MPLS over GRE Support (Platform)
Hello,
I am looking to run MPLS over GRE (over the Public Internet) probably with IPSec for obvious reasons. CFN seems to suggest only the Cat6k with SUP-VS-2T or the Catalyst 6800 is capable of MPLS over GRE functionality...
I currently have 2 x Cisco 7200 VXR platforms (7204 & 7206) with the NPE-G2 processing engine and was wondering if we added the VSA encryption module (C7200-VSA=) would be enough to get a reliable MPLS over GRE tunnel functionality.
The tunnel with Encryption would ideally support up to 500Mbps.
My other alternative is to upgrade/replace the VXRs with ASRs (1002 or similar) but again CFN is unclear if the ASR100x platform is capable of delivering MPLS over GRE + IPSec.
Thanks,
MPLS over GRE is not supported in Hardware for sup720. This is a PFC3 hardware limitation. Your options would be to use SPA-400 or Enhanced FlexWan.
Similar Messages
-
does sup32 on 7600 router support mpls over gre, my uplinks
to the core are connected via sup32?Hello Atif,
in the following link the datasheet of sup32
http://www.cisco.com/en/US/prod/collateral/modules/ps2797/ps5972/product_data_sheet0900aecd801c5cab_ps368_Products_Data_Sheet.html
table1 contains the following:
Hardware-enabled MPLS-Enables use of VPNs and Layer 2 tunneling while improving traffic engineering for QoS and adding multiprotocol support
• Hardware-enabled IPv6-Expands available IP addresses, enabling better address allocation and address aggregation and supporting greater end-to-end connectivity and services
• Hardware-enabled GRE tunnels for IP traffic
be aware that performances are limited in comparison to sup720 as it is shown in table2.
Hope to help
Giuseppe -
HI : Are there any MTU issues of running MPLS over GRE tunnels??
what will be the MTU size ?
thnak youGRE has an overhead of 24 bytes, and can directly interfere with the MPLS overhead. The MTU associated with an MPLS packet is broken down like so:
Ethernet Payload - 1500
802.1q header - 18
AToM Header - 4 (Required for ATM and FR only)
AToM Label - 4
LDP Label - 4
TE Label - 4
MPLS Fast Reroute - 4
Total = 1538
Granted, you may not configure all of those features above into your MPLS network, this is a good baseline to use for the MPLS MTU. You need to configure the core network to accept an MTU of at least 1538 bytes, without GRE.
You need to ensure that your GRE tunnels can support an MTU greater than 1562 if you plan to implement additional MPLS features like TE and AToM. -
Hi,
Can any one guide me about the benefits of MPLS over GRE Tunnels. Do this serve the purpose of MPLS (except TE, which is suppose is not possible on GRE Tunnels) as Layer-3 is already involved before Label Switching even starts.
thanx and regards,
Shakeel AhmadI have a problem with MPLS over GRE. When i try to apply a policy to shape the traffic it seems that the default-class dosent see the mpls packets.
Im trying to shape the traffic to 256k but it seems that the shaping never are activated.
Anyone have any idea how to solve this?
Example:
class-map match-all PING
match access-group 171
policy-map class-default
class PING
bandwidth percent 15
policy-map PING
class class-default
shape average 256000
service-policy class-default
INterfacexx
service-policy output PING
access-list 171 permit icmp any any -
MPLS over GRE sample config....
can any body paste a working of MPLS over GRE....
i am looking for tunnel config and any related global config...
thanks
UmarYou can try this link for GRE configuration
http://www.cisco.com/en/US/tech/tk436/tk428/technologies_configuration_example09186a00801e1294.shtml -
A Chairde,
I am nearly sure the answer is no, but will ask anyway.
I want to connect two private networks over a corporate WAN , and am looking to keep the router traffic (BGP) and routing traffic under control.
I only have control of the two lab routers, the routers in middle are controlled by IT dept. , is there anyway of setting up MPLS with this scenario ???
Any other suggestions ......You could indeed run MPLS over a GRE interface.
