CE dial-in to PE. What routing protocol I should use ?

Hi,
Situation - CE connected to PE via some ethernet interface (primary) and ISDN dial-up as backup, so I need to use some dynamic routing protocol to distribute customers networks to other sites. Now I'm looking towards extended (triggered) RIP, but maybe there are better choices?
As I know, only triggereg RIP and OSPF supports 'on-demand' circuits, but OSPF isn't recommended as CE-PE protocol because it has no VRF awareness and we would have to run separate OSPF process for every VRF what isn't nice. This makes RIP only choice? Or there are another possibilities, maybe BGP ?

Hi,
over all there is static, RIPv2, EIGRP, OSPF, ISIS and BGP for PE-CE.
Well floating static alone seems no possibility in your case.
RIP and EIGRP have some issues when running on redundant links into the VPN (possibility of routing loops), which would be the case with backup active and primary coming back. Depending on the exact topology there might or might not be a workaround.
OSPF has to be run as separate processes. Might be tough on PE resources, depending on your exact setup details. Other than that it does the job.
eBGP with ebgp-multihop and static routes is an option. So eBGP doesn´t go down, just is directed over backup link in case primary is down.
Pick your poison! :-)
regards
Martin

Similar Messages

  • Which protocol we should use for file transfer in ios ?

    which protocol we should use for file transfer in ios ?

    My friend that's definitively a Lotus Domino question, you'll probably ask in the Domino's forums if it generates wsdl, or simple http services you're ready to consume those services in Flex.

  • What data sturcture I should use?

    I want to implement a table like this:
    dest     Cost      Next hop
    B     4     B
    C     6     B
    D     5     D
    E     3     D
    Opertaions on the table would be:
    1.inset a row
    2.update a row
    3.sort based on dest and Next hop
    Could someone give me an idea that what data sturcture i should use and why?

    I want to implement a table like this:
    dest     Cost      Next hop
    B     4     B
    C     6     B
    D     5     D
    E     3     D
    Opertaions on the table would be:
    1.inset a row
    2.update a row
    3.sort based on dest and Next hop
    Could someone give me an idea that what data
    sturcture i should use and why?JTable.
    It is designed to store tabular data, and supports insertion, deletion, and is not difficult to modify for sorting.
    See the Java tutorial at http://java.sun.com/docs/books/tutorial/uiswing/components/table.html
    � {�                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   

  • What kind software we should use under VISTA to creat new partition.

    hi,there. i've use the boot camp to install the window vista in my macbook. but the boot camp only creat one partition for it. therefore all the partition i have under vista is C partiton. i want to divide that C partiton into 2 or more partitons, but i just wonder will that gonna destroy the boot information for Mac OS? what kind software i should use to avoid that problem? thanks.

    Don't know. Never used it. You should probably post your question in the Boot Camp discussions
    http://discussions.apple.com/forum.jspa?forumID=1165

