MPLS over GRE Support (Platform)

Hello,
I am looking to run MPLS over GRE (over the Public Internet) probably with IPSec for obvious reasons. CFN seems to suggest only the Cat6k with SUP-VS-2T or the Catalyst 6800 is capable of MPLS over GRE functionality... 
I currently have 2 x Cisco 7200 VXR platforms (7204 & 7206) with the NPE-G2 processing engine and was wondering if we added the VSA encryption module (C7200-VSA=) would be enough to get a reliable MPLS over GRE tunnel functionality. 
The tunnel with Encryption would ideally support up to 500Mbps. 
My other alternative is to upgrade/replace the VXRs with ASRs (1002 or similar) but again CFN is unclear if the ASR100x platform is capable of delivering MPLS over GRE + IPSec.
Thanks,

MPLS over GRE is not supported in Hardware for sup720. This is a PFC3 hardware limitation. Your options would be to use SPA-400 or Enhanced FlexWan.

Similar Messages

  • Sup32 and mpls over gre

    does sup32 on 7600 router support mpls over gre, my uplinks
    to the core are connected via sup32?

    Hello Atif,
    in the following link the datasheet of sup32
    http://www.cisco.com/en/US/prod/collateral/modules/ps2797/ps5972/product_data_sheet0900aecd801c5cab_ps368_Products_Data_Sheet.html
    table1 contains the following:
    Hardware-enabled MPLS-Enables use of VPNs and Layer 2 tunneling while improving traffic engineering for QoS and adding multiprotocol support
    • Hardware-enabled IPv6-Expands available IP addresses, enabling better address allocation and address aggregation and supporting greater end-to-end connectivity and services
    • Hardware-enabled GRE tunnels for IP traffic
    be aware that performances are limited in comparison to sup720 as it is shown in table2.
    Hope to help
    Giuseppe

  • MPLS over GRE tunnles

    HI : Are there any MTU issues of running MPLS over GRE tunnels??
    what will be the MTU size ?
    thnak you

    GRE has an overhead of 24 bytes, and can directly interfere with the MPLS overhead. The MTU associated with an MPLS packet is broken down like so:
    Ethernet Payload - 1500
    802.1q header - 18
    AToM Header - 4 (Required for ATM and FR only)
    AToM Label - 4
    LDP Label - 4
    TE Label - 4
    MPLS Fast Reroute - 4
    Total = 1538
    Granted, you may not configure all of those features above into your MPLS network, this is a good baseline to use for the MPLS MTU. You need to configure the core network to accept an MTU of at least 1538 bytes, without GRE.
    You need to ensure that your GRE tunnels can support an MTU greater than 1562 if you plan to implement additional MPLS features like TE and AToM.

  • MPLS over GRE Tunnel

    Hi,
    Can any one guide me about the benefits of MPLS over GRE Tunnels. Do this serve the purpose of MPLS (except TE, which is suppose is not possible on GRE Tunnels) as Layer-3 is already involved before Label Switching even starts.
    thanx and regards,
    Shakeel Ahmad

    I have a problem with MPLS over GRE. When i try to apply a policy to shape the traffic it seems that the default-class dosent see the mpls packets.
    Im trying to shape the traffic to 256k but it seems that the shaping never are activated.
    Anyone have any idea how to solve this?
    Example:
    class-map match-all PING
    match access-group 171
    policy-map class-default
    class PING
    bandwidth percent 15
    policy-map PING
    class class-default
    shape average 256000
    service-policy class-default
    INterfacexx
    service-policy output PING
    access-list 171 permit icmp any any

  • MPLS over GRE sample config....

    can any body paste a working of MPLS over GRE....
    i am looking for tunnel config and any related global config...
    thanks
    Umar

    You can try this link for GRE configuration
    http://www.cisco.com/en/US/tech/tk436/tk428/technologies_configuration_example09186a00801e1294.shtml

  • MPLS over non-MPLS network

    A Chairde,
    I am nearly sure the answer is no, but will ask anyway.
    I want to connect two private networks over a corporate WAN , and am looking to keep the router traffic (BGP) and routing traffic under control.
    I only have control of the two lab routers, the routers in middle are controlled by IT dept. , is there anyway of setting up MPLS with this scenario ???
    Any other suggestions ......

