SlideShare a Scribd company logo

GRE (generic routing encapsulation)

Netwax Lab
Netwax Lab

Tunneling provides a mechanism to transport packets of one protocol within another protocol. The protocol that is carried is called as the passenger protocol, and the protocol that is used for carrying the passenger protocol is called as the transport protocol. Generic Routing Encapsulation (GRE) is one of the available tunneling mechanisms which uses IP as the transport protocol and can be used for carrying many different passenger protocols. The tunnels behave as virtual point-to-point links that have two endpoints identified by the tunnel source and tunnel destination addresses at each endpoint.

Technology
1 of 7
Download to read offline
GRE (Generic Routing Encapsulation) Tunneling provides a mechanism to transport packets of one protocol within another protocol. The protocol that is carried is called as the passenger protocol, and the protocol that is used for carrying the passenger protocol is called as the transport protocol. Generic Routing Encapsulation (GRE) is one of the available tunneling mechanisms which uses IP as the transport protocol and can be used for carrying many different passenger protocols. The tunnels behave as virtual point-to-point links that have two endpoints identified by the tunnel source and tunnel destination addresses at each endpoint. GRE encapsulates packets into IP packets and redirects them to an intermediate host, where they are de-encapsulated and routed to their final destination. Generic Routing Encapsulation (GRE) is a tunneling protocol developed by Cisco Systems. GRE is described in RFC 2784 (obsoletes earlier RFCs 1701 and 1702). The switches support RFC 2784, but not completely. The below diagram shows encapsulation process of GRE packet as it traversers the router and enters the tunnel interface: GRE Tunneling Data is routed by the system to the GRE endpoint over routes established in the route table. (These routes can be statically configured or dynamically learned by routing protocols such as RIP or OSPF.) When a data packet is received by the GRE endpoint, it is de-encapsulated and routed again by means of the endpoint configuration to the destination address of the tunnel. In this way, each data packet traveling over the GRE tunnel gets routed through the system twice. Because GRE tunnels are stateless, the endpoint of the tunnel contains no information about the state or availability of the remote tunnel endpoint. Therefore, the switch operating as a tunnel source router cannot change the state of the GRE tunnel interface to down if the remote endpoint is unreachable. Figure 1 GRE Encapsulation Process
GRE (Generic Routing Encapsulation)  Encapsulation and De-Encapsulation Encapsulation— A Router operating as a tunnel source router encapsulates and forwards GRE packets as follows: 1. When a Router receives a data packet (payload) to be tunneled, it sends the packet to the tunnel interface. 2. The tunnel interface encapsulates the data in a GRE packet. 3. The system encapsulates the GRE packet in an IP packet. 4. The IP packet is forwarded based on its destination address and routing table. De-encapsulation— A Router operating as a tunnel remote router handles GRE packets as follows: 1. When the destination Router receives the IP packet from the tunnel interface, the Router checks the destination address. 2. The IP header is removed, and the packet is submitted to the GRE protocol. 3. The GRE protocol strips off the GRE header and submits the payload packet for forwarding.  Number of Source and Destination Tunnels Allowed on a Switch Depending on your network, you can configure up to approximately 500 GRE tunnels to operate between switches transmitting IPv4 or IPv6 payload packets over GRE. If a passenger protocol in addition to IPv4 and IPv6 is used, you can configure up to approximately 333 GRE tunnels between the switches. A switch can have a maximum of 20 tunnel source IP addresses configured, and each tunnel source IP can be configured with up to 20 destination IP addresses on a second switch. As a result, the two connected switches can have a maximum of 400 GRE tunnels. If the first switch is also connected to a third switch, the possible maximum number of tunnels can reach 500. Example Uses 1. In conjunction with PPTP(point to point tunnel protocol) to create VPNs. 2. In conjunction with IPsec VPNs to allow passing of routing information between connected networks. 3. In Mobility protocols. 4. In A8/A10 interfaces to encapsulate IP data to/from Packet Control Function (PCF). 5. Linux and BSD can establish ad-hoc IP over GRE tunnels which are interoperable with Cisco equipment. 6. Aruba Access Points use GRE tunnels to establish a connection with their respective Aruba Mobility Controller. User data is transferred through this tunnel.
