work...etc, is a different story - just for information - didn't mean it in the context of ccie lab -luan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Reimer, Fred Sent: Tuesday, July 22, 2003 11:30 PM To: [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] 12.2(15)T5 is a recommended version for the IP v4 exploit, as far as I know, see (http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml). Are you suggesting that it is not appropriate? Do you recommend that we configure an unreleased and unsupported feature? I would not recommend that in a CCIE lab, as they are historically behind in IOS releases, and will not likely support a configuration in a 12.3 version specific command, as a valid solution since they are not even going to support 12.2 until this Fall... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Luan Nguyen [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 22, 2003 10:02 PM To: 'Reimer, Fred'; [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Uhm, Why don't you just put the command there and see what's going on. I don't mess with 12.2.15Tx any more since, FYI, it has a bug with EIGRP stub connected - forgot the bugID, but if you have a spoke with that command, the hub won't withdraw routes even if the hub doesn't have that route any longer. Okay, to the main topic - I run 12.3.1 on a 7206VXR and I could configure bridge-group on the tunnel interface. interface Tunnel10 bandwidth 1500 ip unnumbered Loopback1 ip mtu 1440 ip hello-interval eigrp 2002 10 ip hold-time eigrp 2002 40 keepalive 10 4 tunnel source 172.16.1.140 tunnel destination 172.16.3.144 bridge-group 1 bridge-group 1 spanning-disabled But it does say this : CS140(config-if)#bridge-group 1 % This command is an unreleased and unsupported feature -luan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Reimer, Fred Sent: Tuesday, July 22, 2003 5:48 PM To: [EMAIL PROTECTED
Re: GRE TUNNEL/Ethernet-broadcast-like? [7:72738]
Ricardo J Castaneda 7/22/03 12:18:17 PM Hello, A question barely came up to mind: Would it be possible to join a broadcast domain, not by means of a LAN switch but from one remote router to another, using GRE Tunnels? Since I haven't done it before, I kind of thought that it'll be possible. For instance, having: R1eth0(no ip address)--GRE TUNNEL-Ser0--CLOUD--GRE_TUNN--Ser1---R2eth0(no ip address) , where arp packets may flow from R1 to R2 via this GRE Tunnel. Under this scenario and simply put, can R1'sLAN be also part of R2'sLAN? If it's possible, how could the config be like? Best regards, It's been a while since I played with configs like this but I believe you could configure Integrated Routing and Bridging first, and then one each end of the connection you bridge the ethernet traffic to the tunnel. HTH, John Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72741t=72738 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738]
Ricardo J Castaneda wrote: Hello, A question barely came up to mind: Would it be possible to join a broadcast domain, not by means of a LAN switch but from one remote router to another, using GRE Tunnels? Why not just disable routing and enable bridging? That would be easier. :-) Since I haven't done it before, I kind of thought that it'll be possible. For instance, having: R1eth0(no ip address)--GRE TUNNEL-Ser0--CLOUD--GRE_TUNN--Ser1---R2eth0(no ip address) , where arp packets may flow from R1 to R2 via this GRE Tunnel. I don't think just because the tunnel doesn't have IP addresses that will make it part of the same LAN and cause broadcast packets to flow across it. I can't say for sure though. Anyone else? Priscilla Under this scenario and simply put, can R1'sLAN be also part of R2'sLAN? If it's possible, how could the config be like? Best regards, Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72744t=72738 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738]
Uhm. Never done this or heard of this before. I would just do something like: Interface LAN 1 Bridge-group 1 Interface tunnel 1 Source WAN Destination REMOTE_WAN Bridge-group 1 Since, concurrent routing and bridging makes it possible to both route and bridge a specific protocol on separate interfaces within a router, then WAN just route and LAN/Tunnel just bridge :) If that not work for you, then maybe try intergrated routing and bridging - create a BVI and source the tunnel from that interface. -luan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 22, 2003 1:34 PM To: [EMAIL PROTECTED] Subject: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Hello, A question barely came up to mind: Would it be possible to join a broadcast domain, not by means of a LAN switch but from one remote router to another, using GRE Tunnels? Since I haven't done it before, I kind of thought that it'll be possible. For instance, having: R1eth0(no ip address)--GRE TUNNEL-Ser0--CLOUD--GRE_TUNN--Ser1---R2eth0(no ip address) , where arp packets may flow from R1 to R2 via this GRE Tunnel. Under this scenario and simply put, can R1'sLAN be also part of R2'sLAN? If it's possible, how could the config be like? Best regards, Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72745t=72738 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738]