    You could indeed run MPLS over a GRE interface.
    If you want to run MPLS VPN, then I would suggest configuring MPLS VPN over l2tpv3. See the following URL for more details:
    http://www.cisco.com/en/US/products/sw/iosswrel/ps1829/products_feature_guide09186a00802b4817.html
    Let me know if I answered your question,

  • Bridging over GRE tunnel

    Dear expert,
    Currently I have problem running bridging over GRE tunnel.We are using cisco 3640 but somehow under tunnel 0, the is no 'bridge-group 1' command.We are trying to get the IOS that support the command under tunnel 0 but to no avail.Can someone help me ? Thanks
    --ran

    It's a hidden command.  Even do, you might get a warning messasge stating this is obsolete and unsupported, it still technically a valid configuration. Legacy, but works.
    Keep in mind there are better solutions for this kind of connections.  But you can try it, it's simple anyways.
    Host1---Fa0/0--R1-------------GRE------------R2--Fa0/0---Host2
    1. Create a Loopback intf. on both routers and ensure L3 connectivity between them.
    2. Create bridge:
    router(config)#bridge 1 protocol ieee
    3. Create a GRE tunnel interface (dont configure IP's):
    router(config)# interface tun0
    router(config-if)# tun source loopback x
    router(config-if)# tun destination <other router loopback ip>
    router(config-if)# bridge-group 1
    **This is a hidden cmd. You will get a warning message, but ignore it**
    3. Attach Physical Interface to Bridge as well:
    router(config)# interface Fa0/0
    router(config-if)# bridge-group 1
    4. Configure the Hosts IP addresses to be on the same IP Segment and validate communication between them.
    You can try this on GNS3 as well.  I made a diagram and a brief explanation at another thread, but really don't remember how to get to it.
    Once again, this is legacy and there are better ways to achieve this. But for small implementations this is valid and easier.  It also helps to understand the newer versions/enhancements to this as well. 
    HTH

  • Mpls over atm ppp over aal5

    Hi,
    Does cisco support mpls over atm-ppp-llc
    per RFC 2354(PPP over AAL5).
    Something like a scenario if Cisco acts as a PE and it gets frames with mpls over atm-ppp-llc from a connected CE ,is it supported in cisco , or it will drop the frames ?
    Running mpls over ce-pe link is mandatory for the specific scenario.
    Thanks
    Thanks in advance

    Hello,
    The MPLS should be supported also on PPP over AAL5. Simply use the "mpls ip" command on the Virtual-Template or the Dialer interface you are using on top of the ATM VC to set up the PPP interface.
    The 3640 with proper IOS can support the PE functions. The Enterprise feature sets should be equipped with all features necessary to provide a PE router functionality - basically, the VRF, MPLS, LDP, MPLS VPN support, BGP, BGP VPNv4 support, IGP protocols with VRF support and that should be sufficient.
    Best regards,
    Peter

  • IPsec over GRE in ASR 1000 with VRF

                       Hi
    I´m trying to configure IPsec over GRE tunnel between Cisco 819G remote router and ASR 1002 central router using crypto maps. Currently ASR router has two vrf´s (management vrf and EXTERNOS2 vrf) and in the future we are going to deploy different "virtual" routers from this box. I don´t know why it doesn´t work, tunnel interface doesn´t go up. Taking a view to debugs obtained from ASR router (debug crypto isakmp and debug crypto ipsecI see the following errors:
    Oct  3 13:11:33: IPSEC(validate_proposal_request): proposal part #1
    Oct  3 13:11:33: IPSEC(validate_proposal_request): proposal part #1,
      (key eng. msg.) INBOUND local= 10.255.68.246:0, remote= 10.200.25.106:0,
        local_proxy= 10.255.68.246/255.255.255.255/256/0,
        remote_proxy= 10.200.25.106/255.255.255.255/256/0,
        protocol= ESP, transform= NONE  (Transport),
        lifedur= 0s and 0kb,
        spi= 0x0(0), conn_id= 0, keysize= 0, flags= 0x0
    Oct  3 13:11:33: Crypto mapdb : proxy_match
            src addr     : 10.255.68.246
            dst addr     : 10.200.25.106
            protocol     : 0
            src port     : 0
            dst port     : 0
    Oct  3 13:11:33: map_db_check_isakmp_profile profile did not match
    Oct  3 13:11:33: Crypto mapdb : proxy_match
            src addr     : 10.255.68.246
            dst addr     : 10.200.25.106
            protocol     : 0
            src port     : 0
            dst port     : 0
    Oct  3 13:11:33: map_db_check_isakmp_profile profile did not match
    Oct  3 13:11:33: map_db_find_best did not find matching map
    Oct  3 13:11:33: IPSEC(ipsec_process_proposal): proxy identities not supported
    Oct  3 13:11:33: ISAKMP:(35001): IPSec policy invalidated proposal with error 32
    Oct  3 13:11:33: ISAKMP:(35001): phase 2 SA policy not acceptable! (local 10.255.68.246 remote 10.200.25.106)
    anybody could help me to troubleshoot why it doesn´t work?
    I post you involved configuration sections from ASR and 819G routers
    B.R.