GRE (Generic Routing Encapsulation) 7. Distributed denial of service (DDoS) protected appliance to an unprotected endpoint. Example protocol stack OSI model layer Protocol 5. Session X.225 4. Transport UDP 3. Network (GRE-encapsulated) IPv6 Encapsulation GRE 3. Network IPv4 2. Data Link Ethernet 1. Physical Ethernet physical layer Based on the principles of protocol layering in OSI, protocol encapsulation, not specifically GRE, breaks the layering order. It may be viewed as a separator between two different protocol stacks, one acting as a carrier for another. Packet Header  Standard GRE Packet Header A standard GRE packet header structure, as defined by RFC 2784 and RFC 2890, is represented in the diagram below. Bits 0–3 4–12 13–15 16–31 C K S Reserved0 Version Protocol Type Checksum (optional) Reserved1 (optional) Key (optional) Sequence Number (optional)
GRE (Generic Routing Encapsulation) a) C: Checksum bit. Set to 1 if a checksum is present. b) K: Key bit. Set to 1 if a key is present. c) S: Sequence number bit. Set to 1 if a sequence number is present. d) Reserved0: Reserved bits; set to 0. e) Version: GRE Version number; set to 0. f) Protocol Type: Indicates the ether protocol type of the encapsulated payload. (For IPv4, this would be hex 0800.) g) Checksum: Present if the C bit is set; contains the checksum for the GRE header and payload. h) Reserved1: Present if the C bit is set; is set to 0. i) Key: Present if the K bit is set; contains an application-specific key value. j) Sequence Number: Present if the S bit is set; contains a sequence number for the GRE packet.  PPTP GRE Packet Header The Point-to-Point Tunneling Protocol (PPTP), defined in RFC 2637, uses a variant GRE packet header structure, represented below. PPTP creates a GRE tunnel through which the PPTP GRE packets are sent. Bits 0–4 5–7 8 9-12 13–15 16–31 C R K S s Recur A Flags Version Protocol Type Key Payload Length Key Call ID Sequence Number (optional) Acknowledgement Number (optional) a) C: Checksum bit. For PPTP GRE packets, this is set to 0. b) R: Routing bit. For PPTP GRE packets, this is set to 0. c) K: Key bit. For PPTP GRE packets, this is set to 1. (All PPTP GRE packets carry a key.) d) S: Sequence number bit. Set to 1 if a sequence number is supplied, indicating a PPTP GRE data packet. e) s: Strict source route bit. For PPTP GRE packets, this is set to 0. f) Recur: Recursion control bits. For PPTP GRE packets, these are set to 0. g) A: Acknowledgement number present. Set to 1 if an acknowledgement number is supplied, indicating a PPTP GRE acknowledgement packet. h) Flags: Flag bits. For PPTP GRE packets, these are set to 0. i) Version: GRE Version number. For PPTP GRE packets, this is set to 1. j) Protocol Type: For PPTP GRE packets, this is set to hex 880B.
GRE (Generic Routing Encapsulation) k) Key Payload Length: Contains the size of the payload, not including the GRE header. l) Key Call ID: Contains the Peer's Call ID for the session to which the packet belongs. m) Sequence Number: Present if the S bit is set; contains the GRE payload sequence number. n) Acknowledgement Number: Present if the A bit is set; contains the sequence number of the highest GRE payload packet received by the sender. Example (GRE Tunnel over S2S VPN) (Note: 1. R2 and R3 must able to ping each other. 2. Tunnel ip is must to ping each other.) R2 int t0 ip add 192.168.1.1 255.255.255.0 tunnel source se0/0 tunnel destination 102.1.1.100 exit router eigrp 100 network 192.168.1.0 0.0.0.255 network 192.10.1.0 0.0.0.255 network 192.10.2.0 0.0.0.255 network 192.10.3.0 0.0.0.255 Figure 2 Topology
GRE (Generic Routing Encapsulation) network 192.10.4.0 0.0.0.255 no auto-summary exit crypto isakmp policy 10 authentication pre-share encryption 3des group 2 hash sha lifetime 1800 exit crypto ipsec transform-set tset esp-sha-hmac esp-3des exit crypto isakmp key cisco add 102.1.1.100 crypto ipsec profile IPSEC set transform-set tset exit int t0 tunnel mode ipsec ipv4 tunnel protection ipsec profile IPSEC exit R3 int t0 ip add 192.168.1.2 255.255.255.0 tunnel source se0/0 tunnel destination 101.1.1.100 exit router eigrp 100 network 192.168.1.0 0.0.0.255 network 192.20.1.0 0.0.0.255 network 192.20.2.0 0.0.0.255 network 192.20.3.0 0.0.0.255 network 192.20.4.0 0.0.0.255 no auto-summary
GRE (Generic Routing Encapsulation) exit crypto isakmp policy 10 authentication pre-share encryption 3des group 2 hash sha lifetime 1800 exit crypto ipsec transform-set tset esp-sha-hmac esp-3des exit crypto isakmp key cisco add 101.1.1.100 crypto ipsec profile IPSEC set transform-set tset exit int t0 tunnel mode ipsec ipv4 tunnel protection ipsec profile IPSEC exit

Recommended

GRE (Generic Routing Encapsulation)
GRE (Generic Routing Encapsulation)GRE (Generic Routing Encapsulation)
GRE (Generic Routing Encapsulation)
NetProtocol Xpert
 
Nxll26 bgp ii
Nxll26 bgp iiNxll26 bgp ii
Nxll26 bgp ii
Netwax Lab
 
CCNA 2 Routing and Switching v5.0 Chapter 6
CCNA 2 Routing and Switching v5.0 Chapter 6CCNA 2 Routing and Switching v5.0 Chapter 6
CCNA 2 Routing and Switching v5.0 Chapter 6
Nil Menon
 
GRE Tunnel Configuration
GRE Tunnel ConfigurationGRE Tunnel Configuration
GRE Tunnel Configuration
NetProtocol Xpert
 
Ospf.ppt
Ospf.pptOspf.ppt
Ospf.ppt
Edgardo Scrimaglia
 
Is is
Is isIs is
Is is
Irham Nurhalim
 
CCNAv5 - S4: Chapter 5: Network Address Translation for ipv4
CCNAv5 - S4: Chapter 5: Network Address Translation for ipv4CCNAv5 - S4: Chapter 5: Network Address Translation for ipv4
CCNAv5 - S4: Chapter 5: Network Address Translation for ipv4
Vuz Dở Hơi
 
Chapter 8 - IP Subnetting, Troubleshooting and Introduction to NAT 9e
Chapter 8 - IP Subnetting, Troubleshooting and Introduction to NAT 9eChapter 8 - IP Subnetting, Troubleshooting and Introduction to NAT 9e
Chapter 8 - IP Subnetting, Troubleshooting and Introduction to NAT 9e
adpeer
 

Recommended

GRE (Generic Routing Encapsulation)
GRE (Generic Routing Encapsulation)GRE (Generic Routing Encapsulation)
GRE (Generic Routing Encapsulation)
NetProtocol Xpert
 
Nxll26 bgp ii
Nxll26 bgp iiNxll26 bgp ii
Nxll26 bgp ii
Netwax Lab
 
CCNA 2 Routing and Switching v5.0 Chapter 6
CCNA 2 Routing and Switching v5.0 Chapter 6CCNA 2 Routing and Switching v5.0 Chapter 6
CCNA 2 Routing and Switching v5.0 Chapter 6
Nil Menon
 
GRE Tunnel Configuration
GRE Tunnel ConfigurationGRE Tunnel Configuration
GRE Tunnel Configuration
NetProtocol Xpert
 
Ospf.ppt
Ospf.pptOspf.ppt
Ospf.ppt
Edgardo Scrimaglia
 
Is is
Is isIs is
Is is
Irham Nurhalim
 
CCNAv5 - S4: Chapter 5: Network Address Translation for ipv4
CCNAv5 - S4: Chapter 5: Network Address Translation for ipv4CCNAv5 - S4: Chapter 5: Network Address Translation for ipv4
CCNAv5 - S4: Chapter 5: Network Address Translation for ipv4
Vuz Dở Hơi
 
Chapter 8 - IP Subnetting, Troubleshooting and Introduction to NAT 9e
Chapter 8 - IP Subnetting, Troubleshooting and Introduction to NAT 9eChapter 8 - IP Subnetting, Troubleshooting and Introduction to NAT 9e
Chapter 8 - IP Subnetting, Troubleshooting and Introduction to NAT 9e
adpeer
 
Mpls L3_vpn
Mpls L3_vpnMpls L3_vpn
Mpls L3_vpn
Reza Farahani
 
CCNA 1 Routing and Switching v5.0 Chapter 3
CCNA 1 Routing and Switching v5.0 Chapter 3CCNA 1 Routing and Switching v5.0 Chapter 3
CCNA 1 Routing and Switching v5.0 Chapter 3
Nil Menon
 
CCNAv5 - S4: Chapter3 Point to-point Connections
CCNAv5 - S4: Chapter3 Point to-point ConnectionsCCNAv5 - S4: Chapter3 Point to-point Connections
CCNAv5 - S4: Chapter3 Point to-point Connections
Vuz Dở Hơi
 
CCNA Advanced Routing Protocols
CCNA Advanced Routing ProtocolsCCNA Advanced Routing Protocols
CCNA Advanced Routing Protocols
Dsunte Wilson
 
CCNA 2 Routing and Switching v5.0 Chapter 4
CCNA 2 Routing and Switching v5.0 Chapter 4CCNA 2 Routing and Switching v5.0 Chapter 4
CCNA 2 Routing and Switching v5.0 Chapter 4
Nil Menon
 
Chapter 10 - DHCP
Chapter 10 - DHCPChapter 10 - DHCP
Chapter 10 - DHCP
Yaser Rahmati
 
CCNA 2 Routing and Switching v5.0 Chapter 5
CCNA 2 Routing and Switching v5.0 Chapter 5CCNA 2 Routing and Switching v5.0 Chapter 5
CCNA 2 Routing and Switching v5.0 Chapter 5
Nil Menon
 
CCNA Routing Protocols
CCNA Routing ProtocolsCCNA Routing Protocols
CCNA Routing Protocols
Dsunte Wilson
 
HSRP ccna
HSRP ccna HSRP ccna
HSRP ccna
MohamedJafar5
 
Policy Based Routing (PBR)
Policy Based Routing (PBR)Policy Based Routing (PBR)
Policy Based Routing (PBR)
KHNOG
 
Border Gateway Protocol
Border Gateway ProtocolBorder Gateway Protocol
Border Gateway Protocol
Kashif Latif
 
03 ospf
03 ospf 03 ospf
03 ospf
Claudio Francisco Joaquim Joaquim
 
Chapter 17 : static routing
Chapter 17 : static routingChapter 17 : static routing
Chapter 17 : static routing
teknetir
 
NAT Ccna
NAT CcnaNAT Ccna
NAT Ccna
singhsukdeep
 
Ccnp workbook network bulls
Ccnp workbook network bullsCcnp workbook network bulls
Ccnp workbook network bulls
Swapnil Kapate
 
Cisco ospf
Cisco ospf Cisco ospf
Cisco ospf
sarasanandam
 
MPLS Tutorial
MPLS TutorialMPLS Tutorial
MPLS Tutorial
kennedy Ochieng Ndire
 
STP (spanning tree protocol)
STP (spanning tree protocol)STP (spanning tree protocol)
STP (spanning tree protocol)
Netwax Lab
 
Routing basics/CEF
Routing basics/CEFRouting basics/CEF
Routing basics/CEF
Dmitry Figol
 
Cisco Live Milan 2015 - BGP advance
Cisco Live Milan 2015 - BGP advanceCisco Live Milan 2015 - BGP advance
Cisco Live Milan 2015 - BGP advance
Bertrand Duvivier
 
Gre tunnel pdf
Gre tunnel pdfGre tunnel pdf
Gre tunnel pdf
Rajesh Porwal
 
MPLS
MPLSMPLS
MPLS
Saif Ullah Khan
 

More Related Content

What's hot

CCNA Advanced Routing Protocols
CCNA Advanced Routing ProtocolsCCNA Advanced Routing Protocols
CCNA Advanced Routing Protocols
Dsunte Wilson
 
CCNA Routing Protocols
CCNA Routing ProtocolsCCNA Routing Protocols
CCNA Routing Protocols
Dsunte Wilson
 
Border Gateway Protocol
Border Gateway ProtocolBorder Gateway Protocol
Border Gateway Protocol
Kashif Latif
 
Chapter 17 : static routing
Chapter 17 : static routingChapter 17 : static routing
Chapter 17 : static routing
teknetir
 

What's hot (20)

Mpls L3_vpn
Mpls L3_vpnMpls L3_vpn
Mpls L3_vpn
 
CCNA 1 Routing and Switching v5.0 Chapter 3
CCNA 1 Routing and Switching v5.0 Chapter 3CCNA 1 Routing and Switching v5.0 Chapter 3
CCNA 1 Routing and Switching v5.0 Chapter 3
 
CCNAv5 - S4: Chapter3 Point to-point Connections
CCNAv5 - S4: Chapter3 Point to-point ConnectionsCCNAv5 - S4: Chapter3 Point to-point Connections
CCNAv5 - S4: Chapter3 Point to-point Connections
 
CCNA Advanced Routing Protocols
CCNA Advanced Routing ProtocolsCCNA Advanced Routing Protocols
CCNA Advanced Routing Protocols
 
CCNA 2 Routing and Switching v5.0 Chapter 4
CCNA 2 Routing and Switching v5.0 Chapter 4CCNA 2 Routing and Switching v5.0 Chapter 4
CCNA 2 Routing and Switching v5.0 Chapter 4
 
Chapter 10 - DHCP
Chapter 10 - DHCPChapter 10 - DHCP
Chapter 10 - DHCP
 
CCNA 2 Routing and Switching v5.0 Chapter 5
CCNA 2 Routing and Switching v5.0 Chapter 5CCNA 2 Routing and Switching v5.0 Chapter 5
CCNA 2 Routing and Switching v5.0 Chapter 5
 
CCNA Routing Protocols
CCNA Routing ProtocolsCCNA Routing Protocols
CCNA Routing Protocols
 
HSRP ccna
HSRP ccna HSRP ccna
HSRP ccna
 
Policy Based Routing (PBR)
Policy Based Routing (PBR)Policy Based Routing (PBR)
Policy Based Routing (PBR)
 
Border Gateway Protocol
Border Gateway ProtocolBorder Gateway Protocol
Border Gateway Protocol
 
03 ospf
03 ospf 03 ospf
03 ospf
 
Chapter 17 : static routing
Chapter 17 : static routingChapter 17 : static routing
Chapter 17 : static routing
 
NAT Ccna
NAT CcnaNAT Ccna
NAT Ccna
 
Ccnp workbook network bulls
Ccnp workbook network bullsCcnp workbook network bulls
Ccnp workbook network bulls
 
Cisco ospf
Cisco ospf Cisco ospf
Cisco ospf
 
MPLS Tutorial
MPLS TutorialMPLS Tutorial
MPLS Tutorial
 
STP (spanning tree protocol)
STP (spanning tree protocol)STP (spanning tree protocol)
STP (spanning tree protocol)
 
Routing basics/CEF
Routing basics/CEFRouting basics/CEF
Routing basics/CEF
 
Cisco Live Milan 2015 - BGP advance
Cisco Live Milan 2015 - BGP advanceCisco Live Milan 2015 - BGP advance
Cisco Live Milan 2015 - BGP advance
 

Viewers also liked

119163798 icnd1-practice-questions-9tut
119163798 icnd1-practice-questions-9tut119163798 icnd1-practice-questions-9tut
119163798 icnd1-practice-questions-9tut
nicolelemmimg
 

Viewers also liked (20)

Gre tunnel pdf
Gre tunnel pdfGre tunnel pdf
Gre tunnel pdf
 
MPLS
MPLSMPLS
MPLS
 
MPLS (Multi-Protocol Label Switching)
MPLS (Multi-Protocol Label Switching)MPLS (Multi-Protocol Label Switching)
MPLS (Multi-Protocol Label Switching)
 
MPLS ppt
MPLS pptMPLS ppt
MPLS ppt
 
Introduction of Networking
Introduction of NetworkingIntroduction of Networking
Introduction of Networking
 
Eincop Netwax Lab: EIGRP iii
Eincop Netwax Lab: EIGRP iiiEincop Netwax Lab: EIGRP iii
Eincop Netwax Lab: EIGRP iii
 
STP Protection
STP ProtectionSTP Protection
STP Protection
 
Nxll24 i pv6
Nxll24 i pv6Nxll24 i pv6
Nxll24 i pv6
 
OSPF (open shortest path first) part ii
OSPF (open shortest path first) part iiOSPF (open shortest path first) part ii
OSPF (open shortest path first) part ii
 
119163798 icnd1-practice-questions-9tut
119163798 icnd1-practice-questions-9tut119163798 icnd1-practice-questions-9tut
119163798 icnd1-practice-questions-9tut
 
Networking Devices
Networking DevicesNetworking Devices
Networking Devices
 
OSPF Route Filtering
OSPF Route FilteringOSPF Route Filtering
OSPF Route Filtering
 
Wireless Technology
Wireless TechnologyWireless Technology
Wireless Technology
 
Nxll23 i pv6
Nxll23 i pv6Nxll23 i pv6
Nxll23 i pv6
 
VPN (virtual private network)
VPN (virtual private network) VPN (virtual private network)
VPN (virtual private network)
 
VRF Configuration
VRF ConfigurationVRF Configuration
VRF Configuration
 
OSPF (open shortest path first) part iii
OSPF (open shortest path first) part iiiOSPF (open shortest path first) part iii
OSPF (open shortest path first) part iii
 
IP Address
IP AddressIP Address
IP Address
 
TCP Intercept
TCP InterceptTCP Intercept
TCP Intercept
 
SSL Web VPN
SSL Web VPNSSL Web VPN
SSL Web VPN
 

Similar to GRE (generic routing encapsulation)

Lecture1, TCP/IP
Lecture1, TCP/IPLecture1, TCP/IP
Lecture1, TCP/IP
csyuhk
 
Custom_IP_Network_Protocol_and_Router
Custom_IP_Network_Protocol_and_RouterCustom_IP_Network_Protocol_and_Router
Custom_IP_Network_Protocol_and_Router
Vishal Vasudev
 
IP Routing
IP RoutingIP Routing
IP Routing
Peter R. Egli
 
VPN - Virtual Private Network
VPN - Virtual Private NetworkVPN - Virtual Private Network
VPN - Virtual Private Network
Peter R. Egli
 
Paper id 21201449
Paper id 21201449Paper id 21201449
Paper id 21201449
IJRAT
 
Computer network (12)
Computer network (12)Computer network (12)
Computer network (12)
NYversity
 
Ipv4 packet structure
Ipv4 packet structureIpv4 packet structure
Ipv4 packet structure
vlsirajagopal
 

Similar to GRE (generic routing encapsulation) (20)

EIGRP (enhanced interior gateway routing protocol)
EIGRP (enhanced interior gateway routing protocol)EIGRP (enhanced interior gateway routing protocol)
EIGRP (enhanced interior gateway routing protocol)
 
TCP Vs UDP
TCP Vs UDP TCP Vs UDP
TCP Vs UDP
 
EIGRP Project Report
EIGRP Project ReportEIGRP Project Report
EIGRP Project Report
 
Lecture1, TCP/IP
Lecture1, TCP/IPLecture1, TCP/IP
Lecture1, TCP/IP
 
Computer Network - Network Layer
Computer Network - Network LayerComputer Network - Network Layer
Computer Network - Network Layer
 
Custom_IP_Network_Protocol_and_Router
Custom_IP_Network_Protocol_and_RouterCustom_IP_Network_Protocol_and_Router
Custom_IP_Network_Protocol_and_Router
 
