Buy or Renew
Buy or Renew
COMING SOON: Umbrella and Secure Access release notes are coming to Cisco Community. The community will be in read-only August 16 – 19. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
637
Views
0
Helpful
4
Replies

virtualization path

Go to solution
panarania3
Level 1
Level 1

‎07-16-2022 05:17 AM

hello to you all and hope all of you doing well and safe, 

I have question about virtualization path in (ccnp) topic , 

1-vrf is used to make routers that enables multiple instances of a routing table but what is advantage of that instead of global routing table we have virtual routing table ?

2-GRe , is used to make data path virtualization between 2 device (point to point ) it is only support unicast ,

and we have gre over ipsec to make it secure also with ipsec only  support  unicast   , because ipsec support broadcast multicast ?

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Kasun Bandara
VIP
VIP

‎07-16-2022 08:15 PM

1. we are using VRF to isolate different routing tables from global route table to avoid overlapping same network ranges in same device. also it gives certain security features.

https://avinetworks.com/glossary/virtual-routing-and-forwarding-vrf/

2. GRE supports, unicast and multicast. GRE is not encrypted natively. so we use GRE over IPSEC to encrypt traffic and because GRE is OVER ipsec, it can pass multicast. IPSEC alone cannot pass multicast.

https://ipwithease.com/gre-over-ipsec-vs-ipsec-over-gre/

 

Please rate this and mark as solution/answer, if this resolved your issue
Good luck
KB

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Kasun Bandara
VIP
VIP

‎07-16-2022 08:15 PM

1. we are using VRF to isolate different routing tables from global route table to avoid overlapping same network ranges in same device. also it gives certain security features.

https://avinetworks.com/glossary/virtual-routing-and-forwarding-vrf/

2. GRE supports, unicast and multicast. GRE is not encrypted natively. so we use GRE over IPSEC to encrypt traffic and because GRE is OVER ipsec, it can pass multicast. IPSEC alone cannot pass multicast.

https://ipwithease.com/gre-over-ipsec-vs-ipsec-over-gre/

 

Please rate this and mark as solution/answer, if this resolved your issue
Good luck
KB
0 Helpful

Go to solution
MHM Cisco World
VIP
VIP

‎07-16-2022 08:24 PM

why VRF ?
in MPLS L3VPN if the costumer run same subnet, how can we connect same subnet to provider router?
we need VRF to separate the routing table to make both costumer same subnet connect to one provider router.

for GRE can you more elaborate ?

0 Helpful

Go to solution
panarania3
Level 1
Level 1
In response to MHM Cisco World

‎07-20-2022 10:37 AM

 my qre question is:  IPSEC  Can encapsulate unicast IP packets and Gre:Can encapsulate nearly any type of data

Gre over ipsec : Can encapsulation any kind of data securely ?

0 Helpful

Go to solution
MHM Cisco World
VIP
VIP
In response to panarania3

‎07-20-2022 01:44 PM

GRE-over-IPsec-vs-IPsec-over-GRE-TABLE.jpg

and GRE over IPsec add more overhead to packet so instead we use IPsec IPV4.

0 Helpful
Customers Also Viewed These Support Documents