  • Why exp fail and what other method I should use

    Hi Everybody,
    I plan to "copy" data from a table partition of a transactional database to a remote historical database table,both of the source and destination tables are partitioned in the same way
    In the source 9i database, I do the exp using below command
    exp reporter/password file=rs_p20101128.dmp tables=(reporter.reporter_status:p_20101128)
    About to export specified tables via Conventional Path ...
    +. . exporting table REPORTER_STATUS+
    +. . exporting partition P_20101128 212932 rows exported+
    EXP-00091: Exporting questionable statistics.
    EXP-00091: Exporting questionable statistics.
    EXP-00091: Exporting questionable statistics.
    EXP-00091: Exporting questionable statistics.
    EXP-00091: Exporting questionable statistics.
    EXP-00091: Exporting questionable statistics.
    Export terminated successfully with warnings.
    In the remote 10g databse, I do the imp using below command but fail
    imp reporter/password01   FROMUSER=reporter file=/tmp/rs_p20101128.dmp tables=(REPORTER_STATUS:P_20101128)
    Import: Release 10.2.0.2.0 - Production on Mon Nov 29 17:52:31 2010
    Copyright (c) 1982, 2005, Oracle.  All rights reserved.
    Connected to: Oracle Database 10g Enterprise Edition Release 10.2.0.2.0 - Production
    With the Partitioning, OLAP and Data Mining options
    Export file created by EXPORT:V09.02.00 via conventional path
    import done in US7ASCII character set and AL16UTF16 NCHAR character set
    import server uses AL32UTF8 character set (possible charset conversion)
    +. importing REPORTER's objects into REPORTER+
    +. importing REPORTER's objects into REPORTER+
    IMP-00015: following statement failed because the object already exists:
    +"CREATE TABLE "REPORTER_STATUS" ("IDENTIFIER" VARCHAR2(255), "SERIAL" NUMBER"+
    +"(16, 0), "NODE" VARCHAR2(64), "NODEALIAS" VARCHAR2(255), "MANAGER" VARCHAR2"+
    +"(64), "AGENT" VARCHAR2(64), "ALERTGROUP" VARCHAR2(64), "ALERTKEY" VARCHAR2("+
    +"255), "SEVERITY" NUMBER(16, 0), "SUMMARY" VARCHAR2(255), "FIRSTOCCURRENCE" "+
    +......+
    +"0 INITRANS 1 MAXTRANS 255 STORAGE(INITIAL 10485760 FREELISTS 1 FREELIST GRO"+
    +"UPS 1) TABLESPACE "REPORTER" LOGGING NOCOMPRESS )"+
    IMP-00055: Warning: partition or subpartition "REPORTER_STATUS":"P_20101128" not found in export file
    Import terminated successfully with warnings.
    Any suggestion to make the things work?
    Clay

    thanks for all your suggestions but the problem persists, pls have a look at below command and output captures.
    In source 9i database, I do export using below command and got below output:
    +reporter@xxam[tmp] 554 %scp rs_p20101128.dmp [email protected]:/tmp/. Password:+
    +HGCP@hgcam02[tmp] 555 %exp reporter/passwdx01 file=rs_p20101127.dmp tables=(reporter.reporter_status:P_20101127) statistics=none INDEXES=N TRIGGERS=N CONSTRAINTS=N consistent=y+
    Export: Release 9.2.0.6.0 - Production on Mon Nov 29 18:18:36 2010
    Copyright (c) 1982, 2002, Oracle Corporation.  All rights reserved.
    Connected to: Oracle9i Enterprise Edition Release 9.2.0.6.0 - 64bit Production
    With the Partitioning, OLAP and Oracle Data Mining options
    JServer Release 9.2.0.6.0 - Production
    Export done in US7ASCII character set and AL16UTF16 NCHAR character set
    server uses WE8ISO8859P1 character set (possible charset conversion)
    Note: indexes on tables will not be exported
    Note: constraints on tables will not be exported
    About to export specified tables via Conventional Path ...
    +. . exporting table REPORTER_STATUS+
    +. . exporting partition P_20101127 195127 rows exported+
    Export terminated successfully without warnings.
    =================================
    In destination 10g database, I do import using below command and got below output:
    bash-3.00$ imp reporter/passwd0001   FROMUSER=REPORTER TOUSER=REPORTER file=/tmp/rs_p20101127.dmp tables=(REPORTER_STATUS:P_20101127)
    Import: Release 10.2.0.2.0 - Production on Mon Nov 29 18:23:54 2010
    Copyright (c) 1982, 2005, Oracle.  All rights reserved.
    Connected to: Oracle Database 10g Enterprise Edition Release 10.2.0.2.0 - Production
    With the Partitioning, OLAP and Data Mining options
    Export file created by EXPORT:V09.02.00 via conventional path
    import done in US7ASCII character set and AL16UTF16 NCHAR character set
    import server uses AL32UTF8 character set (possible charset conversion)
    +. importing REPORTER's objects into REPORTER+
    IMP-00015: following statement failed because the object already exists:
    +"CREATE TABLE "REPORTER_STATUS" ("IDENTIFIER" VARCHAR2(255), "SERIAL" NUMBER"+
    +"(16, 0), "NODE" VARCHAR2(64), "NODEALIAS" VARCHAR2(255), "MANAGER" VARCHAR2"+
    +"(64), "AGENT" VARCHAR2(64), "ALERTGROUP" VARCHAR2(64), "ALERTKEY" VARCHAR2("+
    +"255), "SEVERITY" NUMBER(16, 0), "SUMMARY" VARCHAR2(255), "FIRSTOCCURRENCE" "+
    +"DATE NOT NULL ENABLE, "LASTOCCURRENCE" DATE, "LASTMODIFIED" DATE, "INTERNAL"+
    +"LAST" DATE, "POLL" NUMBER(16, 0), "TYPE" NUMBER(16, 0), "TALLY" NUMBER(16, "+
    +"0), "CLASS" NUMBER(16, 0), "GRADE" NUMBER(16, 0), "LOCATION" VARCHAR2(64), "+
    +""OWNERUID" NUMBER(16, 0), "OWNERGID" NUMBER(16, 0), "ACKNOWLEDGED" NUMBER(1"+
    +.................+
    +"0 INITRANS 1 MAXTRANS 255 STORAGE(INITIAL 10485760 FREELISTS 1 FREELIST GRO"+
    +"UPS 1) TABLESPACE "REPORTER" LOGGING NOCOMPRESS )"+
    Import terminated successfully with warnings.

  • DMVPN Routing Protocol

    We currently use IPsec for our VPN setup. This includes a single core and approximately 75 (and growing) hubs.  I'm currently labbing a DMVPN environment to run some tests as part of a planned move. 
    I know this question has been covered, but wanted to get some fresh perspective.  What routing protocols are you using for DMVPN and what are some of the issues you have faced? 

    Adam, 
    Most of the setups world wide will use EIGRP or BGP, very few specific cases use RIP passive, some OSPF or static routes.
    For scaling and most internet-based setups we do recommend using BGP. It's well known, manageable, allowing load balancing and with a few tweaks perfect for large routing table and decent recovery times.
    M.

  • What is this? - Routing Protocol is "application"

    Can anyone tell me what this is?
    Routing Protocol is "application"
    I see it when I do a show protocols.  What routing protocol is it?
    Thank you in advanced!

    This is the full output I am confused about.  This is from my ASR 1004:
    #sh ip protocols 
    *** IP Routing is NSF aware ***
    Routing Protocol is "application"
      Sending updates every 0 seconds
      Invalid after 0 seconds, hold down 0, flushed after 0
      Outgoing update filter list for all interfaces is not set
      Incoming update filter list for all interfaces is not set
      Maximum path: 32
      Routing for Networks:
      Routing Information Sources:
        Gateway         Distance      Last Update
      Distance: (default is 4)

  • What bluetooth protocol does the iPod Touch use with a keyboard?

    Hi...
    Say, does anyone know what bluetooth protocol apple is using for their bluetooth keyboards for the iPhone and iPod Touch? It is probably HID, but the people at RIM (i.e. BlackBerry) use SPP. So I would think many 3rd party keyboards use SPP (Serial Port Protocol). But, then, there are many posts about "I wish Apple would support SPP" because people want to build apps that interface with external HW that only supports SPP.
    What I want to do? (you ask)
    I've one of these nice / expensive Think-out-side portable folding keyboards (good). That only has a serial interface (bad). There are many bluetooth "dongles" out there with serial ports (good). But they only support SPP or Serial Port Protocol (bad? maybe? depends).
    See, I know RIM (BlackBerry) people support SPP on their devices. But I haven't heard (found) word one about what the iPod Touch supports. I would hate to spend $80 on one of these dongles and find out it doesn't work.
    So, what does the iPod Touch use when talking to the bluetooth keyboard?
    -thanks