If you want to run MPLS VPN, then I would suggest configuring MPLS VPN over l2tpv3. See the following URL for more details:
http://www.cisco.com/en/US/products/sw/iosswrel/ps1829/products_feature_guide09186a00802b4817.html
Let me know if I answered your question, -
Dear expert,
Currently I have problem running bridging over GRE tunnel.We are using cisco 3640 but somehow under tunnel 0, the is no 'bridge-group 1' command.We are trying to get the IOS that support the command under tunnel 0 but to no avail.Can someone help me ? Thanks
--ranIt's a hidden command. Even do, you might get a warning messasge stating this is obsolete and unsupported, it still technically a valid configuration. Legacy, but works.
Keep in mind there are better solutions for this kind of connections. But you can try it, it's simple anyways.
Host1---Fa0/0--R1-------------GRE------------R2--Fa0/0---Host2
1. Create a Loopback intf. on both routers and ensure L3 connectivity between them.
2. Create bridge:
router(config)#bridge 1 protocol ieee
3. Create a GRE tunnel interface (dont configure IP's):
router(config)# interface tun0
router(config-if)# tun source loopback x
router(config-if)# tun destination <other router loopback ip>
router(config-if)# bridge-group 1
**This is a hidden cmd. You will get a warning message, but ignore it**
3. Attach Physical Interface to Bridge as well:
router(config)# interface Fa0/0
router(config-if)# bridge-group 1
4. Configure the Hosts IP addresses to be on the same IP Segment and validate communication between them.
You can try this on GNS3 as well. I made a diagram and a brief explanation at another thread, but really don't remember how to get to it.
Once again, this is legacy and there are better ways to achieve this. But for small implementations this is valid and easier. It also helps to understand the newer versions/enhancements to this as well.
HTH -
Hi,
Does cisco support mpls over atm-ppp-llc
per RFC 2354(PPP over AAL5).
Something like a scenario if Cisco acts as a PE and it gets frames with mpls over atm-ppp-llc from a connected CE ,is it supported in cisco , or it will drop the frames ?
Running mpls over ce-pe link is mandatory for the specific scenario.
Thanks
Thanks in advanceHello,
The MPLS should be supported also on PPP over AAL5. Simply use the "mpls ip" command on the Virtual-Template or the Dialer interface you are using on top of the ATM VC to set up the PPP interface.
The 3640 with proper IOS can support the PE functions. The Enterprise feature sets should be equipped with all features necessary to provide a PE router functionality - basically, the VRF, MPLS, LDP, MPLS VPN support, BGP, BGP VPNv4 support, IGP protocols with VRF support and that should be sufficient.
Best regards,
Peter -
IPsec over GRE in ASR 1000 with VRF
Hi
I´m trying to configure IPsec over GRE tunnel between Cisco 819G remote router and ASR 1002 central router using crypto maps. Currently ASR router has two vrf´s (management vrf and EXTERNOS2 vrf) and in the future we are going to deploy different "virtual" routers from this box. I don´t know why it doesn´t work, tunnel interface doesn´t go up. Taking a view to debugs obtained from ASR router (debug crypto isakmp and debug crypto ipsecI see the following errors:
Oct 3 13:11:33: IPSEC(validate_proposal_request): proposal part #1
Oct 3 13:11:33: IPSEC(validate_proposal_request): proposal part #1,
(key eng. msg.) INBOUND local= 10.255.68.246:0, remote= 10.200.25.106:0,
local_proxy= 10.255.68.246/255.255.255.255/256/0,
remote_proxy= 10.200.25.106/255.255.255.255/256/0,
protocol= ESP, transform= NONE (Transport),
lifedur= 0s and 0kb,
spi= 0x0(0), conn_id= 0, keysize= 0, flags= 0x0
Oct 3 13:11:33: Crypto mapdb : proxy_match
src addr : 10.255.68.246
dst addr : 10.200.25.106
protocol : 0
src port : 0
dst port : 0
Oct 3 13:11:33: map_db_check_isakmp_profile profile did not match
Oct 3 13:11:33: Crypto mapdb : proxy_match
src addr : 10.255.68.246
dst addr : 10.200.25.106
protocol : 0
src port : 0
dst port : 0
Oct 3 13:11:33: map_db_check_isakmp_profile profile did not match
Oct 3 13:11:33: map_db_find_best did not find matching map
Oct 3 13:11:33: IPSEC(ipsec_process_proposal): proxy identities not supported
Oct 3 13:11:33: ISAKMP:(35001): IPSec policy invalidated proposal with error 32
Oct 3 13:11:33: ISAKMP:(35001): phase 2 SA policy not acceptable! (local 10.255.68.246 remote 10.200.25.106)
anybody could help me to troubleshoot why it doesn´t work?
