cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

What is Network Tunneling and how to configure GRE?

408
Views
0
Helpful
0
Comments
Edgar c Francis
Beginner

Generic Routing Encapsulation (GRE) is a network tunneling protocol developed by Cisco Systems that can encapsulate a wide variety of network layer protocols inside virtual point-to-point links or point-to-multipoint links over an Internet Protocol network.

 

When we use GRE? 

GRE is used when packets need to be sent from one network to another over the internet.

Generic Routing Encapsulation (GRE) has some disadvantages:-

GRE tunnel is an encapsulation protocol and does not perform any encryption.

When we create a GRE point-to-point tunnel without any encryption is extremely risky as sensitive data can easily be extracting from the tunnel and misused by others. ( That’s the reason we used IPSec to add an encryption layer and secure the GRE tunnel with the help of IPSec we get army-level encryption).  

 Classic GRE tunnel is a point to point, Manual tunnel, Not scalable, Static IP on all endpoints

GRE tunnel uses a ‘tunnel’ interface a logical interface configured on the router with an IP address where packets are encapsulated and decapsulate as they enter or exit the GRE tunnel.

All tunnel interfaces of participated routers must always be configured with an IP address that is not used anywhere else in the network. Each tunnel interface is assigned an IP address within the same network as other Tunnel interfaces. Before you configure you must adjust (MTU) maximum transfer unit and MSS maximum segment size. 

Let see the configuration:-

 

Topology_

 

EdgarcFrancis_0-1628852414393.png

 



Goal:

  • configure the topology as per the diagram.
  • assign IP addresses respectively to their interfaces as per the topology.
  • configure default and static routing.
  • configure point-to-point tunnels between router 1 to 3 and router 1 to router 4

R1(config)#interface serial 4/0

R1(config-if)#ip address 1.1.1.1 255.0.0.0

R1(config-if)#no shutdown

R1(config-if)#interface fastethernet 0/0

R1(config-if)#ip address 10.1.1.1 255.0.0.0

R1(config-if)#no shutdown

R1(config-if)#no keepalive

R1(config-if)#exit

 

 

R2(config)#interface serial 4/0

R2(config-if)#ip address 1.1.1.2 255.0.0.0

R2(config-if)#no shutdown

 

R2(config-if)#interface serial 4/1

R2(config-if)#ip address 3.3.3.1 255.0.0.0

R2(config-if)#no shutdown

 

R2(config-if)#interface serial 4/2

R2(config-if)#ip address 4.4.4.1 255.0.0.0

R2(config-if)#no shutdown

 

R2(config-if)#interface fastethernet 0/0

R2(config-if)#ip address 20.1.1.1 255.0.0.0

R2(config-if)#no shutdown

R2(config-if)#no keepalive

R2(config-if)#exit

 

R3(config)#interface serial 4/1

R3(config-if)#ip address 3.3.3.2 255.0.0.0

R3(config-if)#no shutdown

 

R3(config-if)#interface fastethernet 0/0

R3(config-if)#ip address 30.1.1.1 255.0.0.0

R3(config-if)#no shutdown

R3(config-if)#no keepalive

R3(config-if)#exit

 

R4(config)#interface serial 4/2

R4(config-if)#ip address 4.4.4.2 255.0.0.0

R4(config-if)#no shutdown

 

R4(config-if)#interface fastethernet 0/0

R4(config-if)#ip address 40.1.1.1 255.0.0.0

R4(config-if)#no shutdown

R4(config-if)#no keepalive

R4(config-if)#exit

R1#show ip interface brief

Interface              IP-Address      OK? Method Status                Protocol

FastEthernet0/0        10.1.1.1        YES manual up                    up

Serial4/0                    1.1.1.1         YES manual up                    up

R2#show ip interface brief

Interface              IP-Address      OK? Method Status                Protocol

FastEthernet0/0        20.1.1.1        YES manual up                    up

Serial4/0                    1.1.1.2         YES manual up                    up

Serial4/1                    3.3.3.1         YES manual up                    up

Serial4/2                    4.4.4.1         YES manual up                    up

 

R3#show ip interface brief

Interface              IP-Address      OK? Method Status                Protocol

FastEthernet0/0        30.1.1.1        YES manual up                    up

Serial4/1                    3.3.3.2         YES manual up                    up

 

R4#show ip interface brief

Interface              IP-Address      OK? Method Status                Protocol

FastEthernet0/0        40.1.1.1        YES manual up                    up

Serial4/2                    4.4.4.2         YES manual up                    up

 

R1(config)#ip route 0.0.0.0 0.0.0.0 serial 4/0

R1(config)#exit

R2(config)#ip route 1.0.0.0 255.0.0.0 serial 4/0

R2(config)#ip route 10.0.0.0 255.0.0.0 serial 4/0

R2(config)#ip route 30.0.0.0 255.0.0.0 serial 4/1

R2(config)#ip route 3.0.0.0 255.0.0.0 serial 4/1

R2(config)#ip route 4.0.0.0 255.0.0.0 serial 4/2

R2(config)#ip route 40.0.0.0 255.0.0.0 serial 4/2

R2(config)#exit

R3(config)#ip route 0.0.0.0 0.0.0.0 serial 4/1

R3(config)#exit

R4(config)#ip route 0.0.0.0 0.0.0.0 serial 4/2

 