Wow, I hope you don't try that on your CCIE lab! Last I heard, bridging was not supported on tunnel interfaces. At least it's not on the 12.2(15)T5 running on a 2651XM router I just tested. If you find a (recent, supported) version of IOS that supports bridge-group in a tunnel interface please let me know. I think proxy ARP is more what is needed here, if we are talking about IP traffic. If not, then IOS should support the other protocol in the tunnel (it supports AppleTalk, Banyan VINES,CLNS, DECnet, IP, or IPX). If it's raw NetBIOS or SNA, then setup DLSW peers... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Luan Nguyen [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 22, 2003 4:20 PM To: [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Uhm. Never done this or heard of this before. I would just do something like: Interface LAN 1 Bridge-group 1 Interface tunnel 1 Source WAN Destination REMOTE_WAN Bridge-group 1 Since, concurrent routing and bridging makes it possible to both route and bridge a specific protocol on separate interfaces within a router, then WAN just route and LAN/Tunnel just bridge :) If that not work for you, then maybe try intergrated routing and bridging - create a BVI and source the tunnel from that interface. -luan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 22, 2003 1:34 PM To: [EMAIL PROTECTED] Subject: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Hello, A question barely came up to mind: Would it be possible to join a broadcast domain, not by means of a LAN switch but from one remote router to another, using GRE Tunnels? Since I haven't done it before, I kind of thought that it'll be possible. For instance, having: R1eth0(no ip address)--GRE TUNNEL-Ser0--CLOUD--GRE_TUNN--Ser1---R2eth0(no ip address) , where arp packets may flow from R1 to R2 via this GRE Tunnel. Under this scenario and simply put, can R1'sLAN be also part of R2'sLAN? If it's possible, how could the config be like? Best regards, Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72750t=72738 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738]
The client may not have control over the cloud in the center, and the cloud may only support TCP/IP. The only solution would be to properly route the supported protocol in the tunnel interface (Tunnel interfaces support AppleTalk, Banyan VINES, CLNS, DECnet, IP, or IPX), or use DLSW if SNA and/or raw NetBIOS traffic is required. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 22, 2003 3:34 PM To: [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Ricardo J Castaneda wrote: Hello, A question barely came up to mind: Would it be possible to join a broadcast domain, not by means of a LAN switch but from one remote router to another, using GRE Tunnels? Why not just disable routing and enable bridging? That would be easier. :-) Since I haven't done it before, I kind of thought that it'll be possible. For instance, having: R1eth0(no ip address)--GRE TUNNEL-Ser0--CLOUD--GRE_TUNN--Ser1---R2eth0(no ip address) , where arp packets may flow from R1 to R2 via this GRE Tunnel. I don't think just because the tunnel doesn't have IP addresses that will make it part of the same LAN and cause broadcast packets to flow across it. I can't say for sure though. Anyone else? Priscilla Under this scenario and simply put, can R1'sLAN be also part of R2'sLAN? If it's possible, how could the config be like? Best regards, Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72751t=72738 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738]
Uhm, Why don't you just put the command there and see what's going on. I don't mess with 12.2.15Tx any more since, FYI, it has a bug with EIGRP stub connected - forgot the bugID, but if you have a spoke with that command, the hub won't withdraw routes even if the hub doesn't have that route any longer. Okay, to the main topic - I run 12.3.1 on a 7206VXR and I could configure bridge-group on the tunnel interface. interface Tunnel10 bandwidth 1500 ip unnumbered Loopback1 ip mtu 1440 ip hello-interval eigrp 2002 10 ip hold-time eigrp 2002 40 keepalive 10 4 tunnel source 172.16.1.140 tunnel destination 172.16.3.144 bridge-group 1 bridge-group 1 spanning-disabled But it does say this : CS140(config-if)#bridge-group 1 % This command is an unreleased and unsupported feature -luan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Reimer, Fred Sent: Tuesday, July 22, 2003 5:48 PM To: [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Wow, I hope you don't try that on your CCIE lab! Last I heard, bridging was not supported on tunnel interfaces. At least it's not on the 12.2(15)T5 running on a 2651XM router I just tested. If you find a (recent, supported) version of IOS that supports bridge-group in a tunnel interface please let me know. I think proxy ARP is more what is needed here, if we are talking about IP traffic. If not, then IOS should support the other protocol in the tunnel (it supports AppleTalk, Banyan VINES,CLNS, DECnet, IP, or IPX). If it's raw NetBIOS or SNA, then setup DLSW peers... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Luan Nguyen [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 22, 2003 4:20 PM To: [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Uhm. Never done this or heard of this before. I would just do something like: Interface LAN 1 Bridge-group 1 Interface tunnel 1 Source WAN Destination REMOTE_WAN Bridge-group 1 Since, concurrent routing and bridging makes it possible to both route and bridge a specific protocol on separate interfaces within a router, then WAN just route and LAN/Tunnel just bridge :) If that not work for you, then maybe try intergrated routing and bridging - create a BVI and source the tunnel from that interface. -luan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 22, 2003 1:34 PM To: [EMAIL PROTECTED] Subject: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Hello, A question barely came up to mind: Would it be possible to join a broadcast domain, not by means of a LAN switch but from one remote router to another, using GRE Tunnels? Since I haven't done it before, I kind of thought that it'll be possible. For instance, having: R1eth0(no ip address)--GRE TUNNEL-Ser0--CLOUD--GRE_TUNN--Ser1---R2eth0(no ip address) , where arp packets may flow from R1 to R2 via this GRE Tunnel. Under this scenario and simply put, can R1'sLAN be also part of R2'sLAN? If it's possible, how could the config be like? Best regards, Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72762t=72738 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738]
Let me set the record straight. My only goal here is to prepare and succeed in passing the Cisco CCIE written and lab exams. I know that there are features and options that are available in certain versions of IOS, and those options can be, and are likely un-useful, to CCIE candidates. However, it should be the focus of this group to understand and comprehend the specific feature available in the IOS releases that are used in the written and lab exams. It makes no sense, and in a certain view is detrimental, to bring up features that are only available in versions of IOS that will not be used in the testing criteria. If there have been any features that are available in the exams that I incorrectly misrepresented, then please correct me. I will be taking the written and lab exams in the near future, and would definitely benefit from the feedback of this group. I don't think it is useful to inject features that are available in IOS versions that will not be used in the testing into this discussion. Again, correct me if I'm wrong. I'm new to this group, so this may be out of line... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Reimer, Fred Sent: Tuesday, July 22, 2003 11:30 PM To: Luan Nguyen; 'Reimer, Fred'; [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] 12.2(15)T5 is a recommended version for the IP v4 exploit, as far as I know, see (http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml). Are you suggesting that it is not appropriate? Do you recommend that we configure an unreleased and unsupported feature? I would not recommend that in a CCIE lab, as they are historically behind in IOS releases, and will not likely support a configuration in a 12.3 version specific command, as a valid solution since they are not even going to support 12.2 until this Fall... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Luan Nguyen [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 22, 2003 10:02 PM To: 'Reimer, Fred'; [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Uhm, Why don't you just put the command there and see what's going on. I don't mess with 12.2.15Tx any more since, FYI, it has a bug with EIGRP stub connected - forgot the bugID, but if you have a spoke with that command, the hub won't withdraw routes even if the hub doesn't have that route any longer. Okay, to the main topic - I run 12.3.1 on a 7206VXR and I could configure bridge-group on the tunnel interface. interface Tunnel10 bandwidth 1500 ip unnumbered Loopback1 ip mtu 1440 ip hello-interval eigrp 2002 