转载请注明本文来自ITAA学习组
Overview
Generic Routing Encapsulation (GRE) is a protocol for encapsulation of an arbitrary network layer protocol over another arbitrary network layer protocol.
In the most general case, a system has a packet, that needs to be encapsulated and delivered to some destination, which is called payload. The payload is first encapsulated in a GRE packet.The resulting GRE packet can then be encapsulated in some other protocol and then forwarded. This outer protocol is called the delivery protocol.
GRE tunnels are designed to be completely stateless. This means that each tunnel end-point does not keep any information about the state or availability of the remote tunnel end-point. Normally, a GRE tunnel interface comes up as soon as it is configured and it stays up as long as there is a valid tunnel source address or interface which is up
BASIC STEPS NEEDED TO CONFIGURE GRE
1) Configure a GRE (gr) interface. The gr interface contains a local address and destination address. It comes up as soon as it is configured. You can even configure an IP address on the gr interface. (It is not mandatory.)
2) Configure a route to reach the destination subnet (End to End connectivity). You can configure either a static route through the gr interface or use a IGP (i.e. OSPF can be used for this purpose).
Basic GRE Configuration Example
The following example illustrates a configuration with the following settings:
· Local subnet interface is ge-0/0/0 with IPv4 address as 10.10.11.1/24
· Destination subnet is 10.10.10.0/24 with the tunnel end point IPv4 interface as 10.10.10.1/24
· Bind gr-0/0/0 interface to a security zone
Configuration using Static route
[edit interfaces]
root@password# show
ge-0/0/0 {
unit 0 {
family inet {
address 10.10.11.1/24;
}
}
}
gr-0/0/0 {
unit 0 {
tunnel {
source 1.1.1.1;
destination 2.2.2.1;
}
family inet {
address 192.168.1.1/24;
}
}
}
ge-0/0/1 {
unit 0 {
family inet {
address 1.1.1.1/24;
}
}
}
[edit security]
root@password# show
zones {
security-zone trust {
host-inbound-traffic {
system-services {
all;
}
protocols {
all;
}
}
interfaces {
gr-0/0/0.0;
}
}
}
root@password# show routing-options
static {
route 10.10.10.0/24 next-hop gr-0/0/0.0;
}
In case you do not want to define a static route, OSPF can be configured between interfaces gr-0/0/0 on both sides and internal subnet as passive neighbor, to receive all the internal routes.
[edit protocols]
root@password# show
ospf {
area 0.0.0.0 {
interface gr-0/0/0.0;
interface ge-0/0/0.0 {
passive;
}
}
}
Verify your work:
1. Verify the GRE interfaces are up.
root@password>show interfaces gr-0/0/0 terse
Interface Admin Link Proto Local Remote
gr-0/0/0 up up
gr-0/0/0.0 up up inet 192.168.1.1/24
2. Verify packets are leaving through gr- interface
root@password> show interfaces gr-0/0/0 extensive
Traffic statistics:
Input bytes : 0
Output bytes : 384
Input packets : 0
Output packets: 4
Local statistics:
Input bytes : 0
Output bytes : 216
Input packets : 0
Output packets: 2
Transit statistics:
Input bytes : 0 0 bps
Output bytes : 168 0 bps
Input packets : 0 0 pps
Output packets: 2 0 pps
简体中文
英语
日语
韩语
法语
西班牙语
越南语
泰语
阿拉伯语
俄语
葡萄牙语
德语
意大利语
希腊语
荷兰语
波兰语
保加利亚语
爱沙尼亚语
丹麦语
芬兰语
捷克语
罗马尼亚语
斯洛文尼亚语
瑞典语
匈牙利语
繁体中文
文言文
发表于 2012-5-2 17:10:59
置顶卡
喧嚣卡
变色卡
千斤顶