R1#ping 20.1.1.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 20.1.1.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 16/33/60 ms

R1#ping 30.1.1.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 30.1.1.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 16/38/68 ms

R1#ping 40.1.1.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 40.1.1.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 16/23/36 ms

 

R1(config)#interface tunnel 21

R1(config-if)#ip address 192.168.1.1 255.255.255.0

R1(config-if)#ip mtu 1400

R1(config-if)#ip tcp adjust-mss 1360

R1(config-if)#tunnel source 1.1.1.1

R1(config-if)#tunnel destination 3.3.3.2

R1(config-if)#exit

R1(config)#end

 

R3(config)#interface tunnel 21

R3(config-if)#ip address 192.168.1.2 255.255.255.0

R3(config-if)#ip mtu 1400

R3(config-if)#ip tcp adjust-mss 1360

R3(config-if)#tunnel source 3.3.3.2

R3(config-if)#tunnel destination 1.1.1.1

R3(config-if)#exit

R3(config)#end

R1(config)#router eigrp 6123

R1(config-router)#network 192.168.1.0

R1(config-router)#network 10.0.0.0

R1(config-router)#no auto-summary

R1(config-router)#exit

R3(config)#router eigrp 6123

R3(config-router)#network 192.168.1.0

R3(config-router)#no auto-summary                                                           cy

R3(config-router)#network 30.0.0.0

R3(config-router)#exit

 

R1#ping 192.168.1.2

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.1.2, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 24/28/32 ms

 R1#show ip interface brief | exclude ?

  LINE  Regular Expression

 

R1#show ip interface brief | exclude unass

Interface              IP-Address      OK? Method Status                Protocol

FastEthernet0/0        10.1.1.1        YES manual up                    up

Serial4/0              1.1.1.1         YES manual up                    up

Tunnel21               192.168.1.1     YES manual up                    up

  

 

R1#traceroute 30.1.1.1

Type escape sequence to abort.

Tracing the route to 30.1.1.1

VRF info: (vrf in name/id, vrf out name/id)

  1 192.168.1.2 56 msec 52 msec 20 msec

 

R1#traceroute 30.1.1.1 source 1.1.1.1

Type escape sequence to abort.

Tracing the route to 30.1.1.1

VRF info: (vrf in name/id, vrf out name/id)

  1 192.168.1.2 24 msec 32 msec 24 msec

 

R1#traceroute 40.1.1.1

Type escape sequence to abort.

Tracing the route to 40.1.1.1

VRF info: (vrf in name/id, vrf out name/id)

  1 1.1.1.2 16 msec 16 msec 20 msec

  2 4.4.4.2 16 msec 32 msec 40 msec

 

R1(config)#interface tunnel 41

R1(config-if)#ip address 192.168.40.1 255.255.255.0

R1(config-if)#ip mtu 1400

R1(config-if)#ip tcp adjust-mss 1360

R1(config-if)#tunnel source 1.1.1.1

R1(config-if)#tunnel destination 4.4.4.2

R1(config-if)#exit

R1(config)#end

 

R4(config)#interface tunnel 41

R4(config-if)#ip address 192.168.40.2 255.255.255.0

R4(config-if)#ip mtu 1400

R4(config-if)#ip tcp adjust-mss 1360

R4(config-if)#tunnel source 4.4.4.2

R4(config-if)#tunnel destination 1.1.1.1

R4(config-if)#end

 

 

 

R1(config)#router eigrp 6123

R1(config-router)#network 192.168.40.0

R1(config-router)#exit

R1(config)#end

 

R4(config)#router eigrp 6123

R4(config-router)#network 192.168.40.0                                             

R4(config-router)#network 40.0.0.0

R4(config-router)#no auto-summary

R4(config-router)#end

 

R1#traceroute 40.1.1.1

*Feb 11 12:46:27.511: %SYS-5-CONFIG_I: Configured from console by console

R1#traceroute 40.1.1.1

Type escape sequence to abort.

Tracing the route to 40.1.1.1

VRF info: (vrf in name/id, vrf out name/id)

  1 192.168.40.2 20 msec 52 msec 40 msec

 

R2#traceroute 40.1.1.1 source 20.1.1.1

Type escape sequence to abort.

Tracing the route to 40.1.1.1

VRF info: (vrf in name/id, vrf out name/id)

  1 4.4.4.2 28 msec 28 msec 16 msec

 

R2#ping 30.1.1.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 30.1.1.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/20 ms

 

R2#ping 40.1.1.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 40.1.1.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 8/10/12 ms

 

R2#ping 10.1.1.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 8/15/28 ms