I post you involved configuration sections from ASR and 819G routers
B.R.Ops!! I forgot to paste involved routes from both devices.
ASR router
ip route vrf EXTERNOS2 10.200.24.0 255.255.248.0 10.255.68.245 tag 6
ip route vrf EXTERNOS2 185.1.1.0 255.255.255.0 Tunnel21 tag 6 <--- c819G LAN network
Cisco 819G
ip route 0.0.0.0 0.0.0.0 Tunnel1
ip route 10.255.68.246 255.255.255.255 Cellular0
B.R. -
Does anybody know an IOS version that supports both MPLS and QinQ support. Nearly all advance enterprise services 12.4 support QinQ and some 12.3T, but i believe that later versions of IOS 12.3 and onwards removed MPLS support. I could really do with finding both these features in the same IOS as it would greatly help me study. IOS selector is hard to trust as it doesnt appear to label MPLS support under some IOS which i know have the commands. Also certain 12.3T ios have been deferred which makes getting them to try hard to begin with.
So far i have tried the below.
c2600-adventerprisek9-mz.123-11.T.bin <-- QinQ no mpls
c2600-adventerprisek9-mz.123-26.bin <-- no QinQ
c2600-advipservicesk9-mz.123-4.T6.bin <--no QinQ
c2600-telco-mz.123-26.bin <-- MPLS but no QinQ
c2600-telco-mz.124-7.bin <- no MPLS
All the 12.4 IOS have had the tag-switching/MPLS commands removed.
Any help will be most appreciated!Hi,
If your CE at both ends are routers, then you can configure both CE's with a Sub interface on the trunk link that is going towards PE. On this Sub interface of CEs you can configure IP address and also, if CEF is enabled on router and the interface then you can use mpls ip command on this sub interface and form LDP neighborship between both CEs over this l2 circuit.
Yes MTU size will have to be capable of supporting this increased packet size.
Regards,
Shailendra -
Welcome to the MPLS over ATM Discussion
Welcome to the Cisco Networking Professionals Connection Service Provider Forum. This conversation will provide you the opportunity to discuss issues surrounding MPLS over ATM. We encourage everyone to share their knowledge and start conversations on issues such as Frame-based MPLS networks, multiservice networks, VPN scalability, multiple service classes, multicast, VoIP and any other topic concerning MPLS over ATM.
Remember, just like in the workplace, be courteous to your fellow forum participants. Please refrain from using disparaging or obscene language or posting advertisements.
We encourage you to tell your fellow networking professionals about the site. If you would like us to send them a personal invitation simply send their names and e-mail addresses along with your name to us at [email protected]This is easily done with dial peer statements . The dial peer in your originating router must route the calls to the terminating router first. That would look like :
dial-peer voice xxxxx voip ( the xxxxx is just a tag)
destination-pattern 45... (that would route any 5-digit calls beginning with 45)
session-target ipv4:xxx.xxx.xxx.xxx (ip address of the terminating router)
If digitones are to be dialed after the connection is established, use the statement:
dtmf-relay-h.245-alphanumeric
You could also use a statement to specify the codec to be used:
codec g711ulaw
You would need multiple voip dial peers if the calls were going to different routers based on the dialed digits. If all calls are sent to the same terminating router, use all wild cards in the dest-pattern statement.
At the terminating router configure pots dial peers:
dial-peer voice xxxxx pots
dest-pattern 45...
port x/x (whichever port the call is to be terminated on)
prefix 45 (this re-inserts matched digits which are stripped off by the pots dp)
Repeat for other ports which will receive calls.
Paul -
Hi there
I got the following message when trying to install Photoshop CC, "You are running an operating system that Photoshop no longer supports. Refer to the system requirements for a full list of supported platforms."
I use Windows Vista so not sure what I need to do now! Any help would be much appreciated thanks.Photoshop CC only runs on Windows 7 or Windows 8/8.1. Not Vista.
System requirements | Photoshop -
Know more detail about the Remote Support Platform for SAP Business One ?
SAP Business One 9.1 is about to release this year and we can see in the feature enhancements that a significant update is planned in the Remote Support Platform for SAP Business One, more commonly known as RSP. Let’s have a quick look what update is planned for RSP in version 9.1:
Enhancements planned in Remote Support Platform for SAP Business One 9.1
RSP is planned to support both SAP Business One on Microsoft SQL Server as well as SAP Business One on HANA Database
RSP Processes and Reports adapted to SAP HANA Database
With this plan RSP will help in the areas of Download, Installation, Go-Live Check, Monitoring, Upgrade and Support for SAP Business One both on SQL Server and HANA.
But like me (non-SAP B1 Consultant) many of you have the question what is RSP and how it helps in support? Here I have tried to gather all information.
What is Remote Support Platform for SAP Business One?
The remote support platform for SAP Business One is designed to protect a SAP Business One installation by providing automated and remote support in a high-volume business.
The platform monitors the entire SAP Business One environment. By significantly reducing the time between the appearance, identification, and resolution of issues, the remote support platform for SAP Business One minimizes the impact on customer databases and processes.
Some Key Features of Remote Support Platform:
Showing alerts to SAP B1 Admin about the events which require their attention, such as low disk space, database backups, etc.
Incident Reports against the issues identified which require attention of SAP Support
Company Database Backup and Restore options
Regular fixes of Company Database inconsistencies
Check, Download and Install regular updates in SAP Business One
Upload Logs and required files to SAP Support or to Partner Support on regular basis
Some details about RSP Backup Management
Schedule daily, weekly, and monthly backups
Perform differential and full database backups
Back up transaction logs
Back up files to shared folders on a network
System Status Report through RSP
From June 1st 2013, it will be mandatory to install, configure and upload the System Status Report (SSR) from Remote Support Platform (RSP) for SAP Business One in order to receive support for messages of a technical nature (upgrades, performance & crashes, etc).
Database uploads only via RSP
From June 1st 2013 SAP Business One Support will only accept database uploads to SAP via remote support platform for SAP Business One. In certain exceptional circumstances STFP may be used but this will constitute a minority of cases.
Microsoft Windows PowerShell Scripting
In the remote support platform studio, you can create tasks using Microsoft Windows PowerShell scripting. PowerShell enables you to perform remote administrative tasks on customers’ Microsoft Windows operating systems, by providing full access to Component Object Model (COM) and Windows Management Instrumentation (WMI).Some Network Prerequisite for RSP
To achieve the internet connection test, you must allow port 80 for the RSP external communication
Disabling antivirus firewall or add the RSP to the trusted zone of the antivirus
Set the correct proxy
Disabling Windows firewall in the TP_link Wireless Configuration Utility
Want to now More about It Click Here : Remote Support Platform for SAP Business OneSAP Business One 9.1 is about to release this year and we can see in the feature enhancements that a significant update is planned in the Remote Support Platform for SAP Business One, more commonly known as RSP. Let’s have a quick look what update is planned for RSP in version 9.1:
Enhancements planned in Remote Support Platform for SAP Business One 9.1
RSP is planned to support both SAP Business One on Microsoft SQL Server as well as SAP Business One on HANA Database
RSP Processes and Reports adapted to SAP HANA Database
With this plan RSP will help in the areas of Download, Installation, Go-Live Check, Monitoring, Upgrade and Support for SAP Business One both on SQL Server and HANA.
But like me (non-SAP B1 Consultant) many of you have the question what is RSP and how it helps in support? Here I have tried to gather all information.
What is Remote Support Platform for SAP Business One?
The remote support platform for SAP Business One is designed to protect a SAP Business One installation by providing automated and remote support in a high-volume business.
The platform monitors the entire SAP Business One environment. By significantly reducing the time between the appearance, identification, and resolution of issues, the remote support platform for SAP Business One minimizes the impact on customer databases and processes.
