How to create interfaces for CSR 1000v for GRE tunnels?

Question

Well, my idea is to connect to 4 CSR 1000v routers in different VPC (without VPC peering). I've basically finished with everything with the pre-configuration creating VPCs, subnets IGW, modifying Route Tables ... etc. Then, using IPsec over GRE tunnels, the 4 instances can see each other. (Thanks to @MLu for suggesting this idea).

After having 4 instances and each of them their Primary Network Interfaces is associated with public IP addresses (52.37.168.182 is for CSR1 and 3.41.68.82 is for CSR2). I saw this video where I almost have the same configuration YouTube Video link. I started to configure the tunnel between 2 CSRs 1000v routers, where I created an interface inside the router called Tunnel 0 with its source interface which is here GigabitEthernet 1 so my configuration is the following:

CSR1(config)#interface tunnel 0
CSR1(config-if)#tunnel source GigabitEthernet 1
CSR1(config-if)#tunnel destination 52.37.168.182

CSR2(config)#interface tunnel 0
CSR2(config-if)#tunnel source GigabitEthernet 1
CSR2(config-if)#tunnel destination 3.41.68.82

Then I configured the IP addresses of these both tunnels' interfaces as it shows in the figure below.

CSR1(config)#int tun 0
CSR1(config-if)#ip address 10.10.1.2 255.255.255.252

CSR2(config)#int tun 0
CSR2(config-if)#ip address 10.10.1.1 255.255.255.252

My problem now is that the status of these tunnels' interfaces are down as it shows show ip int br:

Interface              IP-Address      OK? Method Status           Protocol
GigabitEthernet1       172.0.1.10      YES DHCP   up                  up
Tunnel0                10.10.1.1       YES manual up                 down    
VirtualPortGroup0      192.168.35.101  YES NVRAM  up                  up

I realized that I have to create a subnet for the tunnel which I did at the end 10.10.1.0/28 then I created other interfaces in all instances but I was not allowed to associate it with a public IP address because The maximum number of addresses has been reached. in order to change GRE tunnel configuration.

My idea was to attach those new interfaces with a generated public IP address then I will get a new interface which is GigabitEthernet 2 obviously, and I continue the configuration using this new interface GigabitEthernet 2 instead of Tunnel 0, but I'm not allowed to create more Elastic addresses. I'm not sure if I am on the right track.

With this Cisco-specific question you may be better served at our [Network Engineering site](https://networkengineering.stackexchange.com/). — MLu, Dec 07 '18 at 20:57
You should not need multiple external interfaces on a single router in order to create GRE tunnels to multiple remote routers. Multiple tunnels can have the same source interface. — Michael - sqlbot, Dec 08 '18 at 01:33
@Michael-sqlbot for the source is not a problem to create external interfaces. I'm getting confused about why I cannot see the status of `tunnel0` interface in the router is `down`. Shall it be `GigabitEthernet ` ? — Khalil Mebarkia, Dec 08 '18 at 16:19

score 0 · Accepted Answer · answered Jun 13 '19 at 14:25

0

Either VPC peering or Transit Gateway must be set between both VPCs in order to run GRE tunnel.

answered Jun 13 '19 at 14:25

Khalil Mebarkia

129
1
1
13

How to create interfaces for CSR 1000v for GRE tunnels?

1 Answers1