GRE support with other features
This section describes how GRE tunnels may aect other features on FSX, FCX, and ICX6610 devices.
Support for ECMP for routes through a GRE tunnel
Equal-Cost Multi-Path (ECMP) load sharing allows for load distribution of trac among available routes. When GRE is enabled, a mix of
GRE tunnels and normal IP routes is supported. If multiple routes are using GRE tunnels to a destination, packets are automatically load-
balanced between tunnels, or between tunnels and normal IP routes.
ACL, QoS, and PBR support for
trac through a GRE tunnel
NOTE
PBR and ACL ltering for packets terminating on a GRE tunnel is not supported on FCX devices. However, PBR can be used to
map IP trac into a GRE tunnel, but it cannot be used to route GRE trac. On FCX devices, QoS support for GRE
encapsulated packets is limited to copying DSCP values from the inner header onto the outer header.
For FastIron SX devices only, trac coming from a tunnel can be ltered by an ACL both before and after the tunnel is terminated and
also redirected by PBR after tunnel is terminated. An ACL classies and sets QoS for GRE trac. If the ACL or PBR is applied to the
tunnel loopback port, it would apply to the inner IP packet header (the payload packet) after the tunnel is terminated. If the ACL is applied
to the tunnel ingress port, then the delivery header (outer header) would be classied or ltered before the tunnel is terminated.
NOTE
Restrictions for using ACLs in conjunction with GRE are noted in the section Conguration considerations for GRE IP tunnels
on page 106. PBR can be congured on tunnel loopback ports for tunnel interfaces with no restrictions. PBR with GRE tunnel
is not supported on FSX 800 and FSX 1600 with the SX-FI48GPP module.
Syslog messages related to GRE IP tunnels
Syslog messages provide management applications with information related to GRE IP tunnels. The following Syslog message is
supported.
Tunnel: TUN-RECURSIVE-DOWN tnnl 1, Tnl disabled due to recursive routing
Conguration considerations for GRE IP tunnels
Before conguring GRE tunnels and tunnel options, consider the conguration notes in this section.
• When GRE is enabled on a Layer 3 switch, the following features are not supported on Virtual Ethernet (VE) ports, VE member
ports (ports that have IP addresses), and GRE tunnel loopback ports:
– ACL logging
– ACL statistics (also called ACL counting)
– MAC address lters
– IPv6 lters
NOTE
The above features are supported on VLANs that do not have VE ports.
• Whenever multiple IP addresses are congured on a tunnel source, the primary address of the tunnel is always used for forming
the tunnel connections. Therefore, carefully check the congurations when conguring the tunnel destination.
IPv4 point-to-point GRE tunnels
FastIron Ethernet Switch Layer 3 Routing
106 53-1003627-04
To Next Page
Loading...
Need help?
General