    Ops!! I forgot to paste involved routes from both devices.
    ASR router
    ip route vrf EXTERNOS2 10.200.24.0 255.255.248.0 10.255.68.245 tag 6
    ip route vrf EXTERNOS2 185.1.1.0 255.255.255.0 Tunnel21 tag 6          <--- c819G LAN network
    Cisco 819G
    ip route 0.0.0.0 0.0.0.0 Tunnel1
    ip route 10.255.68.246 255.255.255.255 Cellular0
    B.R.

  • C2600xm MPLS and QinQ support

    Does anybody know an IOS version that supports both MPLS and QinQ support.  Nearly all advance enterprise services 12.4 support QinQ and some 12.3T, but i believe that later versions of IOS 12.3 and onwards removed MPLS support.  I could really do with finding both these features in the same IOS as it would greatly help me study.  IOS selector is hard to trust as it doesnt appear to label MPLS support under some IOS which i know have the commands.  Also certain 12.3T ios have been deferred which makes getting them to try hard to begin with.
    So far i have tried the below.
    c2600-adventerprisek9-mz.123-11.T.bin <-- QinQ no mpls
    c2600-adventerprisek9-mz.123-26.bin <-- no QinQ
    c2600-advipservicesk9-mz.123-4.T6.bin <--no QinQ
    c2600-telco-mz.123-26.bin <-- MPLS but no QinQ
    c2600-telco-mz.124-7.bin <- no MPLS
    All the 12.4 IOS have had the tag-switching/MPLS commands removed.
    Any help will be most appreciated!

    Hi,
    If your CE at both ends are routers, then you can configure both CE's with a Sub interface on the trunk link that is going towards PE. On this Sub interface of CEs you can configure IP address and also, if CEF is enabled on router and the interface then you can use mpls ip command on this sub interface and form LDP neighborship between both CEs over this l2 circuit.
    Yes MTU size will have to be capable of supporting this increased packet size.
    Regards,
    Shailendra

  • Welcome to the MPLS over ATM Discussion

    Welcome to the Cisco Networking Professionals Connection Service Provider Forum. This conversation will provide you the opportunity to discuss issues surrounding MPLS over ATM. We encourage everyone to share their knowledge and start conversations on issues such as Frame-based MPLS networks, multiservice networks, VPN scalability, multiple service classes, multicast, VoIP and any other topic concerning MPLS over ATM.
    Remember, just like in the workplace, be courteous to your fellow forum participants. Please refrain from using disparaging or obscene language or posting advertisements.
    We encourage you to tell your fellow networking professionals about the site. If you would like us to send them a personal invitation simply send their names and e-mail addresses along with your name to us at [email protected]

    This is easily done with dial peer statements . The dial peer in your originating router must route the calls to the terminating router first. That would look like :
    dial-peer voice xxxxx voip ( the xxxxx is just a tag)
    destination-pattern 45... (that would route any 5-digit calls beginning with 45)
    session-target ipv4:xxx.xxx.xxx.xxx (ip address of the terminating router)
    If digitones are to be dialed after the connection is established, use the statement:
    dtmf-relay-h.245-alphanumeric
    You could also use a statement to specify the codec to be used:
    codec g711ulaw
    You would need multiple voip dial peers if the calls were going to different routers based on the dialed digits. If all calls are sent to the same terminating router, use all wild cards in the dest-pattern statement.
    At the terminating router configure pots dial peers:
    dial-peer voice xxxxx pots
    dest-pattern 45...
    port x/x (whichever port the call is to be terminated on)
    prefix 45 (this re-inserts matched digits which are stripped off by the pots dp)
    Repeat for other ports which will receive calls.
    Paul