10 ip hold-time eigrp 2002 40 keepalive 10 4 tunnel source 172.16.1.140 tunnel destination 172.16.3.144 bridge-group 1 bridge-group 1 spanning-disabled But it does say this : CS140(config-if)#bridge-group 1 % This command is an unreleased and unsupported feature -luan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Reimer, Fred Sent: Tuesday, July 22, 2003 5:48 PM To: [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Wow, I hope you don't try that on your CCIE lab! Last I heard, bridging was not supported on tunnel interfaces. At least it's not on the 12.2(15)T5 running on a 2651XM router I just tested. If you find a (recent, supported) version of IOS that supports bridge-group in a tunnel interface please let me know. I think proxy ARP is more what is needed here, if we are talking about IP traffic. If not, then IOS should support the other protocol in the tunnel (it supports AppleTalk, Banyan VINES,CLNS, DECnet, IP, or IPX). If it's raw NetBIOS or SNA, then setup DLSW peers... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050
RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738]
12.2(15)T5 is a recommended version for the IP v4 exploit, as far as I know, see (http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml). Are you suggesting that it is not appropriate? Do you recommend that we configure an unreleased and unsupported feature? I would not recommend that in a CCIE lab, as they are historically behind in IOS releases, and will not likely support a configuration in a 12.3 version specific command, as a valid solution since they are not even going to support 12.2 until this Fall... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Luan Nguyen [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 22, 2003 10:02 PM To: 'Reimer, Fred'; [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Uhm, Why don't you just put the command there and see what's going on. I don't mess with 12.2.15Tx any more since, FYI, it has a bug with EIGRP stub connected - forgot the bugID, but if you have a spoke with that command, the hub won't withdraw routes even if the hub doesn't have that route any longer. Okay, to the main topic - I run 12.3.1 on a 7206VXR and I could configure bridge-group on the tunnel interface. interface Tunnel10 bandwidth 1500 ip unnumbered Loopback1 ip mtu 1440 ip hello-interval eigrp 2002 10 ip hold-time eigrp 2002 40 keepalive 10 4 tunnel source 172.16.1.140 tunnel destination 172.16.3.144 bridge-group 1 bridge-group 1 spanning-disabled But it does say this : CS140(config-if)#bridge-group 1 % This command is an unreleased and unsupported feature -luan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Reimer, Fred Sent: Tuesday, July 22, 2003 5:48 PM To: [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Wow, I hope you don't try that on your CCIE lab! Last I heard, bridging was not supported on tunnel interfaces. At least it's not on the 12.2(15)T5 running on a 2651XM router I just tested. If you find a (recent, supported) version of IOS that supports bridge-group in a tunnel interface please let me know. I think proxy ARP is more what is needed here, if we are talking about IP traffic. If not, then IOS should support the other protocol in the tunnel (it supports AppleTalk, Banyan VINES,CLNS, DECnet, IP, or IPX). If it's raw NetBIOS or SNA, then setup DLSW peers... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Luan Nguyen [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 22, 2003 4:20 PM To: [EMAIL PROTECTED] Subject: RE: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Uhm. Never done this or heard of this before. I would just do something like: Interface LAN 1 Bridge-group 1 Interface tunnel 1 Source WAN Destination REMOTE_WAN Bridge-group 1 Since, concurrent routing and bridging makes it possible to both route and bridge a specific protocol on separate interfaces within a router, then WAN just route and LAN/Tunnel just bridge :) If that not work for you, then maybe try intergrated routing and bridging - create a BVI and source the tunnel from that interface. -luan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 22, 2003 1:34 PM To: [EMAIL PROTECTED] Subject: GRE TUNNEL/Ethernet-broadcast-like? [7:72738] Hello, A question barely came up to mind: Would it be possible to join a broadcast domain, not by means of a LAN switch but from one remote router to another, using GRE Tunnels? Since I haven't done it before, I kind of thought that it'll be possible. For instance, having: R1eth0(no ip address)--GRE TUNNEL-Ser0--CLOUD--GRE_TUNN--Ser1---R2eth0(no ip address) , where arp packets may flow from R1 to R2 via this GRE Tunnel. Under this scenario and simply put, can R1'sLAN be also part of R2'sLAN? If it's possible, how could the config be like? Best