Some Key Features of Remote Support Platform:
Showing alerts to SAP B1 Admin about the events which require their attention, such as low disk space, database backups, etc.
Incident Reports against the issues identified which require attention of SAP Support
Company Database Backup and Restore options
Regular fixes of Company Database inconsistencies
Check, Download and Install regular updates in SAP Business One
Upload Logs and required files to SAP Support or to Partner Support on regular basis
Some details about RSP Backup Management
Schedule daily, weekly, and monthly backups
Perform differential and full database backups
Back up transaction logs
Back up files to shared folders on a network
System Status Report through RSP
From June 1st 2013, it will be mandatory to install, configure and upload the System Status Report (SSR) from Remote Support Platform (RSP) for SAP Business One in order to receive support for messages of a technical nature (upgrades, performance & crashes, etc).
Database uploads only via RSP
From June 1st 2013 SAP Business One Support will only accept database uploads to SAP via remote support platform for SAP Business One. In certain exceptional circumstances STFP may be used but this will constitute a minority of cases.
Microsoft Windows PowerShell Scripting
In the remote support platform studio, you can create tasks using Microsoft Windows PowerShell scripting. PowerShell enables you to perform remote administrative tasks on customers’ Microsoft Windows operating systems, by providing full access to Component Object Model (COM) and Windows Management Instrumentation (WMI).Some Network Prerequisite for RSP
To achieve the internet connection test, you must allow port 80 for the RSP external communication
Disabling antivirus firewall or add the RSP to the trusted zone of the antivirus
Set the correct proxy
Disabling Windows firewall in the TP_link Wireless Configuration Utility
Want to now More about It Click Here : Remote Support Platform for SAP Business One -
Issue regarding supported platforms manual for BO XI 3.1 sp2
In supported platforms manual for BO XI 3.1 sp2 windows there is a note on page 7 for specific patch level for OAS 10gR3 u201CPlease see release notes on the minimum version supported for Dashboard and Analytics.u201D We try to find on release notes (BOXI 3.1 & BOXI 3.1 sp2) for the exact patch level but there aren't any suggestions.
Could you please inform about the exact patch level that is needed on OAS 10gR3.Hello,
Many thanks you for your answer.
Sorry to insist. It is not really clear in the SAP documentation about the minimum level of SAP NetWeaver BI 7.1 required
for installing "Business Objects XI 3.1 SP2 Integration kit for SAPSolutions.
Could you please find out (and provide me them) :
- The minimum BI 7.01 patch level for installing Business Objects XI
3.1 SP0 Integration kit for SAP Solutions (initial installation
package).
- The minimum BI 7.01 patch level for installing Business Objects XI
3.1 SP2 Integration kit for SAP Solutions
Thanks in advance
Best regards -
I'm running Mac OS X version 10.6.8 How come I get this error message "You are running an operating system that Photoshop no longer supports. Refer to the system requirements for a full list of supported platforms." When I Try to download a FREE trail?
Hi Brizill,
Please refer to the help document below to understand the technical specifications for the same:
System requirements | Photoshop
Regards,
Sheena
Maybe you are looking for
-
OK! So I got everything filled out right to publish my iWeb site with iCloud now but after it looks like everything is fine this error pops up REPEATLY!: PUBLISH ERROR There was an error communicating with the FTP server. Try again later, or check wi
-
Hi, we are using change pointers and the report RBDMIDOC to create Idoc HRMD_A from those change pointers, in order to send that data to an external payroll. However, we have a requirement to publish only some subtypes from one Infotype. Do you guys
-
Split the IDOC into multiple IDOC if the IDOC has more than 500 records
Hi All, I developed an outbound IDOC in which we are facing an issue. There is some limitation on the maximum idoc size it can handle. If number of records is more than 500, split the idoc into multiple iDoc's, e.g. if it would have 1300 records , th
-
How to create hierarchy on bi7 by using dtp
how to create hierarchy on bi7 by using dtp
-
Is there a multi language pattern existing? We build a ERP software with a framework which is on top of EJB. The applications have to support multi language since the applications will be used in different countries. For example there is an Article v