Topology
Objectives
Create Gre tunnel between Router A and Router c. We are creating tunnel to internal communication between two LAN segments without, advertising LAN IP in internet domain.
Steps:
- Your end to end network should be reachable i.e the interface/node from where you are creating tunnel should reachable to destination interface/node. Here Router A ,B & C is configured and running eigrp under internet domain , we have advertised loopback on Router A &C under eigrp.
- Ping 2.2.2.2 from Router A and 1.1.1.1 from Router C.
A#ping 3.3.3.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/0/2 ms
C#ping 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/0/0 ms
Ping LAN1 PC from LAN 2 PC.
PC>ping 192.168.10.2
Pinging 192.168.10.2 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 192.168.10.2:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
Currently LAN are not reachable
- Create Tunnel on Router A and C. Provide IP add to tunnel interface. Both tunnel should have IP add of same class so that they can communicate with each other.
Define tunnel source ( here Loopback1) and destination( 3.3.3.3).The tunnel source and destination should be opposite on both side.
A#
interface Tunnel1
ip address 50.50.50.1 255.255.255.252
tunnel source Loopback1
tunnel destination 3.3.3.3
tunnel mode gre ip
C#
interface Tunnel1 ip address 50.50.50.2 255.255.255.252 tunnel source Loopback1 tunnel destination 1.1.1.1 tunnel mode gre ip
- Here you will be able to ping the tunnel IP , though it is not advertised under eigrp and carried over gre encapsulation.
A#ping 50.50.50.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 50.50.50.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/0/0 ms
C#ping 50.50.50.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 50.50.50.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/0/1 ms
Define static routing for LAN with Next hop as tunnel IP.
A#
ip route 192.168.20.0 255.255.255.0 50.50.50.2
B#
ip route 192.168.10.0 255.255.255.0 50.50.50.1
Now LAN IP should be reachable via tunnel , and tunnel is reachable via Gre encapsulated packet over IP.
PC>ping 192.168.10.2
Pinging 192.168.10.2 with 32 bytes of data:
Reply from 192.168.10.2: bytes=32 time=10ms TTL=126
Reply from 192.168.10.2: bytes=32 time=0ms TTL=126
Reply from 192.168.10.2: bytes=32 time=11ms TTL=126
Reply from 192.168.10.2: bytes=32 time=10ms TTL=126
Ping statistics for 192.168.10.2:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 11ms, Average = 7ms
Summary:
Steps:
- Establish L3 connectivity end to end. Tunnel source and destination should have L3 connectivity.
- Define tunnel, with tunnel source and destination. The tunnel source and destination should be opposite at both end.
- Both end Tunnel ip address should be in same class.
- Define static routing towards LAN with Tunnel IP as next Hop
Advantages of GRE tunnel
- Easy to configure
- Support Broadcast and Multicast
- Can carry multiple routing protocols.
Disadvantages of GRE tunnel
- It do not support security like authentication.