    From page 37 of iOS 4.1 Touch Users Guide:
    Using an Apple Wireless Keyboard
    For ease of typing, you can use an Apple Wireless Keyboard (available separately;
    iPod touch 3rd generation or later).
    Regarding the original questions, the BT profiles supported by the Touch arelisted here:
    http://support.apple.com/kb/HT3647

  • What JDBC drive I can use in Tomcat

    Hi all. I'm trying to shift my web application(JSP and JavaBeans only) from JRUN to Tomcat 4.1. I used sun JDBC driver or JRUN's own JDBC driver to connect to Microsoft SQL Server 2000 and both worked. Now since I'm setting up the same thing in Tomcat, I have totally no idea about what JDBC driver I should use and how to do it. I'm wondering whether Tomcat itself provides any JDBC driver? Or if not, how to make it work with Sun's driver? Or some more, is there any free driver available which is workable?
    Thanks a lot for any help!

    As you said in production envio you have set up
    up another server which will be the primary server
    for the application.Though, your application works
    well in Tomcat, it 's not complete solution in
    production envio.That depends on what the "production" system is intended to do, how many users it serves, what are the security concerns, etc.
    A low usage, internal system can easily be run with just Tomcat.

  • Dynamic Routing Protocols - what do I really need to know?

    Ok, ridiculously broad question I know but....what I'm trying to figure out is, let's say I'm in a large coproration and I have multiple field sites in different areas of the country so the network setup may be somewhat complex but when it comes to setting up the dynamic routing...is it as simple as let's say, configuring a router to use BGP for whatever portion you designate then just letting it be? is it somewhat challenging to initally configure dynamic routing protocols (i.e. how often have you found yourselves worrying about admin distance, areas (I don't even know what an "area" is yet either so if anyone could explain that I would appreciate it), etc..
    So in short, are dynamic routing protocols "Set it and forget it" or do they require a ton of planning to setup? I'm familliar with the differences between them (i.e. OSPF, RIP, EIGRP,etc..) and the differences in link state and distance vector but I just wanted to ask about the setup of the protocols themselves.
    Thanks!!

    You can exchange routes between protocols with redistribution.
    The problem with the question is, as you say, it is too broad to really answer properly.
    All routing protocols have different considerations so what you might do for EIGRP you may not do with OSPF and BGP is different altogether.
    As a general answer if you are enabling it across a WAN all take a certain amout of planning and design and they all rely heavily on what you have done with your IP addressing in terms of summarisation etc.
    The actual configurations to get a basic setup running are relatively simple, certainly for IGPs, but as your network grows you may find the configurations becoming more complex
    BGP is a very different in that there are many different commands you can use to influence the path traffic takes but even here to setup a very basic BGP peering only requires a few commands.
    But no routing protocol in a large environment should just be configured with no thought as to how it is going to work, traffic paths, number of routes etc.
    You can do it but you may well find as your network grows you will end up having to revisit the whole thing because it is not working as you intended.
    Like I say it's too large a question to really answer because each routing protocol is different and may or may not meet the requirements of the network.
    If there are more specific questions then please feel free to ask.
    Jon

  • Wireless ad hoc routing protocols

    I have an application that uses wireless ad hoc routing protocols (node-to-node communication).  Has anyone developed any application that implements wireless ad hoc networking protocols, such as route discovery, route maintenance etc. using LabView?  If so, I'd appreciate if you could provide more insight on your application.
    Thank you in advance.

