GRE - Generic routing encapsulation

GRE is a protocol originally developed by Cisco to transport non ip protocols over IP networks. By establishing a tunnel between remote ends, GRE enables geographically separated networks  to communicate with each other as if they were directly connected. Due to the ability of carrying broadcast and multicast packets, one of the most common use cases of GRE is to transport routing protocols over third-party IP networks.

As an Encapsulation protocol, GRE wraps the original packet (AKA as the Payload) in a GRE Header and add a new IP header (delivery header) is used to transport the packet over the GRE Tunnel. Once the packet arrives to the other end GRE removes the outer headers exposing the original packet.


The GRE Header defined in the RFC 2784 has a size of 64 bits (8 bytes) where the last 32 bits, commonly not used are optional and only present if the first bit of the first 32 bits is set to 1.


When using encapsulation protocols it is necessary to adjust the IP MTU and the TCP Maximum Segment Size to prevent fragmentation. As explained before GRE will add to the original packet a GRE Header (4 bytes) and an IP Header (20 bytes), adding up to an overhead total of 24 bytes, the overhead must be subtracted from the IP MTU value that must be set  below the interface MTU value.

IP MTU (1500 bytes) - IP  Header (20 bytes) - GRE Header (4 bytes) = 1476

To adjust the TCP Maximum Segment Size subtract from the interface MTU the following headers:

IP MTU (1500 bytes) - IP  Header (20 bytes) - GRE Header (4 bytes) - IP  Header (20 bytes) - TCP  Header (20 bytes) = 1436

The following scenario shows how to configure a point-to-point GRE tunnel



initial config:
hostname ISP
!
interface GigabitEthernet0/0
 ip address 200.10.10.1 255.255.255.254
!         
interface GigabitEthernet0/1
 ip address 200.10.11.1 255.255.255.254
!

hostname SitE_1R1
!         
interface GigabitEthernet0/0
 ip address 200.10.10.0 255.255.255.254
!
interface GigabitEthernet0/1
 ip address 172.16.10.1 255.255.255.0
!
router ospf 100
 network 172.16.10.1 0.0.0.0 area 0
!
ip route 0.0.0.0 0.0.0.0 200.10.10.1
!

hostname SitE_1R2
!
interface Loopback1
 ip address 1.1.1.10 255.255.255.255
!         
interface Loopback2
 ip address 2.2.2.10 255.255.255.255
!
interface Loopback3
 ip address 3.3.3.10 255.255.255.255
!
interface GigabitEthernet0/0
 ip address 172.16.10.2 255.255.255.0
!
router ospf 100
 network 1.1.1.10 0.0.0.0 area 0
 network 2.2.2.10 0.0.0.0 area 0
 network 3.3.3.10 0.0.0.0 area 0
 network 172.16.10.2 0.0.0.0 area 0
!

hostname SitE_2R1
!         
interface GigabitEthernet0/0
 ip address 200.10.11.0 255.255.255.254
!
interface GigabitEthernet0/1
 ip address 172.16.11.1 255.255.255.0
!
router ospf 100
 network 172.16.11.1 0.0.0.0 area 0
!
ip route 0.0.0.0 0.0.0.0 200.10.11.1
!

hostname SitE_2R2
!
interface Loopback1
 ip address 1.1.1.11 255.255.255.255
!         
interface Loopback2
 ip address 2.2.2.11 255.255.255.255
!
interface Loopback3
 ip address 3.3.3.11 255.255.255.255
!
interface GigabitEthernet0/0
 ip address 172.16.11.2 255.255.255.0
!
router ospf 100
 network 1.1.1.11 0.0.0.0 area 0
 network 2.2.2.11 0.0.0.0 area 0
 network 3.3.3.11 0.0.0.0 area 0
 network 172.16.11.2 0.0.0.0 area 0
!
tunnel config 
hostname SitE_1R1
!
interface Tunnel100
 ip address 192.168.10.1 255.255.255.252
 ip mtu 1476
 ip tcp adjust-mss 1436
 tunnel source GigabitEthernet0/0
 tunnel destination 200.10.11.0
!
router ospf 100
 network 192.168.10.1 0.0.0.0 area 0
!

hostname SitE_2R1
!
interface Tunnel100
 ip address 192.168.10.2 255.255.255.252
 ip mtu 1476
 ip tcp adjust-mss 1436
 tunnel source GigabitEthernet0/0
 tunnel destination 200.10.10.0
!
router ospf 100
 network 192.168.10.2 0.0.0.0 area 0
!
Posted by No comments:
Subscribe to: Posts (Atom)