Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1956
Views
0
Helpful
7
Replies

ssh through GRE tunel

Go to solution
sir_ulrick
Level 1
Level 1

‎09-30-2019 10:31 AM

Hi,

I have a teorical question about GRE performance. Suppose that we have 5 routers connected (A->B->C-D->E) with a GRE tunnel between A and E routers. Would be possible to do a ssh between A and C routers? This ssh connection will use GRE tunnel or phisical interface? more traffic could flow correctly before to E router?

 

Thanks in advance

Labels:
0 Helpful
4 Accepted Solutions

Accepted Solutions

Go to solution
luis_cordova
VIP Alumni
VIP Alumni

‎09-30-2019 11:19 AM

Hi @sir_ulrick 

 

As far as I know, it will depend on which interface the route to the SSH destination ip was learned.
If the route to that IP was learned through the tunnel interface, then the connection will be achieved by the GRE.
If the route was learned through the physical interface, then the SSH connection will be made through that interface.

 

Regards

View solution in original post

0 Helpful

Go to solution
sir_ulrick
Level 1
Level 1
In response to luis_cordova

‎09-30-2019 11:38 PM

Ok, If I understood, exist 3 different ways to reach a destination out tunnel GRE between A -> E devices. 

 

1) If 2 devices are connected directly with a physical interface (A->B)

2) Routing between them outside gre tunnel, I mean, routing between devices (A->C, for instance) where them ip's are knowed using either static or dinamic routing

3) New gre tunnel between them (A->D)

 

Thanks a lot for your reply Luis

View solution in original post

0 Helpful

Go to solution
Deepak Kumar
VIP Alumni
VIP Alumni
In response to sir_ulrick

‎10-01-2019 03:12 AM

Hi,

I am not sure that I got your question correctly or not but I have a suggestion as:

 

As you have few routers in a series as A---B---C

You are setting on router A and trying to SSH router C. Is it correct? If it is correct then you must have to complete a few requirements as:

1. Tunnel to Tunnel reachability. This may as Router A have tunnel to router B and Router B have a tunnel to router C or Router A may have tunnels for Router B and C (mGRE or Two different Tunnels).

2. Routing reachability from router A to C using the static or dynamic routing.

3. SSH configuration.

 

Let me know if you need more information as a configuration or query. 

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!

View solution in original post

0 Helpful

Go to solution
paul driver
VIP
VIP

‎10-01-2019 05:00 AM - edited ‎10-01-2019 05:02 AM

Hello

 

 

@sir_ulrick wrote:

Hi,

I have a teorical question about GRE performance. Suppose that we have 5 routers connected (A->B->C-D->E) with a GRE tunnel between A and E routers. Would be possible to do a ssh between A and C routers? This ssh connection will use GRE tunnel or phisical interface? more traffic could flow correctly before to E router?

By default NO it wont unless your pushing all traffic from A to E through the tunnel otherwise it should go by the default routing path which would be the physical routing path underpinning your tunnels


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

View solution in original post

0 Helpful
7 Replies 7

Go to solution
luis_cordova
VIP Alumni
VIP Alumni

‎09-30-2019 11:19 AM

Hi @sir_ulrick 

 

As far as I know, it will depend on which interface the route to the SSH destination ip was learned.
If the route to that IP was learned through the tunnel interface, then the connection will be achieved by the GRE.
If the route was learned through the physical interface, then the SSH connection will be made through that interface.

 

Regards

0 Helpful

Go to solution
sir_ulrick
Level 1
Level 1
In response to luis_cordova

‎09-30-2019 01:38 PM

Ok, so if I want to reach a different device of final node (E) I would need to create a new tunnel where I want to connected, right? for instance A -> C and execute ssh to tunnel ip, right?

0 Helpful

Go to solution
luis_cordova
VIP Alumni
VIP Alumni
In response to sir_ulrick

‎09-30-2019 02:46 PM

Hi @sir_ulrick ,

 

Not necessarily, since the GRE tunnel connects you to the entire destination network.
The first step is to verify if the source device has a route to the network where the device is located.

If you already have a route, it's just a matter of trying the SSH.
If you don't have a route, you can evaluate how to learn that network, either through a tunnel interface or through a physical interface.

Regards

0 Helpful

Go to solution
sir_ulrick
Level 1
Level 1
In response to luis_cordova

‎09-30-2019 11:38 PM

Ok, If I understood, exist 3 different ways to reach a destination out tunnel GRE between A -> E devices. 

 

1) If 2 devices are connected directly with a physical interface (A->B)

2) Routing between them outside gre tunnel, I mean, routing between devices (A->C, for instance) where them ip's are knowed using either static or dinamic routing

3) New gre tunnel between them (A->D)

 

Thanks a lot for your reply Luis

0 Helpful

Go to solution
Deepak Kumar
VIP Alumni
VIP Alumni
In response to sir_ulrick

‎10-01-2019 03:12 AM

Hi,

I am not sure that I got your question correctly or not but I have a suggestion as:

 

As you have few routers in a series as A---B---C

You are setting on router A and trying to SSH router C. Is it correct? If it is correct then you must have to complete a few requirements as:

1. Tunnel to Tunnel reachability. This may as Router A have tunnel to router B and Router B have a tunnel to router C or Router A may have tunnels for Router B and C (mGRE or Two different Tunnels).

2. Routing reachability from router A to C using the static or dynamic routing.

3. SSH configuration.

 

Let me know if you need more information as a configuration or query. 

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!
0 Helpful

Go to solution
paul driver
VIP
VIP

‎10-01-2019 05:00 AM - edited ‎10-01-2019 05:02 AM

Hello

 

 

@sir_ulrick wrote:

Hi,

I have a teorical question about GRE performance. Suppose that we have 5 routers connected (A->B->C-D->E) with a GRE tunnel between A and E routers. Would be possible to do a ssh between A and C routers? This ssh connection will use GRE tunnel or phisical interface? more traffic could flow correctly before to E router?

By default NO it wont unless your pushing all traffic from A to E through the tunnel otherwise it should go by the default routing path which would be the physical routing path underpinning your tunnels


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

Go to solution
sir_ulrick
Level 1
Level 1
In response to paul driver

‎10-02-2019 12:16 AM

Thanks everybody for your replies!
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card