Cisco WAN :: 3845 Creating GRE Tunnels On Glbp Enabled Router
Jul 18, 2012
Which is the best way of creating GRE Tunnels on a GLBP enabled router? I actually have two 3845 with GLBP configured as our gateway routers, and need to create gre tunnels to branches.The plan is to use the GLBP virtual IP as the Tunnel Source address and the branch WAN interface as the tunnel Destination address, how do i handle the Tunnel IP address? Do i create the same Tunnel on both gateway routers and have a glbp virtual IP address for the Tunnel Interface as well?
I have two routers at our core data center, a 3845 and a 3640. These are configured with GLBP. There are 4 remote sites:
Site #1: One T1 link to the 3825 Site #2: One T1 link to the 3825, and One T1 link to the 3640 Site #3: One T1 link to the 3825, and One T1 link to the 3640 Site #4: One fractional T1 link to the 3825, and One T1 link to the 3640.
My question regards site #4. If i understand correctly, GLBP works on the premise of "host" balancing, and not true "load" balancing. The reason I ask is that the large majority of our WAN traffic is from our Exchange server to our remote sites. In the case of site #4, our exchange server is sending traffic on the fractional T1. Is there any way with GLBP to either split this traffic from a particular host across two links in a round-robin fashion, but leave other hosts to travel wherever the router sends them, or, to force at least our exchange server to use the full T1, rather than the fractional?
I've read up on the weighting mechanism, and it appears that tracking an interface has nothing to do with bandwidth use. If I understand correctly, if I were to track the Site #4 PPP to the 3640, and give a weight of 10 to glbp on there, it would really only take affect if the interface is down. It will have nothing to do with host AVF election.For the record, exchange traffic is constant to this site, so there is no chance for the host connection to reset and potentially elect to use the larger pipe. I would like to "tweak" this to make better use of available bandwidth.
I have a 3845 enabled for CDP connected to a stack of 3750 switches. From the router, i dont see any CDP neighbors. From the switch, i can see the router as neighbor. Why isn't the switch showing as a neighbor from the router side? [code]
I have installed NM-1T3/E3 IN A CISCO 3845 WITH IOS c3845-advipservicesk9-mz.124-9.T3.bin AND 512 MB RAM .WHEN I ENABLE THE CARD THE CPU PROC HISTORY SHOWS 100% WHEN DISABLED IT COMES DOWN TO 10%
Slot 0: C3845 Mother board 1GE(TX,SFP),1GE(TX), integrated VPN and 4W Port adapter, 7 ports Port adapter is analyzed Slot 2: NM-1T3/E3 (clear/subrate) Port adapter, 1 port Port adapter is analyzed
We have 7200 router on which two links from different ISPs are terminated. Right now one link is primary and the second one is redundant.Now we have procured our own IPs and plan to run BGP with both the service provider. Can we configure GLBP on the router so that both the links can be simultaneously used and when one goes down the other takes the full load.
Is there any physical or technical diferrences between PWR-3845 AC/2 and PWR-3845 AC? We are trying to order replacement parts and wondering if PWR-3845 AC is for one power supply and AC/2 means you get two with one order?
Is there any physical or technical diferrences between PWR-3845 AC/2 and PWR-3845 AC? We are trying to order replacement parts and if PWR-3845 AC is for one power supply and AC/2 means you get two with one order.
I have 2*3825 routers configured with GLBP, but traffic is moving only with one router it only fallback on other router when the 1st router is isolated.
diagram: LAN=======>ASA(Routed mode with active-standby)======>one Cisco L2 switch========>2 *3825 Router
When trace route from LAN PC show that traffic is only taking via single router. LAN gateway is defined as ASA inside address and in ASA a default route pointed to GLBP address.
RTR1 config: ========== int g0/0 ip address 1.1.1.2 255.255.255.0 glbp 1 ip 1.1.1.1 glbp 1 preemt
RTR2 config: ========== int g0/0 ip address 1.1.1.3 255.255.255.0 glbp 1 ip 1.1.1.1 glbp 1 preemt
I have 2 nexus 7000's each currently running HSRP, All the SVI's are in 2 HSRP groups, my question is how many SVI's can be asocaited with 1 GLBP group? Does the Group have to be different for each VLAN? How many GLBP groups can be configured on the Nexus?
- Second question is about EIGRP, when I configure EIGRP on the main switch that is AVG with the following commands, will I also have to run the same commands on the second 4948 E too?