Eigrp Summary (Ccna4.Com)
Eigrp Summary (Ccna4.Com)Eigrp Summary (Ccna4.Com)
Eigrp Summary (Ccna4.Com)
 
Ch 19 Network-layer protocols Section 1
Ch 19 Network-layer protocols Section 1Ch 19 Network-layer protocols Section 1
Ch 19 Network-layer protocols Section 1
 
IP Routing
IP RoutingIP Routing
IP Routing
 
TCP/IP 3RD SEM.2012 AUG.ASSIGNMENT
TCP/IP 3RD SEM.2012 AUG.ASSIGNMENTTCP/IP 3RD SEM.2012 AUG.ASSIGNMENT
TCP/IP 3RD SEM.2012 AUG.ASSIGNMENT
 
VPN - Virtual Private Network
VPN - Virtual Private NetworkVPN - Virtual Private Network
VPN - Virtual Private Network
 
Paper id 21201449
Paper id 21201449Paper id 21201449
Paper id 21201449
 
Computer network (12)
Computer network (12)Computer network (12)
Computer network (12)
 
Introduction to IP
Introduction to IPIntroduction to IP
Introduction to IP
 
Ipv4 packet structure
Ipv4 packet structureIpv4 packet structure
Ipv4 packet structure
 
IP Infusion Application Note for 4G LTE Fixed Wireless Access
IP Infusion Application Note for 4G LTE Fixed Wireless AccessIP Infusion Application Note for 4G LTE Fixed Wireless Access
IP Infusion Application Note for 4G LTE Fixed Wireless Access
 
Internet Protocol
Internet ProtocolInternet Protocol
Internet Protocol
 
TCP Model
TCP ModelTCP Model
TCP Model
 
IP Datagram Structure
IP Datagram StructureIP Datagram Structure
IP Datagram Structure
 
Unit 4 tansport layer in the internat
Unit 4 tansport layer in the internatUnit 4 tansport layer in the internat
Unit 4 tansport layer in the internat
 

More from Netwax Lab

More from Netwax Lab (20)

Eincop Netwax Lab: Lab 1 static route
Eincop Netwax Lab: Lab 1 static routeEincop Netwax Lab: Lab 1 static route
Eincop Netwax Lab: Lab 1 static route
 
Eincop Netwax Lab: HSRP (Hot Standby Router Protocol)
Eincop Netwax Lab: HSRP (Hot Standby Router Protocol)Eincop Netwax Lab: HSRP (Hot Standby Router Protocol)
Eincop Netwax Lab: HSRP (Hot Standby Router Protocol)
 
Eincop Netwax Lab: Redistribution
Eincop Netwax Lab: RedistributionEincop Netwax Lab: Redistribution
Eincop Netwax Lab: Redistribution
 
Eincop Netwax Lab: Route Redistribution
Eincop Netwax Lab: Route RedistributionEincop Netwax Lab: Route Redistribution
Eincop Netwax Lab: Route Redistribution
 
Nxll12 zone based firewall
Nxll12 zone based firewallNxll12 zone based firewall
Nxll12 zone based firewall
 
Nxll11 bgp
Nxll11 bgpNxll11 bgp
Nxll11 bgp
 
Nxll09 access list
Nxll09 access listNxll09 access list
Nxll09 access list
 
Nxll21 ospf filtering & summarization
Nxll21 ospf filtering & summarizationNxll21 ospf filtering & summarization
Nxll21 ospf filtering & summarization
 
Nxll10 v lan and trunking
Nxll10 v lan and trunkingNxll10 v lan and trunking
Nxll10 v lan and trunking
 
Nxll16 basic asa v8.2
Nxll16 basic asa v8.2Nxll16 basic asa v8.2
Nxll16 basic asa v8.2
 
Nxll20 na ting
Nxll20 na ting Nxll20 na ting
Nxll20 na ting
 
Nxll14 cut through-proxy on asa
Nxll14 cut through-proxy on asaNxll14 cut through-proxy on asa
Nxll14 cut through-proxy on asa
 
Nxll17 dynamic routing with asa
Nxll17 dynamic routing with asaNxll17 dynamic routing with asa
Nxll17 dynamic routing with asa
 
Nxll18 vpn (s2 s gre & dmvpn)
Nxll18 vpn (s2 s gre & dmvpn)Nxll18 vpn (s2 s gre & dmvpn)
Nxll18 vpn (s2 s gre & dmvpn)
 
Nxll19 vrrp (virtual router redundancy protocol)
Nxll19 vrrp (virtual router redundancy protocol)Nxll19 vrrp (virtual router redundancy protocol)
Nxll19 vrrp (virtual router redundancy protocol)
 
Nxll22 role based cli
Nxll22 role based cliNxll22 role based cli
Nxll22 role based cli
 
Nxll25 hsrp with failover
Nxll25 hsrp with failoverNxll25 hsrp with failover
Nxll25 hsrp with failover
 
