Prerequisites For Configuring Tunnel Interfaces - Cisco 6000 Series Configuration Manual

Interface and hardware component configuration guide for cisconcs 6000 series routers, ios xr release 6.4.x

Hide thumbs Also See for 6000 Series:

Configuration manual (68 pages)

Site planning manual (54 pages)

Hardware installation manual (30 pages)

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

page of 158

/ 158
Contents
Table of Contents
Bookmarks

Table of Contents

Prerequisites for Configuring Tunnel Interfaces

You must be in a user group associated with a task group that includes the proper task IDs. The command

reference guides include the task IDs required for each command. If you suspect user group assignment is

preventing you from using a command, contact your AAA administrator for assistance.

Information About Configuring Tunnel Interfaces

To implement tunnel interfaces, you must understand the following concepts:

Tunnel Interfaces Overview

Tunneling provides a way to encapsulate arbitrary packets inside of a transport protocol. This feature is

implemented as a virtual interface to provide a simple interface for configuration. The tunnel interfaces are

not tied to specific "passenger" or "transport" protocols, but, rather, they represent an architecture that is

designed to provide the services necessary to implement any standard point-to-point encapsulation scheme.

Because supported tunnels are point-to-point links, you must configure a separate tunnel for each link.

There are three necessary steps in configuring a tunnel interface:

1. Specify the tunnel interface—interface tunnel-ipsec identifier

2. Configure the tunnel source—tunnel source {ip-address | interface-id }

3. Configure the tunnel destination—tunnel destination {ip-address | tunnel-id }

Virtual Interface Naming Convention

Virtual interface names never use the physical interface naming notation rack/slot/module/port for identifying

an interface's rack, slot, module, and port, because they are not tied to any physical interface or subinterface.

Virtual interfaces use a globally unique numerical identifier (per virtual interface type).

Examples of naming notation for virtual interfaces:

Interface

Loopback0

Loopback10

Tunnel-TE5000

Null10

Tunnel-IPSec Overview

IPSec (IP security) is a framework of open standards for ensuring secure private communications over the

Internet. It can be used to support Virtual Private Network (VPN), firewalls, and other applications that must

transfer data across a public or insecure network. The router IPSec protocol suite provides a set of standards

that are used to provide privacy, integrity, and authentication service at the IP layer. The IPSec protocol suite

also includes cryptographic techniques to support the key management requirements of the network-layer

security.

Interface and Hardware Component Configuration Guide for Cisco NCS 6000 Series Routers, IOS XR Release 6.4.x

124

IP-Address

Status

10.9.0.0

10.7.0.0

172.18.189.38

Down

10.8.0.0

Configuring Tunnel Interfaces

Protocol

Down

Table of Contents

Chapters

Table of Contents

Prerequisites For Configuring Tunnel Interfaces - Cisco 6000 Series Configuration Manual

Prerequisites for Configuring Tunnel Interfaces

Chapters

Related Manuals for Cisco 6000 Series

Related Content for Cisco 6000 Series

Table of Contents