Sometimes we need to force a GRE or IPSEC tunnel to start, especially in a dynamic IP environment. Using dynamic crypto maps or NHRP, as long as there is one static IP to be used as a hub, you can force the edges to dial in. The problem sometimes is how to get them to dial in after a remote reset or power outage. It may be that you need to connect from the hub to the spoke but cannot do so until it dials.
One great method suggested by Scott Hofer at Intelepeer was to use NTP. This works well because you can force NTP to bind to a particular source interface and use the tunneled endpoints as master/client.
Sometimes this may not work if you need NTP bound to another interface. In this case using Cisco's service level agreement set works well as you can create many groups. Additionally you can use 'track' to manipulate static routes or execute other methods should it time out. In this way, you could force dial up backup routes, but with very specific constraints. More on that later, but below is a sample to force encourage a tunnel to connect.
ip sla 4
icmp-echo 10.10.10.2 source-interface fast 4/0
threshold 100
timeout 200
frequency 5
ip sla schedule 4 life forever start-time now
Google+
DaTweets
John Spade
DaSpadeR
Loading...
Last 4 tweets from DaSpadeR:
Disclaimer
I didn't know.
‹