Login
- Table of Contents
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 04-Tunnel interface configuration | 114.37 KB |
Contents
Restrictions and guidelines: Tunnel interface configuration
Configuring a tunnel interface
Tunnel interface configuration tasks at a glance
Configuring parameters for tunneled packets
Specifying the tunnel destination VPN instance
Restoring the default settings of the tunnel interface
Specifying an output interface for tunneled packets
Enabling path MTU learning on a tunnel interface
Enabling tunnel traffic forwarding acceleration
Enabling dropping IPv6 packets that use IPv4-compatible IPv6 addresses
Assigning a VXLAN tunnel interface to a VXLAN tunnel group
Verifying and maintaining tunnel interface configuration
Displaying tunnel interface information
Clearing tunnel interface statistics
Troubleshooting tunnel interface configuration
Configuring tunnel interfaces
About tunnel interfaces
Tunneling encapsulates the packets of a network protocol within the packets of a second network protocol and transfers them over a virtual point-to-point connection. The virtual connection is called a tunnel. Packets are encapsulated at the tunnel source and de-encapsulated at the tunnel destination.
Configure a tunnel interface (Layer 3 virtual interface) at both ends of a tunnel. The devices use the tunnel interface to identify, process, and send packets for the tunnel.
Restrictions and guidelines: Tunnel interface configuration
For information about the description, bandwidth, and shutdown commands, see common interface commands in Interface Command Reference.
You do not need to use the ip address or ipv6 address command to configure an IPv4 or IPv6 address for an IPv4 VXLAN, IPv6 VXLAN, IPv4 VXLAN-DCI, or IPv6 VXLAN-DCI tunnel interface. For more information about the ip address and ipv6 address commands, see IP addressing commands and IPv6 basics commands in Layer 3—IP Services Command Reference, respectively.
Configuring a tunnel interface
Tunnel interface configuration tasks at a glance
To configure a tunnel interface, perform the following tasks:
1. Creating a tunnel interface
2. (Optional.) Configuring parameters for tunneled packets
3. (Optional.) Specifying the tunnel destination VPN instance
4. (Optional.) Restoring the default settings of the tunnel interface
5. (Optional.) Specifying an output interface for tunneled packets
6. (Optional.) Enabling path MTU learning on a tunnel interface
7. (Optional.) Assigning a VXLAN tunnel interface to a VXLAN tunnel group
Creating a tunnel interface
1. Enter system view.
system-view
2. Create a tunnel interface, specify the tunnel mode, and enter tunnel interface view.
interface tunnel number mode { gre [ ipv6 ] | ipv4-ipv4 | ipv6-ipv4 | mpls-te | { vxlan | vxlan-dci } [ ipv6 ] }
For packet tunneling to succeed, the two ends of a tunnel must use the same tunnel mode.
3. Configure a source address or source interface for the tunnel interface.
source { ipv4-address | ipv6-address | interface-type interface-number }
By default, no source address or source interface is configured for the tunnel interface.
If you specify a source address, it is used as the source address of tunneled packets.
If you specify a source interface, the primary IP address of this interface is used as the source IP address of tunneled packets.
4. Configure a destination address for the tunnel interface.
destination { ipv4-address | ipv6-address }
By default, no destination address is configured for the tunnel interface.
The tunnel destination address must be the IP address of the receiving interface on the tunnel peer. It is used as the destination IP address of tunneled packets.
5. (Optional.) Configure a description for the interface.
description text
By default, the description for a tunnel interface is Tunnel number Interface.
6. (Optional.) Set the MTU of the tunnel interface.
mtu size
The default settings are as follows:
¡ If the tunnel interface has never been up, the MTU is 64000 bytes.
¡ If the tunnel interface is up, its MTU is identical to the outgoing interface's MTU minus the length of the tunnel headers. The outgoing interface is automatically obtained through routing table lookup based on the tunnel destination address.
7. (Optional.) Set the expected bandwidth for the tunnel interface.
bandwidth bandwidth-value
The default expected bandwidth (in kbps) is the interface maximum rate divided by 1000.
The expected bandwidth is an informational parameter used only by higher-layer protocols for calculation. You cannot adjust the actual bandwidth of an interface by using this command.
8. Bring up the tunnel interface.
undo shutdown
By default, a tunnel interface is not administratively down.
Configuring parameters for tunneled packets
1. Enter system view.
system-view
2. Enter tunnel interface view.
interface tunnel number
3. Set the ToS for tunneled packets.
tunnel tos tos-value
The default setting is the same as the ToS of the original packets.
4. Set the TTL for tunneled packets.
tunnel ttl ttl-value
The default TTL for tunneled packets is 255.
5. Set the DF bit for tunneled packets.
tunnel dfbit enable
By default, the DF bit is not set for tunneled packets.
Specifying the tunnel destination VPN instance
Restrictions and guidelines
For a tunnel interface to come up, the tunnel source and destination must belong to the same VPN instance. To specify a VPN instance for the tunnel source, use the ip binding vpn-instance command on the tunnel source interface. For more information about this command, see MPLS L3VPN in MPLS Command Reference.
Procedure
1. Enter system view.
system-view
2. Enter tunnel interface view.
interface tunnel number
3. Specify the VPN instance to which the tunnel destination belongs.
tunnel vpn-instance vpn-instance-name
By default, the tunnel destination belongs to the public network.
