Administrator Guide
tunnel source anylocal
tunnel allow-remote 40.1.1.2
tunnel mode ipip decapsulate-any
no shutdown
Guidelines for Configuring Multipoint Receive-
Only Tunnels
• You can configure up to eight remote end-points for a multipoint receive-only tunnel. The maximum number of remote end-points
supported for all multipoint receive-only tunnels on the switch depends on the hardware table size to setup termination.
• The IP MTU configured on the physical interface determines how multiple nested encapsulated packets are handled in a multipoint
receive-only tunnel.
• Control-plane packets received on a multipoint receive-only tunnel are destined to the local IP address and routed to the CPU after
decapsulation. A response to these packets from the switch is only possible if the route to the sender does not pass through a receive-
only tunnel.
• Multipathing over more than one VLAN interface is not supported on packets routed through the tunnel interface.
• IP tunnel interfaces are supported over ECMP paths to the next hop. ECMP paths over IP tunnel interfaces are supported. ARP and
neighbor resolution for the IP tunnel next-hop are supported.
Multipoint Receive-Only Tunnels
A multipoint receive-only IP tunnel decapsulates packets from remote end-points and never forwards packets on the tunnel. You can
configure an additional level of security on a receive-only IP tunnel by specifying a valid prefix or range of remote peers.
The operational status of a multipoint receive-only tunnel interface always remains up. Packets from the remote addresses configured for
a multipoint receive-only tunnel are decapsulated and are not marked for neighbor resolution as for a standard tunnel’s destination
address. Connected routes for the tunnel interface’s IP subnet do not point towards the tunnel but towards the switch CPU for the
receive-only tunnel. The tunnel interface can function as an unnumbered interface with no IPv4/IPv6 address assigned.
Tunneling
871