Nxll28 ospf iii
Nxll28 ospf iiiNxll28 ospf iii
Nxll28 ospf iii
 
Eincop Netwax Lab: Vlan and Trunking ii
Eincop Netwax Lab: Vlan and Trunking iiEincop Netwax Lab: Vlan and Trunking ii
Eincop Netwax Lab: Vlan and Trunking ii
 
Eincop Netwax Lab: EIGRP ii
Eincop Netwax Lab: EIGRP iiEincop Netwax Lab: EIGRP ii
Eincop Netwax Lab: EIGRP ii
 

Recently uploaded

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
API Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governanceAPI Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governance
WSO2
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 

Recently uploaded (20)

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Simplifying Mobile A11y Presentation.pptx
Simplifying Mobile A11y Presentation.pptxSimplifying Mobile A11y Presentation.pptx
Simplifying Mobile A11y Presentation.pptx
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
API Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governanceAPI Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governance
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 

GRE (generic routing encapsulation)

  • 1. GRE (Generic Routing Encapsulation) Tunneling provides a mechanism to transport packets of one protocol within another protocol. The protocol that is carried is called as the passenger protocol, and the protocol that is used for carrying the passenger protocol is called as the transport protocol. Generic Routing Encapsulation (GRE) is one of the available tunneling mechanisms which uses IP as the transport protocol and can be used for carrying many different passenger protocols. The tunnels behave as virtual point-to-point links that have two endpoints identified by the tunnel source and tunnel destination addresses at each endpoint. GRE encapsulates packets into IP packets and redirects them to an intermediate host, where they are de-encapsulated and routed to their final destination. Generic Routing Encapsulation (GRE) is a tunneling protocol developed by Cisco Systems. GRE is described in RFC 2784 (obsoletes earlier RFCs 1701 and 1702). The switches support RFC 2784, but not completely. The below diagram shows encapsulation process of GRE packet as it traversers the router and enters the tunnel interface: GRE Tunneling Data is routed by the system to the GRE endpoint over routes established in the route table. (These routes can be statically configured or dynamically learned by routing protocols such as RIP or OSPF.) When a data packet is received by the GRE endpoint, it is de-encapsulated and routed again by means of the endpoint configuration to the destination address of the tunnel. In this way, each data packet traveling over the GRE tunnel gets routed through the system twice. Because GRE tunnels are stateless, the endpoint of the tunnel contains no information about the state or availability of the remote tunnel endpoint. Therefore, the switch operating as a tunnel source router cannot change the state of the GRE tunnel interface to down if the remote endpoint is unreachable. Figure 1 GRE Encapsulation Process
  • 2. GRE (Generic Routing Encapsulation)  Encapsulation and De-Encapsulation Encapsulation— A Router operating as a tunnel source router encapsulates and forwards GRE packets as follows: 1. When a Router receives a data packet (payload) to be tunneled, it sends the packet to the tunnel interface. 2. The tunnel interface encapsulates the data in a GRE packet. 3. The system encapsulates the GRE packet in an IP packet. 4. The IP packet is forwarded based on its destination address and routing table. De-encapsulation— A Router operating as a tunnel remote router handles GRE packets as follows: 1. When the destination Router receives the IP packet from the tunnel interface, the Router checks the destination address. 2. The IP header is removed, and the packet is submitted to the GRE protocol. 3. The GRE protocol strips off the GRE header and submits the payload packet for forwarding.  Number of Source and Destination Tunnels Allowed on a Switch Depending on your network, you can configure up to approximately 500 GRE tunnels to operate between switches transmitting IPv4 or IPv6 payload packets over GRE. If a passenger protocol in addition to IPv4 and IPv6 is used, you can configure up to approximately 333 GRE tunnels between the switches. A switch can have a maximum of 20 tunnel source IP addresses configured, and each tunnel source IP can be configured with up to 20 destination IP addresses on a second switch. As a result, the two connected switches can have a maximum of 400 GRE tunnels. If the first switch is also connected to a third switch, the possible maximum number of tunnels can reach 500. Example Uses 1. In conjunction with PPTP(point to point tunnel protocol) to create VPNs. 2. In conjunction with IPsec VPNs to allow passing of routing information between connected networks. 3. In Mobility protocols. 4. In A8/A10 interfaces to encapsulate IP data to/from Packet Control Function (PCF). 5. Linux and BSD can establish ad-hoc IP over GRE tunnels which are interoperable with Cisco equipment. 6. Aruba Access Points use GRE tunnels to establish a connection with their respective Aruba Mobility Controller. User data is transferred through this tunnel.