    I've done something like that in the past, but LV was not the interface to the network. 
    Basically, LV was used to control parameters within an embedded system (running Linux-Embedded) and sending commands over serial and / or Ethernet ports.  The system was comprised of multiple boards, each running an OS with 3 layers of communication, some of which were serial, most over Ethernet.
    However, the firmware took care of discovering and setting up the network.  LV simply quieried the system to find out what it had to deal with (how many boards, what type, etc), then it would quiery the application to find out if the expected networks were esblished and to allow permissions over the network. 
    Are you trying to achieve something similar or are you trying to implement (setup) the network directly using LV?
    JLV

  • Routing Protocol recommendation for MPLS Network

    I am in the process of building a 14 site MPLS network for voice and data traffic. The vendor installing the network has configured RIPv2 as the routing protocol. I am considering switching this over to EIGRP. Can anyone explain to me why this would be better or should I just stay with RIP.
    Thanks

    Hi Chip,
    Its not very clear whether you are implementing a MPLS network or implementing a Network over MPLS for an end user with 14 sites.
    1) If MPLS network then other IGP variants than OSPF and ISIS best avoided. Now if the choice is between ISIS and OSPF then my personal recommendation would be OSPF. And this decision is purely driven by Operational Considerations rather than any technical advantages. Since at the end of the day what matters is how easy it is to implement add delete or troubleshoot the network.
    2)If for End User then it would not be right to recommend EIGRP or RIP or OSPF without knowing the current size & topology of each of these 14 sites, as well as the desired expansion plans. But if these 14 sites are the only sites and are all standalone branch sites connecting over MPLS VPN then RIP,EIGRP or OSPF can be implemented as per your and customer comfort.
    HTH-Cheers,
    Swaroop

  • Routing protocol over mpls

    Hi  all, 
    i have to implement a network customer over a vpls provider  ( 60 site L2  any to any).
    which protocol for this design ? eigrp, ospf or bgp with advantage or inconvenient?
    thanks,

    If this is to be a layer 2 network for 60 sites with any to any connectivity then you can choose which ever routing protocol you wish since the provider will not be participating in the routing protocol. BGP would be at the bottom of my list for this for several reasons, one of which is that BGP does not do dynamic neighbor discovery and I would not want to manually configure 59 neighbors on each of 60 routers.
    Either OSPF or EIGRP could be good choices. If we knew more about this network it might be possible to favor one or the other. For OSPF it seems likely that you would have a single area and some people might be concerned about 60 peers in a single area. But I think it could be appealing that most routers would go through full adjacency with only two peers where with EIGRP each router would negotiate neighbor relationship with 59 neighbors. Another consideration might be what the topology of the sites is like. If each site has several subnets and if the subnets fall into summarizable ranges then EIGRP might be preferred since it enables summarization from each of the routers which reduces the complexity of the routing table on each neighbor.
    HTH
    Rick

