Viewing Tunnel Status

Problem

You want to check the status of a tunnel.

Solution

You can look at the attributes for a tunnel with the show interface command.

Router1#show interface Tunnel5

And the easiest way to determine if a tunnel is operational is simply to use a PING test to either the send ICMP packets through the tunnel or to its destination address:

Router1#ping 192.168.66.6
Router1#ping 172.22.1.4

 

Discussion

You can use the standard show interface command on a tunnel interface to see a considerable amount of useful information about it:

Router1#show interface Tunnel5
Tunnel5 is up, line protocol is up 
 Hardware is Tunnel
 Internet address is 192.168.66.5/30
 MTU 1514 bytes, BW 9 Kbit, DLY 500000 usec, 
 reliability 255/255, txload 1/255, rxload 1/255
 Encapsulation TUNNEL, loopback not set
 Keepalive not set
 Tunnel source 172.22.1.3, destination 172.22.1.4
 Tunnel protocol/transport GRE/IP, key disabled, sequencing disabled
 Tunnel TTL 255
 Checksumming of packets disabled, fast tunneling enabled
 Last input 1d19h, output 00:00:06, output hang never
 Last clearing of "show interface" counters never
 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 79
 Queueing strategy: fifo
 Output queue: 0/0 (size/max)
 5 minute input rate 0 bits/sec, 0 packets/sec
 5 minute output rate 0 bits/sec, 0 packets/sec
 2536 packets input, 1386605 bytes, 0 no buffer
 Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
 23235 packets output, 2036436 bytes, 0 underruns
 0 output errors, 0 collisions, 0 interface resets
 0 output buffer failures, 0 output buffers swapped out
Router1#

As you can see from this output, the show interface command tells you what the tunnel's source and destination IP addresses are. You can see the input and output rate, as well as the total number of packets and bytes both sent and received on this tunnel interface. The output also shows that we are using the default GRE tunnel protocol, and we have not enabled checksums or keepalives on this tunnel.

There is only one serious problem with this output. Because we have not enabled keepalives, as we discussed in Recipe 12.1, the show interface command will almost always show the tunnel interface as being in an up state. As we mentioned in Recipe 12.1, the router will temporarily bring the tunnel interface down in response to recursive routing situations, and you can also use the shutdown command to disable a tunnel as you would with any other interface. However, usually the tunnel interface will appear to be in an up state, even if the router can't reach the tunnel destination router.

If you are running an IOS level that supports keepalives on tunnels, you can enable that feature. Then the show interface command will give a more realistic view of the tunnel's status. But without that feature, the easiest way to see if a tunnel is working is to simply ping through it:

Router1#ping 192.168.66.6

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.66.6, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/14/20 ms
Router1#

Or, alternatively, you can ping the destination IP address of the tunnel:

Router1#ping 172.22.1.4

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.66.6, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/14/20 ms
Router1#

 

See Also

Recipe 12.1





Cisco IOS Cookbook
Cisco IOS Cookbook (Cookbooks (OReilly))
ISBN: 0596527225
EAN: 2147483647
Year: 2004
Pages: 505
Simiral book on Amazon

Flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net