Administrator Guide
The following sample configuration shows how to configure a tunnel allow-remote address.
Dell(conf)#interface tunnel 1
Dell(conf-if-tu-1)#ipv6 address 1abd::1/64
Dell(conf-if-tu-1)#ip address 1.1.1.1/24
Dell(conf-if-tu-1)#tunnel source 40.1.1.1
Dell(conf-if-tu-1)#tunnel mode ipip decapsulate-any
Dell(conf-if-tu-1)#tunnel allow-remote 40.1.1.2
Dell(conf-if-tu-1)#no shutdown
Dell(conf-if-tu-1)#show config
!
interface Tunnel 1
ip address 1.1.1.1/24
ipv6 address 1abd::1/64
tunnel source 40.1.1.1
tunnel allow-remote 40.1.1.2
tunnel mode ipip decapsulate-any
no shutdown
Configuring Tunnel source anylocal Decapsulation
The tunnel source anylocal command allows a multipoint receive-only tunnel to decapsulate tunnel packets addressed to any
IPv4 or IPv6 (depending on the tunnel mode) address configured on the switch that is operationally UP.
The source anylocal parameters can be used for packet decapsulation instead of the ip address or interface (tunnel allow-
remote command), but only on multipoint receive-only mode tunnels.
The following sample configuration shows how to use the tunnel source anylocal command.
Dell(conf)#interface tunnel 1
Dell(conf-if-tu-1)#ipv6 address 1abd::1/64
Dell(conf-if-tu-1)#ip address 1.1.1.1/24
Dell(conf-if-tu-1)#tunnel source anylocal
Dell(conf-if-tu-1)#tunnel mode ipip decapsulate-any
Dell(conf-if-tu-1)#tunnel allow-remote 40.1.1.2
Dell(conf-if-tu-1)#no shutdown
Dell(conf-if-tu-1)#show config
!
interface Tunnel 1
ip address 1.1.1.1/24
ipv6 address 1abd::1/64
tunnel source anylocal
tunnel allow-remote 40.1.1.2
tunnel mode ipip decapsulate-any
no shutdown
Multipoint Receive-Only Tunnels
A multipoint receive-only IP tunnel decapsulates packets from remote end-points and never forwards packets on the tunnel. You can
configure an additional level of security on a receive-only IP tunnel by specifying a valid prefix or range of remote peers.
The operational status of a multipoint receive-only tunnel interface always remains up. Packets from the remote addresses configured for
a multipoint receive-only tunnel are decapsulated and are not marked for neighbor resolution as for a standard tunnel’s destination
address. Connected routes for the tunnel interface’s IP subnet do not point towards the tunnel but towards the switch CPU for the
receive-only tunnel. The tunnel interface can function as an unnumbered interface with no IPv4/IPv6 address assigned.
Guidelines for Configuring Multipoint Receive-Only
Tunnels
• You can configure up to eight remote end-points for a multipoint receive-only tunnel. The maximum number of remote end-points
supported for all multipoint receive-only tunnels on the switch depends on the hardware table size to setup termination.
• The IP MTU configured on the physical interface determines how multiple nested encapsulated packets are handled in a multipoint
receive-only tunnel.
Tunneling
929