Restoring the default settings of the tunnel interface
Restrictions and guidelines
|
|
CAUTION: This operation might interrupt ongoing network services. Make sure you are fully aware of the impact of this operation when you perform it on a live network. |
This operation might fail to restore the default settings for some commands for reasons such as command dependencies or system restrictions. Use the display this command in interface view to identify these commands. Use their undo forms or follow the command reference to restore their default settings. If your restoration attempt still fails, follow the error message instructions to resolve the problem.
For more information about the default command, see common interface commands in Interface Command Reference.
Procedure
1. Enter system view.
system-view
2. Enter tunnel interface view.
interface tunnel number
3. Restore the default settings of the tunnel interface.
default
Specifying an output interface for tunneled packets
About this task
If ECMP routes exist, the device randomly selects an output interface to forward tunneled packets. To forward tunneled packets over a specific path, perform this task to specify the output interface for the tunneled packets.
Restrictions and guidelines
To ensure successful packet forwarding, the specified output interface must meet the following requirements:
· The interface is up.
· The interface has an IP address.
· The interface has a route to reach the destination.
This feature is applicable only to VXLAN-DCI over IPv4 tunnel interfaces.
Procedure
1. Enter system view.
system-view
2. Enter tunnel interface view.
interface tunnel number
3. Specify an output interface for tunneled packets.
tunnel out-interface interface-type interface-number
By default, no output interface is specified for tunneled packets. If ECMP routes exist, the device randomly selects an output interface to forward tunneled packets.
Enabling path MTU learning on a tunnel interface
About this task
If the size of a tunneled packet exceeds the MTU of an interface in the tunnel path, the packet will be discarded. With the path MTU learning feature, the tunnel source can adjust the MTU of the tunnel interface according to the MTU information in received ICMP destination unreachable messages. After MTU adjustment, the tunnel source will resend the oversized tunneled packets, improving the forwarding reliability of tunnel packets.
Restrictions and guidelines
The tunnel path-mtu enable command is supported only on VXLAN over IPv4 and VXLAN-DCI over IPv4 tunnel interfaces.
Procedure
1. Enter system view.
system-view
2. Enter tunnel interface view.
interface tunnel number
3. Enable path MTU learning on the tunnel interface.
tunnel path-mtu enable
By default, path MTU learning is disabled on a tunnel interface.
Enabling tunnel traffic forwarding acceleration
About this task
Enable tunnel traffic forwarding acceleration to accelerate the forwarding of tunneled packets when the LB service is not deployed.
Procedure
1. Enter system view.
system-view
2. Enable tunnel traffic forwarding acceleration.
tunnel accelerate
By default, tunnel traffic forwarding acceleration is disabled.
Enabling dropping IPv6 packets that use IPv4-compatible IPv6 addresses
1. Enter system view.
system-view
2. Enable dropping IPv6 packets that use IPv4-compatible IPv6 addresses.
tunnel discard ipv4-compatible-packet
By default, IPv6 packets that use IPv4-compatible IPv6 addresses are not dropped.
Assigning a VXLAN tunnel interface to a VXLAN tunnel group
About this task
This feature assigns a VXLAN tunnel interface to a VXLAN tunnel group. A VXLAN tunnel group contains one or multiple VXLAN tunnel interfaces on the same device.
Use this feature in conjunction with the traffic redirection feature to load share traffic among multiple VXLAN tunnels in a VXLAN tunnel group. For more information about traffic redirection, see QoS in ACL and QoS Command Reference.
Restrictions and guidelines
A VXLAN tunnel interface can be assigned only to one VXLAN tunnel group. To assign the VXLAN tunnel interface to another VXLAN tunnel group, first remove the VXLAN tunnel interface from the original group by using the undo group command.
A VXLAN tunnel group can contain a maximum of 32 VXLAN tunnel interfaces.
Procedure
1. Enter system view.
system-view
2. Enter VXLAN tunnel interface view.
interface tunnel number [ mode vxlan ]
3. Assign the VXLAN tunnel interface to a VXLAN tunnel group.
group group-id
By default, a VXLAN tunnel interface is not assigned to any VXLAN tunnel group.
Verifying and maintaining tunnel interface configuration
Displaying tunnel interface information
Perform display tasks in any view.
· Display tunnel interface information.
display tunnel-interface [ number ]
· Display information about tunnel interfaces.
display interface [ tunnel [ number ] ] [ brief [ description | down ] ]
· Display IPv6 information on tunnel interfaces.
display ipv6 interface [ tunnel [ number ] ] [ brief ]
For more information about this command, see IPv6 basics commands in Layer 3—IP Services Command Reference.
Clearing tunnel interface statistics
Perform clear tasks in user view.
· Clear statistics on tunnel interfaces.
reset counters interface [ tunnel [ number ] ]
For more information about this command, see common interface commands in Interface Command Reference.
· Clear IPv6 statistics on tunnel interfaces.
reset ipv6 statistics [ slot slot-number ]
For more information about this command, see IPv6 basics commands in Layer 3—IP Services Command Reference.
Troubleshooting tunnel interface configuration
Tunnel interface not up
Symptom
A tunnel interface configured with related parameters such as tunnel source address, tunnel destination address, and tunnel mode cannot come up.
Analysis
The physical interface of the tunnel does not come up, or the tunnel destination is unreachable.
Solution
1. To resolve the issue:
¡ Use the display interface command to verify that the physical interface of the tunnel is up. If the physical interface is down, check the network connection.
¡ Use the display ip routing-table command to verify that the tunnel destination is reachable. If the route is not available, configure a route to reach the tunnel destination.
2. If the issue persists, contact H3C Support.