  • Got the following message when trying to install Photoshop CC "You are running an operating system that Photoshop no longer supports. Refer to the system requirements for a full list of supported platforms." I use Windows Vista so not sure what I need to

    Hi there
    I got the following message when trying to install Photoshop CC, "You are running an operating system that Photoshop no longer supports. Refer to the system requirements for a full list of supported platforms."
    I use Windows Vista so not sure what I need to do now! Any help would be much appreciated thanks.

    Photoshop CC only runs on Windows 7 or Windows 8/8.1. Not Vista.
    System requirements | Photoshop

  • Know more detail about the Remote Support Platform for SAP Business One ?

    SAP Business One 9.1 is about to release this year and we can see in the feature enhancements that a significant update is planned in the Remote Support Platform for SAP Business One, more commonly known as RSP. Let’s have a quick look what update is planned for RSP in version 9.1:
    Enhancements planned in Remote Support Platform for SAP Business One 9.1
    RSP is planned to support both SAP Business One on Microsoft SQL Server as well as SAP Business One on HANA Database
    RSP Processes and Reports adapted to SAP HANA Database
    With this plan RSP will help in the areas of Download, Installation, Go-Live Check, Monitoring, Upgrade and Support for SAP Business One both   on SQL Server and HANA.
    But like me (non-SAP B1 Consultant) many of you have the question what is RSP and how it helps in support? Here I have tried to gather all information.
    What is Remote Support Platform for SAP Business One?
    The remote support platform for SAP Business One is designed to protect a SAP Business One installation by providing automated and remote support in a high-volume business.
    The platform monitors the entire SAP Business One environment. By significantly reducing the time between the appearance, identification, and resolution of issues, the remote support platform for SAP Business One minimizes the impact on customer databases and processes.
    Some Key Features of Remote Support Platform:
    Showing alerts to SAP B1 Admin about the events which require their attention, such as low disk space, database backups, etc.
    Incident Reports against the issues identified which require attention of SAP Support
    Company Database Backup and Restore options
    Regular fixes of Company Database inconsistencies
    Check, Download and Install regular updates in SAP Business One
    Upload Logs and required files to SAP Support or to Partner Support on regular basis
    Some details about RSP Backup Management
    Schedule daily, weekly, and monthly backups
    Perform differential and full database backups
    Back up transaction logs
    Back up files to shared folders on a network
    System Status Report through RSP
    From June 1st 2013, it will be mandatory to install, configure and upload the System Status Report (SSR) from Remote Support Platform (RSP) for SAP Business One in order to receive support for messages of a technical nature (upgrades, performance & crashes, etc).
    Database uploads only via RSP
    From June 1st 2013 SAP Business One Support will only accept database uploads to SAP via remote support platform for SAP Business One. In certain exceptional circumstances STFP may be used but this will constitute a minority of cases.
    Microsoft Windows PowerShell Scripting
    In the remote support platform studio, you can create tasks using Microsoft Windows PowerShell scripting. PowerShell enables you to perform remote administrative tasks on customers’ Microsoft Windows operating systems, by providing full access to Component Object Model (COM) and Windows Management Instrumentation (WMI).Some Network Prerequisite for RSP
    To achieve the internet connection test, you must allow port 80 for the RSP external communication
    Disabling antivirus firewall or add the RSP to the trusted zone of the antivirus
    Set the correct proxy
    Disabling Windows firewall in the TP_link Wireless Configuration Utility
    Want to now More about It Click Here :   Remote Support Platform for SAP Business One

