Users Guide
!
interface Tunnel 1
ip address 1.1.1.1/24
ipv6 address 1abd::1/64
tunnel source anylocal
tunnel allow-remote 40.1.1.2
tunnel mode ipip decapsulate-any
no shutdown
Guidelines for Conguring Multipoint Receive-Only
Tunnels
• You can congure up to eight remote end-points for a multipoint receive-only tunnel. The maximum number of remote end-points
supported for all multipoint receive-only tunnels on the switch depends on the hardware table size to setup termination.
• The IP MTU congured on the physical interface determines how multiple nested encapsulated packets are handled in a multipoint
receive-only tunnel.
• Control-plane packets received on a multipoint receive-only tunnel are destined to the local IP address and routed to the CPU after
decapsulation. A response to these packets from the switch is only possible if the route to the sender does not pass through a receive-
only tunnel.
• Multipathing over more than one VLAN interface is not supported on packets routed through the tunnel interface.
• IP tunnel interfaces are supported over ECMP paths to the next hop. ECMP paths over IP tunnel interfaces are supported. ARP and
neighbor resolution for the IP tunnel next-hop are supported.
Multipoint Receive-Only Tunnels
A multipoint receive-only IP tunnel decapsulates packets from remote end-points and never forwards packets on the tunnel. You can
congure an additional level of security on a receive-only IP tunnel by specifying a valid prex or range of remote peers.
The operational status of a multipoint receive-only tunnel interface always remains up. Packets from the remote addresses congured for a
multipoint receive-only tunnel are decapsulated and are not marked for neighbor resolution as for a standard tunnel’s destination address.
Connected routes for the tunnel interface’s IP subnet do not point towards the tunnel but towards the switch CPU for the receive-only
tunnel. The tunnel interface can function as an unnumbered interface with no IPv4/IPv6 address assigned.
820
Tunneling