JUNOSe 9.1.x IP Services Configuration Guide > Configuring Dynamic IP Tunnels > Configuring a Destination Profile for Dynamic IP Tunnels

Configuring a Destination Profile for Dynamic IP Tunnels

The tasks in this section describe how to configure a destination profile for dynamic IP tunnels.

Modifying the Default Destination Profile

Default destination profiles for GRE and DVMRP are generated at system startup. The system supports only one default GRE destination profile and one default DVMRP destination profile.

The default destination profile enables the application to automatically create dynamic IP tunnels without user configuration for any virtual router, destination address, or source address.

By default, the data MDT application is disabled in the default destination profiles. The Mobile IP application can use the default destination profile. You can modify the configuration of the default destination profiles.

Modifying the Configuration of the Default Destination Profile

To modify the configuration in the default destination profile:

1. Specify the default destination profile for GRE or DVMRP.

host1(config)#gre destination profile global any-virtual-router 

2. Modify the options for the default destination profile.

host1(config-dest-profile)#tunnel mtu 5000

host1(config-dest-profile)#tunnel checksum

 NOTE: You cannot configure a tunnel source, tunnel destination, or virtual router in the default destination profile.



 

Configuring a Destination Profile for GRE Tunnels

To configure a destination profile for dynamic GRE tunnels:

1. Configure a destination profile for GRE.

host1(config-dest-profile)#gre destination profile kanata1 virtual-router vr1

2. Set the source address for the tunnel.

host1(config-dest-profile)#tunnel source 1.1.1.1

3. Set the destination address for the tunnel.

host1(config-dest-profile)#tunnel destination subnet 10.0.0.0 255.0.0.0

4. (Optional) Set the maximum transmission unit (MTU) size for the tunnel.

host1(config-dest-profile)#tunnel mtu 10240

5. (Optional) Configure an IP profile with parameters that are used to stack an upper IP interface over a dynamic GRE tunnel.

host1(config-dest-profile)#profile ip-kanata

6. (Optional) Enable error checking across a GRE tunnel.

host1(config-dest-profile)#tunnel checksum

7. (Optional) Enable sequence number generation for a GRE tunnel.

host1(config-dest-profile)#tunnel sequence-datagrams

8. (Optional) Enable IPSec transport mode.

host1(config-dest-profile)#enable ipsec-transport

9. (Optional) Create a multicast VPN tunnel.

host1(config-dest-profile)#tunnel mdt profile kanata-mdt

Creating a Destination Profile for DVMRP Tunnels

To configure a destination profile for dynamic DVMRP tunnels:

1. Configure a destination profile for DVMRP.

host1(config-dest-profile)#dvmrp destination profile kanata1 virtual-router vr1

2. Set the source address for the tunnel.

host1(config-dest-profile)#tunnel source 1.1.1.1

3. Set the destination address for the tunnel.

host1(config-dest-profile)#tunnel destination subnet 10.0.0.0 255.0.0.0

4. (Optional) Set the maximum transmission unit (MTU) size for the tunnel.

host1(config-dest-profile)#tunnel mtu 10240

5. (Optional) Configure an IP profile with parameters that are used to stack an upper IP interface over a dynamic DVMRP tunnel.

host1(config-dest-profile)#profile ip-kanata

6. (Optional) Enable IPSec transport mode.

host1(config-dest-profile)#enable ipsec-transport

7. (Optional) Create a multicast VPN tunnel.

host1(config-dest-profile)#tunnel mdt profile kanata-mdt

dvmrp destination profile

• Use to configure a destination profile for dynamic DVMRP tunnels.
• Use the any-virtual-router keyword to create a default destination profile for all virtual routers. There can only be one default destination profile defined in the system.
• Use the virtual-router keyword to specify a specific transport virtual router.
• Example

host1(config)#dvmrp destination profile kanata1

• Use the no version to delete the destination profile.

enable ipsec-transport

• Use to specify that the router accepts only dynamic IP tunnels protected by an IPSec transport connection.
• This command is supported in the destination profile only when you have installed an ISM on ERX routers.
• Example

host1(config-dest-profile)#enable ipsec-transport

• Use the no version to disable IPSec transport mode.

gre destination profile

• Use to configure a destination profile for dynamic GRE tunnels.
• Use the any-virtual-router keyword to create a default destination profile for all virtual routers. There can only be one default destination profile defined in the system.
• Use the virtual-router keyword to specify a specific transport virtual router.
• Example

host1(config)#gre destination profile kanata2

• Use the no version to delete the destination profile.

profile

• Use to assign an IP profile with parameters that are used to stack an upper IP interface over a dynamic GRE or DVMRP tunnel to the destination profile.
• Example

host1(config-dest-profile)#profile ip-kanata

• Use the no version to remove the profile assignment from the destination profile.

tunnel checksum

• Use to enable checksum computation across a GRE tunnel.
• Checksum computation is not supported for DVMRP tunnels.
• Selecting this feature causes the E-series router to drop corrupted packets it receives on the tunnel interface.
• Example

host1(config-dest-profile)#tunnel checksum

• Use the no version to disable the checksum option.

tunnel destination

• Use to configure the remote end of the tunnel.
• Specify the IP address of an interface on the remote router or the range of destination addresses:

• Use the subnet keyword to configure the IP address for the destination interface and the mask.
• Use the range keyword to configure the first IP address and the last IP address of the destination interface range

• Example 1—Specifies an IP address and mask for the destination interface

host1(config-dest-profile)#tunnel destination subnet 192.13.7.1 255.0.0.0

• Example 2—Specifies a range of IP addresses for the destination interface

host1(config-dest-profile)#tunnel destination range 192.13.7.1 192.13.7.20

• Use the no version to remove the destination of a tunnel.

tunnel mdt profile

• Use to enable multicast distribution tree operation so the IP tunnel component can create an MDT interface.
• The command defines an IP profile with parameters that are used to stack an upper IP interface over a dynamic GRE or DVMRP tunnel.
• Example

host1(config-dest-profile)#tunnel mdt profile kanata-mdt

• Use the no version to disable MDT on the interface.

tunnel sequence-datagrams

• Use to enable GRE sequence numbers.
• Specify GRE sequence numbers at both ends of the GRE tunnel.
• Example

host1(config-dest-profile)#tunnel sequence-datagrams

• Use the no version to disable sequence numbers.

tunnel source

• Use to configure the source of the tunnel.
• Specify either the primary IP address or the type and specifier of an interface. Do not specify an unnumbered interface.
• You can configure multiple sources in a GRE destination profile or a DVMRP destination profile.
• Example

host1(config-dest-profile)#tunnel source 11.11.11.11

• Use the no version to remove the source of a tunnel.