    SAP Business One 9.1 is about to release this year and we can see in the feature enhancements that a significant update is planned in the Remote Support Platform for SAP Business One, more commonly known as RSP. Let’s have a quick look what update is planned for RSP in version 9.1:
    Enhancements planned in Remote Support Platform for SAP Business One 9.1
    RSP is planned to support both SAP Business One on Microsoft SQL Server as well as SAP Business One on HANA Database
    RSP Processes and Reports adapted to SAP HANA Database
    With this plan RSP will help in the areas of Download, Installation, Go-Live Check, Monitoring, Upgrade and Support for SAP Business One both   on SQL Server and HANA.
    But like me (non-SAP B1 Consultant) many of you have the question what is RSP and how it helps in support? Here I have tried to gather all information.
    What is Remote Support Platform for SAP Business One?
    The remote support platform for SAP Business One is designed to protect a SAP Business One installation by providing automated and remote support in a high-volume business.
    The platform monitors the entire SAP Business One environment. By significantly reducing the time between the appearance, identification, and resolution of issues, the remote support platform for SAP Business One minimizes the impact on customer databases and processes.
    Some Key Features of Remote Support Platform:
    Showing alerts to SAP B1 Admin about the events which require their attention, such as low disk space, database backups, etc.
    Incident Reports against the issues identified which require attention of SAP Support
    Company Database Backup and Restore options
    Regular fixes of Company Database inconsistencies
    Check, Download and Install regular updates in SAP Business One
    Upload Logs and required files to SAP Support or to Partner Support on regular basis
    Some details about RSP Backup Management
    Schedule daily, weekly, and monthly backups
    Perform differential and full database backups
    Back up transaction logs
    Back up files to shared folders on a network
    System Status Report through RSP
    From June 1st 2013, it will be mandatory to install, configure and upload the System Status Report (SSR) from Remote Support Platform (RSP) for SAP Business One in order to receive support for messages of a technical nature (upgrades, performance & crashes, etc).
    Database uploads only via RSP
    From June 1st 2013 SAP Business One Support will only accept database uploads to SAP via remote support platform for SAP Business One. In certain exceptional circumstances STFP may be used but this will constitute a minority of cases.
    Microsoft Windows PowerShell Scripting
    In the remote support platform studio, you can create tasks using Microsoft Windows PowerShell scripting. PowerShell enables you to perform remote administrative tasks on customers’ Microsoft Windows operating systems, by providing full access to Component Object Model (COM) and Windows Management Instrumentation (WMI).Some Network Prerequisite for RSP
    To achieve the internet connection test, you must allow port 80 for the RSP external communication
    Disabling antivirus firewall or add the RSP to the trusted zone of the antivirus
    Set the correct proxy
    Disabling Windows firewall in the TP_link Wireless Configuration Utility
    Want to now More about It Click Here :   Remote Support Platform for SAP Business One

  • Issue regarding supported platforms manual for BO XI 3.1 sp2

    In supported platforms manual for BO XI 3.1 sp2 windows there is a note on page 7 for specific patch level for OAS 10gR3 u201CPlease see release notes on the minimum version supported for Dashboard and Analytics.u201D We try to find on release notes (BOXI 3.1 & BOXI 3.1 sp2) for the exact patch level but there aren't any suggestions.
    Could you please inform about the exact patch level that is needed on OAS 10gR3.

    Hello,
    Many thanks you for your answer.
    Sorry to insist. It is not really clear in the SAP documentation about the minimum level of SAP NetWeaver BI 7.1 required
    for installing "Business Objects XI 3.1 SP2 Integration kit for SAPSolutions.
    Could you please find out (and provide me them) :
    - The minimum BI 7.01 patch level for installing Business Objects XI
    3.1 SP0 Integration kit for SAP Solutions (initial installation
    package).
    - The minimum BI 7.01 patch level for installing Business Objects XI
    3.1 SP2 Integration kit for SAP Solutions
    Thanks in advance
    Best regards

  • I'm running Mac OS X version 10.6.8 How come I get this error message "You are running an operating system that Photoshop no longer supports. Refer to the system requirements for a full list of supported platforms." When I Try to download a FREE trail?

    I'm running Mac OS X version 10.6.8 How come I get this error message "You are running an operating system that Photoshop no longer supports. Refer to the system requirements for a full list of supported platforms." When I Try to download a FREE trail?

    Hi Brizill,
    Please refer to the help document below to understand the technical specifications for the same:
    System requirements | Photoshop
    Regards,
    Sheena

Maybe you are looking for