Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
15909
Views
21
Helpful
1
Replies

difference between GRE and IPIP tunnel

Go to solution
mkirankumar
Level 1
Level 1

‎01-15-2005 01:08 AM - edited ‎02-20-2020 11:52 PM

Hi!!!

I want to know when tunnel is configured, which mode is more affective in terms of encryption and less overhead.

Thanks in Advance

Kiran

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
sstudsdahl
Level 4
Level 4

‎01-17-2005 12:28 PM

Kiran,

When talking encryption, neither a GRE or IPIP tunnel will encrypt the traffic on their own. This process needs to be done using a second mechanism such as IPSec.

In terms of less overhead, the GRE header is 24 bytes and an IP header is 20 bytes.

When a GRE tunnel is built, the original packet is encapsulated within a GRE (IP Protocol 47) packet and send to the configured tunnel destination. Similarly, when using IPIP tunnels, the original packet to be sent is encapsulated within a new IP packet and transmitted to the tunnel destination. When looking at an IPIP packet with a protocol analyzer, the packet will appear to have two IP headers within it.

Another thing to consider with the two tunnel types is that a GRE tunnel has the ability to acknowledge the receipt of packets similar to TCP communications. The IPIP tunnel method has no such mechanism as it inherits the stateless behavior of a raw IP packet, similar to UDP based communications.

Steve

View solution in original post

1 Reply 1

Go to solution
sstudsdahl
Level 4
Level 4

‎01-17-2005 12:28 PM

Kiran,

When talking encryption, neither a GRE or IPIP tunnel will encrypt the traffic on their own. This process needs to be done using a second mechanism such as IPSec.

In terms of less overhead, the GRE header is 24 bytes and an IP header is 20 bytes.

When a GRE tunnel is built, the original packet is encapsulated within a GRE (IP Protocol 47) packet and send to the configured tunnel destination. Similarly, when using IPIP tunnels, the original packet to be sent is encapsulated within a new IP packet and transmitted to the tunnel destination. When looking at an IPIP packet with a protocol analyzer, the packet will appear to have two IP headers within it.

Another thing to consider with the two tunnel types is that a GRE tunnel has the ability to acknowledge the receipt of packets similar to TCP communications. The IPIP tunnel method has no such mechanism as it inherits the stateless behavior of a raw IP packet, similar to UDP based communications.

Steve

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card