GRE - Recursive routing error
When deploying a GRE tunnel, and configuring routing, one must be careful not to create the situation where a recursive routing error occurs. Such an error occurs when a routing protocol chooses the GRE tunnel as the path to the tunnel's own endpoint.
Examine the following topology:
R1 and R3 have created a GRE tunnel between them, with the 192.168.12.1 and the 192.168.23.3 addresses as the tunnel endpoints on each router respectively. Routing has been established between R1, R2, and R3 via OSPF, and this routing is necessary so that the tunnel itself can be created and maintained. R1 and R3 must be able to reach each other's tunnel endpoints.
Now imagine that the created tunnel has a subnet of 192.168.13.0/24 and the tunnel interfaces on R1 and R3 are assigned the .1 and .3 addresses of this range.
Now imagine that R1 has in its routing table a route to reach the 192.168.23.3 host via a next hop of 192.168.13.3. In other words, R1 will reach the tunnel endpoint through the tunnel itself. In other words, the tunnel is trying to reach its other endpoint via the tunnel. This is a recursive routing error. The following Syslog message will appear, and the GRE tunnel will be torn down:
%TUN-5-RECURDOWN: Tunnel0 temporarily disabled due to recursive routing
To resolve this error, the following solutions can be used:
- Don't advertise the tunnel destination IP address on the tunnel interface. An example of how to do this can be found at GRE - Recursive routing error - filtering solution
- Make sure the AD of the tunnel destination IP address through the tunnel is higher (worse) than what you have in the routing table. An example of this solution can be found at GRE - Recursive routing error - AD solution.
- Make sure the metric to the tunnel destination IP address through the tunnel is worse than what you have in the routing table. This solution is found in the link to the lesson below.