  • IPSEC tunnel and Routing protocols Support

    Hi Everyone,
    I read IPSEC does not support Routing Protocols with Site to Site VPN as they both are Layer4.
    Does it mean that If Site A  has to reach Site B over WAN  link we should use Static IP on Site A and Site B  Router?
    In  my home Lab i config Site to Site IPSES  VPN  and they are working fine  using OSPF  does this mean that IPSEC supports Routing Protocol?
    IF someone can explain me this please?
    OSPF  config A side
    router ospf 1
    router-id 3.4.4.4
    log-adjacency-changes
    area 10 virtual-link 10.4.4.1
    passive-interface Vlan10
    passive-interface Vlan20
    network 3.4.4.4 0.0.0.0 area 0
    network 192.168.4.0 0.0.0.255 area 10
    network 192.168.5.0 0.0.0.255 area 0
    network 192.168.10.0 0.0.0.255 area 0
    network 192.168.20.0 0.0.0.255 area 0
    network 192.168.30.0 0.0.0.255 area 0
    network 192.168.98.0 0.0.0.255 area 0
    network 192.168.99.0 0.0.0.255 area 0
    3550SMIA#sh ip route
    Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
           D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
           N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
           E1 - OSPF external type 1, E2 - OSPF external type 2
           i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
           ia - IS-IS inter area, * - candidate default, U - per-user static route
           o - ODR, P - periodic downloaded static route
    Gateway of last resort is 192.168.5.3 to network 0.0.0.0
    O    192.168.12.0/24 [110/13] via 192.168.5.3, 3d17h, FastEthernet0/11
         100.0.0.0/32 is subnetted, 1 subnets
    O       100.100.100.100 [110/3] via 192.168.5.3, 3d17h, FastEthernet0/11
         3.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
    O       3.3.3.3/32 [110/2] via 192.168.5.3, 3d17h, FastEthernet0/11
    C       3.4.4.0/24 is directly connected, Loopback0
    C    192.168.30.0/24 is directly connected, Vlan30
         64.0.0.0/32 is subnetted, 1 subnets
    O E2    64.59.135.150 [110/300] via 192.168.5.3, 1d09h, FastEthernet0/11
         4.0.0.0/32 is subnetted, 1 subnets
    O       4.4.4.4 [110/2] via 192.168.5.3, 3d17h, FastEthernet0/11
    C    192.168.10.0/24 is directly connected, Vlan10
         172.31.0.0/24 is subnetted, 4 subnets
    O E2    172.31.3.0 [110/300] via 192.168.5.3, 3d17h, FastEthernet0/11
    O E2    172.31.2.0 [110/300] via 192.168.5.3, 3d17h, FastEthernet0/11
    O E2    172.31.1.0 [110/300] via 192.168.5.3, 3d17h, FastEthernet0/11
    O E2    172.31.0.0 [110/300] via 192.168.5.3, 3d17h, FastEthernet0/11
    O    192.168.11.0/24 [110/3] via 192.168.5.3, 3d17h, FastEthernet0/11
    O    192.168.98.0/24 [110/2] via 192.168.99.1, 3d17h, FastEthernet0/8
    C    192.168.99.0/24 is directly connected, FastEthernet0/8
    C    192.168.20.0/24 is directly connected, Vlan20
         192.168.5.0/31 is subnetted, 1 subnets
    C       192.168.5.2 is directly connected, FastEthernet0/11
    C    10.0.0.0/8 is directly connected, Tunnel0
         192.168.6.0/31 is subnetted, 1 subnets
    O       192.168.6.2 [110/2] via 192.168.5.3, 3d17h, FastEthernet0/11
    O    192.168.1.0/24 [110/13] via 192.168.5.3, 3d17h, FastEthernet0/11
    O*E2 0.0.0.0/0 [110/1] via 192.168.5.3, 1d09h, FastEthernet0/11
    B Side Config
    Side A
    router ospf 1
    log-adjacency-changes
    network 192.168.97.0 0.0.0.255 area 0
    network 192.168.98.0 0.0.0.255 area 0
    network 192.168.99.0 0.0.0.255 area 0
    1811w#  sh ip route
    Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
           D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
           N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
           E1 - OSPF external type 1, E2 - OSPF external type 2
           i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
           ia - IS-IS inter area, * - candidate default, U - per-user static route
           o - ODR, P - periodic downloaded static route
    Gateway of last resort is 192.168.99.2 to network 0.0.0.0
    O    192.168.12.0/24 [110/14] via 192.168.99.2, 3d17h, FastEthernet0
         100.0.0.0/32 is subnetted, 1 subnets
    O       100.100.100.100 [110/4] via 192.168.99.2, 3d17h, FastEthernet0
         3.0.0.0/32 is subnetted, 2 subnets
    O       3.3.3.3 [110/3] via 192.168.99.2, 3d17h, FastEthernet0
    O       3.4.4.4 [110/2] via 192.168.99.2, 3d17h, FastEthernet0
    O    192.168.30.0/24 [110/2] via 192.168.99.2, 3d17h, FastEthernet0
         64.0.0.0/32 is subnetted, 1 subnets
    O E2    64.59.135.150 [110/300] via 192.168.99.2, 1d09h, FastEthernet0
         4.0.0.0/32 is subnetted, 1 subnets
    O       4.4.4.4 [110/3] via 192.168.99.2, 3d17h, FastEthernet0
    O    192.168.10.0/24 [110/2] via 192.168.99.2, 3d17h, FastEthernet0
         172.31.0.0/24 is subnetted, 4 subnets
    O E2    172.31.3.0 [110/300] via 192.168.99.2, 3d17h, FastEthernet0
    O E2    172.31.2.0 [110/300] via 192.168.99.2, 3d17h, FastEthernet0
    O E2    172.31.1.0 [110/300] via 192.168.99.2, 3d17h, FastEthernet0
    O E2    172.31.0.0 [110/300] via 192.168.99.2, 3d17h, FastEthernet0
    O    192.168.11.0/24 [110/4] via 192.168.99.2, 3d17h, FastEthernet0
    C    192.168.98.0/24 is directly connected, BVI98
    C    192.168.99.0/24 is directly connected, FastEthernet0
    O    192.168.20.0/24 [110/2] via 192.168.99.2, 3d17h, FastEthernet0
         192.168.5.0/31 is subnetted, 1 subnets
    O       192.168.5.2 [110/2] via 192.168.99.2, 3d17h, FastEthernet0
         192.168.6.0/31 is subnetted, 1 subnets
    O       192.168.6.2 [110/3] via 192.168.99.2, 3d17h, FastEthernet0
    O    192.168.1.0/24 [110/14] via 192.168.99.2, 3d17h, FastEthernet0
    O*E2 0.0.0.0/0 [110/1] via 192.168.99.2, 1d09h, FastEthernet0
    Thanks
    Mahesh