  • 3. GRE (Generic Routing Encapsulation) 7. Distributed denial of service (DDoS) protected appliance to an unprotected endpoint. Example protocol stack OSI model layer Protocol 5. Session X.225 4. Transport UDP 3. Network (GRE-encapsulated) IPv6 Encapsulation GRE 3. Network IPv4 2. Data Link Ethernet 1. Physical Ethernet physical layer Based on the principles of protocol layering in OSI, protocol encapsulation, not specifically GRE, breaks the layering order. It may be viewed as a separator between two different protocol stacks, one acting as a carrier for another. Packet Header  Standard GRE Packet Header A standard GRE packet header structure, as defined by RFC 2784 and RFC 2890, is represented in the diagram below. Bits 0–3 4–12 13–15 16–31 C K S Reserved0 Version Protocol Type Checksum (optional) Reserved1 (optional) Key (optional) Sequence Number (optional)
  • 4. GRE (Generic Routing Encapsulation) a) C: Checksum bit. Set to 1 if a checksum is present. b) K: Key bit. Set to 1 if a key is present. c) S: Sequence number bit. Set to 1 if a sequence number is present. d) Reserved0: Reserved bits; set to 0. e) Version: GRE Version number; set to 0. f) Protocol Type: Indicates the ether protocol type of the encapsulated payload. (For IPv4, this would be hex 0800.) g) Checksum: Present if the C bit is set; contains the checksum for the GRE header and payload. h) Reserved1: Present if the C bit is set; is set to 0. i) Key: Present if the K bit is set; contains an application-specific key value. j) Sequence Number: Present if the S bit is set; contains a sequence number for the GRE packet.  PPTP GRE Packet Header The Point-to-Point Tunneling Protocol (PPTP), defined in RFC 2637, uses a variant GRE packet header structure, represented below. PPTP creates a GRE tunnel through which the PPTP GRE packets are sent. Bits 0–4 5–7 8 9-12 13–15 16–31 C R K S s Recur A Flags Version Protocol Type Key Payload Length Key Call ID Sequence Number (optional) Acknowledgement Number (optional) a) C: Checksum bit. For PPTP GRE packets, this is set to 0. b) R: Routing bit. For PPTP GRE packets, this is set to 0. c) K: Key bit. For PPTP GRE packets, this is set to 1. (All PPTP GRE packets carry a key.) d) S: Sequence number bit. Set to 1 if a sequence number is supplied, indicating a PPTP GRE data packet. e) s: Strict source route bit. For PPTP GRE packets, this is set to 0. f) Recur: Recursion control bits. For PPTP GRE packets, these are set to 0. g) A: Acknowledgement number present. Set to 1 if an acknowledgement number is supplied, indicating a PPTP GRE acknowledgement packet. h) Flags: Flag bits. For PPTP GRE packets, these are set to 0. i) Version: GRE Version number. For PPTP GRE packets, this is set to 1. j) Protocol Type: For PPTP GRE packets, this is set to hex 880B.
  • 5. GRE (Generic Routing Encapsulation) k) Key Payload Length: Contains the size of the payload, not including the GRE header. l) Key Call ID: Contains the Peer's Call ID for the session to which the packet belongs. m) Sequence Number: Present if the S bit is set; contains the GRE payload sequence number. n) Acknowledgement Number: Present if the A bit is set; contains the sequence number of the highest GRE payload packet received by the sender. Example (GRE Tunnel over S2S VPN) (Note: 1. R2 and R3 must able to ping each other. 2. Tunnel ip is must to ping each other.) R2 int t0 ip add 192.168.1.1 255.255.255.0 tunnel source se0/0 tunnel destination 102.1.1.100 exit router eigrp 100 network 192.168.1.0 0.0.0.255 network 192.10.1.0 0.0.0.255 network 192.10.2.0 0.0.0.255 network 192.10.3.0 0.0.0.255 Figure 2 Topology
  • 6. GRE (Generic Routing Encapsulation) network 192.10.4.0 0.0.0.255 no auto-summary exit crypto isakmp policy 10 authentication pre-share encryption 3des group 2 hash sha lifetime 1800 exit crypto ipsec transform-set tset esp-sha-hmac esp-3des exit crypto isakmp key cisco add 102.1.1.100 crypto ipsec profile IPSEC set transform-set tset exit int t0 tunnel mode ipsec ipv4 tunnel protection ipsec profile IPSEC exit R3 int t0 ip add 192.168.1.2 255.255.255.0 tunnel source se0/0 tunnel destination 101.1.1.100 exit router eigrp 100 network 192.168.1.0 0.0.0.255 network 192.20.1.0 0.0.0.255 network 192.20.2.0 0.0.0.255 network 192.20.3.0 0.0.0.255 network 192.20.4.0 0.0.0.255 no auto-summary
  • 7. GRE (Generic Routing Encapsulation) exit crypto isakmp policy 10 authentication pre-share encryption 3des group 2 hash sha lifetime 1800 exit crypto ipsec transform-set tset esp-sha-hmac esp-3des exit crypto isakmp key cisco add 101.1.1.100 crypto ipsec profile IPSEC set transform-set tset exit int t0 tunnel mode ipsec ipv4 tunnel protection ipsec profile IPSEC exit