11-27-2015 05:55 PM - edited 03-05-2019 02:49 AM
Hi, as we know GRE is one of VPN technology. I'm preparing the CCNP exam and would like to know in real environment/production network, who is actully set up the GRE connection, if company decide to go with GRE technology ?
The service provider or company network admin ?
I know, the service provider provides the public address and path to internet but would like to know who is actully set up the VPN connections.
Thank you !
Chirag
11-27-2015 06:07 PM
Hi Chirag,
would suggest you to go through the below docs, as these would clear most of your doubts on gre tunnelling in a network.
http://www.cisco.com/c/en/us/td/docs/ios/12_4/interface/configuration/guide/inb_tun.html
https://supportforums.cisco.com/document/13576/how-configure-gre-tunnel
Regards,
-Do rate helpful posts.
12-03-2015 04:50 PM
Many thnaks, really good source :)
12-03-2015 05:54 PM
Hello,
GRE is used for several reasons.
I just give you some examples.
1-You have a company and you have several branches. You have some connections to one or more service providers. You want to have your own network and run routing protocol. Because network of service provider is in the middle, you can not run routing protocol between your branches. Here GRE helps. You use GRE between branches and run routing protocols over GRE.
2-You are using IPv6 and need to communite over an IPV4 network. one of the solution is using GRE.
3-You want to have a multicast network over an IP network which does not support multicast.
4- Sometimes you use GRE tunnel between two sites and perform IPsec encryption over the tunnel.
and so on
Service providers usually does not use GRE. GRE is mostly used when you want to kind of skip a public network which is in the middle. So usually companies which use public network use GRE. Remember GRE does not provide security.
Nowadays, service providers use MPLS VPN to seperate different customers traffic in IP layer.
VPN is very broad. VPN means Virtual private network on a public network. VPN can be provided in different layers.
If you get a E1 or T1 link from your service provider. You are provided a L1 private network on service provider public network.
GRE can provide a virtual provivate network also.
You can create a private network with many other protocols and technologies.
Hope it helps,
Masoud
12-03-2015 07:54 PM
Excellent !
Got it.
Many thanks for your broad explanation.
12-03-2015 08:08 PM
I am glad it helped.
Masoud
11-28-2015 03:11 AM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages wha2tsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
In my experience, in the "real world", the company using GRE would be the one to choose it, i.e. it's not suggested by a service provider. (BTW, a service provider also might choose to use it for its own internal needs.)
A service provider is more likely to offer more advanced VPN technology to a customer, like VPN over MPLS.
12-03-2015 04:53 PM
Okay, got it.
Thanks for reply.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide