HOME < Technology < GRE Tunnel
1. Instruction
Generic routing encapsulation (GRE) is a communication protocol used to establish a direct, point-to-point connection between network nodes. GRE is defined by RFC 2784. Being a simple and effective method of transporting data over a public network, such as the Internet, GRE lets two peers share data they wouldn’t be able to share over the public network itself, which is a three-tier tunneling encapsulation technology that enables messages to be transparently transmitted through the GRE tunnel to resolve transmission problems across heterogeneous networks.
Especially, GRE protocol offers following advantages.
Use of multiple protocols over a single-protocol backbone
Providing workarounds for networks with limited hops
Connection of non-contiguous subnet
Being less resource demanding than its alternatives (e.g. IPsec VPN)
2. How it works
Data is routed by the system to the GRE endpoint over routes established in the route table. When a data packet is received by the GRE endpoint, it is de-encapsulated and routed again to its destination address. GRE tunnels are stateless, the endpoint of the tunnel contains no information about the state or availability of the remote tunnel endpoint. Therefore, the switch operating as a tunnel source router cannot change the state of the GRE tunnel interface to down if the remote endpoint is unreachable.
GRE message transmission process
If the packet of Host A is transmitted from Router A to Router B, GRE data is encapsulated on Router A and unencapsulated on Router B. The path of the encapsulated data message in the network is the GRE tunnel.
2.1 Encapsulate Message
1) After Router A receives a packet with a destination IP 192.172.1.10 (Host B) from Host A 192.168.10.10, it will encapsulate the original packet as a payload packet into the GRE protocol, and add a GRE header to it. The source IP in the header is 1.1.1.2, and the destination IP is the tunnel peer IP 1.1.1.3
2) The above completes the encapsulation of GRE data packet
3) Router A continues to add GRE tunnel source IP 113.113.11.11 and destination IP 113.113.10.10 outside the packet, then send it to the Internet
2.2 Unencapsulate Message
1) After the data packet is sent to the Internet, all routers only forward the data packet according to the outer public network IP address, until the data packet is forwarded to the real destination IP 113.113.10.10 (Router B)
2) Router B will first unpack the public IP header of the data packet, and then find that the destination IP in the GRE header is 1.1.1.3 and it is itself.
3) Router B will continue to unpack the GRE data packet and find that the target IP is 192.172.1.10, and finally send the data packet to 192.172 .1.10 (Host B)
2.3 GRE Header Instruction
GRE Header | Instruction |
C | checksum verification bit The position is 1, indicating that the GRE header has inserted the checksum field The position is 0, indicating that the GRE header does not contain the checksum field |
K | Keyword bit The position is 1, indicating that the key field is inserted in the GRE header The position is 0, indicating that the GRE header does not contain the keyword field |
Recursion | Indicates the number of layers that GRE packets are encapsulated. After completing a GRE encapsulation, this field is increased by 1. If the number of encapsulation layers is greater than 3, the packet is discarded. The function of this field is to prevent packets from being encapsulated indefinitely. RFC1701 stipulates that the default value of this field is 0. RFC2784 stipulates that no exception will be caused when this field is inconsistent between the sending and receiving ends, and the receiving end must ignore this field. When implemented by the device, this field is only used to mark the number of tunnel nesting levels when encapsulating the message. GRE does not perceive this field when decapsulating the message and will not affect the processing of the message. |
Flags | Reserved field. Must currently be set to 0 |
Version | GRE version number (0), for PPTP GRE, this field is 1 |
Protocol Type | Type of encapsulated Ethernet protocol (for example, IPv4, 0x0800 here) |
Checksum | The checksum field of the GRE header and its payload |
Key | If the K is 1, this field contains secret key information |
3. GRE In Wlink 5G/4G/3G Router
--- THE END