So I have 2 routers (cisco 3640) that each go to their own ISP and then back to the same switch. I have setup ospf and glbp, and now have pretty good redundancy. If either internet connection or routers go down everything is still golden.
So I was thinking that if an interface went down then the router would not be load balanced with glbp which got me thinking whats the best way to get interface redundancy (and I was going to add a 2nd switch with the second interface).
1) Setup BVI on the 2 interfaces. 2) Setup a 2nd interfaces (on each router), I would have to split the subnet, for instance: [code]then the machines could be on the subnet 192.168.0. 0/23 and setup glbp for 1 ip across all 4 interfaces (I'm not even sure if you can do this but think it would work). 3) Is there a way to utilize etherchannel or anything like this
A negative to option 2 would be that if 1 of the interfaces went down, all the sudden 2/3 (or so) of your traffic would be going through 1 router.
My current set up is 1 HQ router (2911 ISR) and 8 site offices with a non-Cisco router.Each site has an IPSEC tunnel back to the HQ router.All of the site routers have a dynamic external IP address.This set up has worked ok for now, but I would like to look at moving to GRE tunnels so traffic from the sites can be routed to each over.I have read up on the configuration and I can set up an IPSEC GRE Tunnel in test labs using a static IP address on the spokes however I have not been able to find any documentation on how to configure the HQ router to allow the tunnels from any IP address.I did try setting the tunnel destination to 0.0.0.0 on the HQ side but this does not work.
I am getting the following message from a 3945 router: %CERM-4-TX_BW_LIMIT: Maximum Tx Bandwidth limit of 85000 Kbps reached for Crypto functionality with securityk9 technology package license.
That router has 8 Gre/IPsec tunnels and one of those tunnels is 100Mbps.The question is, could I get 100Mbps as the sum of all tunnels, or is there a restriction to 85Mbps ??
I need to create multiple ip-sec vpn tunnels on A Cisco 837 ADSL Router. I am able to create one tunnel but the second connection is asking for the outside interface which is atm and already taken by the first tunnel. How can i create more tunnels?
Secondly, after creating the first tunnel i am able to access the remote lan network but when i tried tracert "remote lan ip of a pc" from my pc i got "request timed out" after passing my 837 but succeeded to reach the target. Does tracert needs something to be opened in the router?
Alrighty, a little misdirected here. been reading docs for a little while and experimenting around maybe someone can point me in the right direction, How to you create a Guest Network in IOS Zone Firewall. For some reason Cisco, while using the term DMZ, applies differently on their routers than it does on their ASA's. I know how to do this on ASA's all day long however on the router it is a little different story.
I am currently running a 2821 to terminate vpn links from all our branch offices over a WAN. I need to add a second interface in order to facilitate a move to a different WAN provider. seeing as the 2800 models are EOL I was looking for an upgrade. My local retailer wants to sell me the following:CISCO3925E-SEC/K9 IS Router 3925E security bundle SEC license pack,HWIC-2T 2 port serial WAN card,MEM-3900-1GU2GB Upgrade to 2GB 1,now my question is why can't i use the 2900 models in order to save some money?All I need is a router that will accept 2 different incoming WANs and the ability to create vpn tunnels over them..
I have been given a task, where I need to create a failover setup from a 1800 Cisco router to a LAN network 2 hobs away (see topology).The reason I have been given this task is because the wireless links are not so realiably, but necessary.I'm thinking of doing this failover task with IP SLA on the routers fiber 1 and fiber 2 link, so when/if one off the links goes down, it instantly chooses the other link.I have also been thinking about implementing STP instead, and replace the router with a switch, but i'm not sure exactly how to implement it. Unfortunately I'm not able to test anything, as we are still waiting for the fiber lines, but I want to be prepared as much as possible.
i have a cisco router 7206 ,when i create subinterface with ip , the router hangs , and all interfaces are down ,i just remove interface gi0/1 and plug it again, what is the relaiton between subinterfaces and hanging routers> the problem occurred when i configured sub-interface on GI0/2. [code]
I have an ASA 5505 at each of three locations. We have VPN tunnels set up between the three sites. I am currently using a single ISP to control the traffic between the sites. I am adding a new ISP to the mix. The goal is to have any internet traffic routed to ISP 2 and all internal traffic routed to ISP 1.The ASA does not do policy based routing (mostly because it is a firewall, not a router). I need to configure a router that will accept the output of the ASA and route it according to the above rule. All incoming routing will be done through ISP 1. Any suggestion on the device and the methodology to set it up? I am planning on doing this in each location.