    Hello,
    I'm saying crypto maps have a lot of limitations. Tunnel Protection make way more sense
    U can configure in 2 ways [ and multicast WILL work over it]
    1- GRE over IPSEC
    crypto ipsec transform-set aes esp-aes 256 esp-sha-hmac
    mode transport
    crypto ipsec profile tp
    set transform-set aes
    int tu1
    ip address 255.255.255.252
    tunnel source
    tunnel destination
    tunne protection ipsec profile tp
    We have configured mode transport because we encrypt GRE + what ever we encapsule in GRE [ eg OSPF - telnet - http ]
    Pros:
    We can as well transport IPV6 or CDP
    Cons:
    4 bytes of overhead due to GRE
    2- IP over IPSEC
    crypto ipsec transform-set aes esp-aes 256 esp-sha-hmac
    mode tunnel
    crypto ipsec profile tp
    set transform-set aes
    int tu1
    ip address 255.255.255.252
    tunnel source
    tunnel destination
    tunnel mode ipsec ipv4
    tunne protection ipsec profile tp
    This config is in fact closer from a crypto map [ from encapsulation standpoint]. The transform-set then NEED to be in tunnel-mode
    Pro:
    4 bytes overhead less than GRE over IPSEC
    Cons:
    Cannot transport CDP or MPLS or IPV6. Very limiting IMHO
    Cheers
    Olivier

  • Routing protocols

    When using these we advertise the network according to what ip the interfaces are on, does this just include the interface in the routing protocol to be part of the process ?

    Well, honestly depending on the routing protocol you are going to use. EIGRP and OSPF for example depend on which interface will form neighor relation ship and depending on what network is on the interface it will be advertised. However, BGP does not depend on the interface and you use the network command to advertise the subnet you want.
    Therefore, when you issue the network command under the EIGRP and OSPF it means you are saying that these interfaces can send and receive hello packets and form adjacency or neighbor relation ships. However, the advertised subnet will be that of the interface. For example, if you issue the command network 10.20.30.1 0.0.0.0 this means only this interface will form neighbor relationship however the advertised subnet would be 10.20.30.0/24 in case this is the interface subnet.
    Please rate if you find this helpful,
    Thanks,
    Regards,

Maybe you are looking for