10-30-2007 07:47 AM - edited 03-03-2019 05:33 AM
Hi all, can anyone tell me what these are, and why do people use them ? are they used over the internet or Wan ?
10-30-2007 08:09 AM
you can use them over both. I use a GRE tunnel from my house to my office to pass my VoIP traffic, whereas I pass my other data traffic through an IPSEC AES tunnel. The GRE tunnel has MUCH LESS overhead/latency than the IPSEC tunnel.
-brad
www.ccbootcamp.com
10-30-2007 08:46 AM
Tunnel as the word suggest is kind of virtual path defined (defined a virtual tunnel) in a shared network.
Now Internet is a shared network and WAN can also be shared network e.g. for diferent offices. So usage depend on need and can be used anywhere be it wan or internet.
In order to use isolate the defined traffic over a shared network you various tunneling techniques.
we can use GRE or IPSEC or both to make tunnel between two gateways, as Brad said , GRE has much less overhead than IPSEC tunnel but GRE only do the encapsulation and it does not provide the data encryption.
One of very frequent use of GRE is where you have to use routing protocols over the tunnel. As IPSEC doesnt support multicast ( most of the protocol talk over multicast) so GRE tunnel is deployed in order to use routing protocol.
HTH
rate if it helps.
10-30-2007 10:28 AM
so do they act the same as a site to site vpn without the encryption ? are they easy to set up ?
10-30-2007 03:10 PM
yes, you can say that gre tunnel is vpn without encryption.
easy setup is kind of relative term and if you say if they are easy to setup then ipsec, then i would say yes.
HTH
rate if it does
rgds
11-05-2007 03:27 AM
i cannot see why you would use them over the internet as they have no encryption, does isps use them, can you give me an example of the setup ?
11-08-2007 07:16 AM
hi,
you are quite right, mostly GRE+IPSEC has been used to built VPN tunnel over internet basically where they need GRE advantages with encryption.
about service provider, in my point of view , i donnt think so anybody is using pure gre tunnel over the internet.
but yeah they can use gre tunnel within their network to isolate various type of traffic.
below are the various doc which will give enuf information
IPSEC+GRE Tunnel, here they have used different devices for IPSEC and GRE, but you can have both on single device.
http://www.cisco.com/warp/public/707/gre_ipsec_ospf.html
sorry, previously i have given wrong example of using gre in provider network, that has more to do with VRF in GRE tunnel ..
HTH
rate if does help
rgds
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide