GRE is Generic Route Encapsulation Protocol, it encapsulates the inside IP address into outside IP address. A tunnel is made which hides the inside or local IP Address, here the tunnel is not private or encrypted like an IPSEC Tunnel.
Now the question arises, when IPSEC can perform the tunnel privatisation work, why do we require GRE tunnels.
1) Multicast traffics are not allowed through ipsec, the major use of GRE is for allowing Multicast traffic between of different Routing protocols to communicate.
2) GRE helps in pointing the private networks in local networks.
In GRE we use tunnel interface source and destination ip, where we specify the origin tunnel path having public ip as source and destination IP.
GRE was developed as a tunneling tool meant to carry any OSI Layer 3 protocol over an IP network. In essence, GRE creates a private point-to-point connection like that of a virtual private network (VPN).
GRE works by encapsulating a payload -- that is, an inner packet that needs to be delivered to a destination network -- inside an outer IP packet. GRE tunnel endpoints send payloads through GRE tunnels by routing encapsulated packets through intervening IP networks. Other IP routers along the way do not parse the payload (the inner packet); they only parse the outer IP packet as they forward it towards the GRE tunnel endpoint. Upon reaching the tunnel endpoint, GRE encapsulation is removed and the payload is forwarded along to its ultimate destination.
In contrast to IP-to-IP tunneling, GRE tunneling can transport multicast and IPv6 traffic between networks. Advantages of GRE tunnels include the following:
GRE tunnels encase multiple protocols over a single-protocol backbone.
GRE tunnels provide workarounds for networks with limited hops.
GRE tunnels connect discontinuous sub-networks.
GRE tunnels allow VPNs across wide area networks (WANs).
No comments:
Post a Comment