Applications
This section describes the applicable scenario of GRE.
Transmitting Data of Multi-Protocol Local Networks Through a GRE Tunnel
As shown in Figure 9-3, Term1 and Term2 are the local networks running IPv6. Term3 and Term4 are local networks running the IP protocol. These subnets, located in different areas, need to communicate through the public IP network.
Switch Module_1 and Switch Module_2 set up a GRE tunnel through which Term1 can communicate with Term2 without affecting communication between Term3 and Term4.
Enlarging the Operation Scope of a Network with a Hop Limit
As shown in Figure 9-4, the network runs the IP protocol. Assume that the IP protocol limits the hop count to 255. If the hop count between two PCs is more than 255, they cannot communicate with each other. You can set up a GRE tunnel between two devices on the network to hide the hops between them. This enlarges the network operation scope.
For example, the RIP protocol defines that a route is unreachable when the hop count reaches 16. You can configure a GRE tunnel between two devices to reduce the hop count of the RIP route passing through the GRE tunnel to less than 16. Then the route is reachable.
Connecting CE Devices to an MPLS VPN Network
NOTE: The device cannot work on an MPLS backbone network.
The MPLS VPN solution provides better services than the traditional IP VPN solution. Therefore, MPLS VPN technology is now carrier's preferred VPN technology. However, the Internet is IP based and a large number of backbone networks still use IP technology.
In the MPLS VPN solution, a customer edge (CE) device must have a direct physical link to a provider edge (PE) device on the MPLS backbone network to connect to the VPN. That is, the CE and PE devices must be on the same network. In this networking, you must associate the VPN instance with the PE device's physical interface connected to the CE device.
In actual networking, the CE and PE devices may not be directly connected by physical links. For example, the CE devices of multiple organizations that are connected to the Internet or an IP-based backbone network may be far away from the PE devices on the MPLS backbone network; therefore, they cannot be connected directly. These organizations cannot directly connect to the internal sites of the MPLS VPN through the Internet or the IP backbone network.
To connect a CE device to an MPLS VPN backbone network, create a logical direct connection between the CE and PE devices. You can connect the CE and PE devices using a public or private network, and create a GRE tunnel between the CE and PE devices. Then, the CE and PE devices can communicate as if they were directly connected, and the GRE tunnel can be associated with the VPN as a physical interface.
A GRE tunnel can be set up in the following ways to connect CE devices to an MPLS VPN network:
GRE tunnel over a private network: The GRE tunnel is associated with a VPN instance, and the source interface (or the source address) and the destination address of the GRE tunnel belong to this VPN instance.
GRE tunnel over a public network: The GRE tunnel is associated with a VPN instance. However, the source address and destination address of the GRE tunnel are public IP addresses and do not belong to the VPN instance.
GRE over a VPN: The GRE tunnel is associated with a VPN instance (such as VPN1), while the source interface of the GRE tunnel is bound to another VPN instance (such as VPN2). The GRE tunnel traverses VPN2.
GRE Tunnel over a Public Network
In this networking, the CE and PE devices must have one interface using a public IP address. The CE and PE devices must have a route to each other in their public network routing tables.
GRE Tunnel over a VPN
This networking differs from a GRE tunnel over a public network in that the CE device is connected to the PE device across a VPN (VPN2 in this example), but not a public network. Both the outbound interface of the private data from the CE and the outbound interface of the private data from the PE belong to VPN2.
In Figure 9-7, PE1 and PE2 are the edge devices of the first carrier on the MPLS backbone network. VPN2 is a VPN of a second carrier network. CE1 and CE2 are customer devices.
To deploy a VPN (VPN1 in this example) based on the MPLS network, you can set up a GRE tunnel between PE1 and CE1 across VPN2. Then CE1 and PE1 are directly connected through the GRE tunnel.
GRE Tunnel over a Private Network
In this networking, the source address and the destination address of the GRE tunnel belong to the private network. In actual applications, creating a tunnel on a private network serves no purpose; therefore, this networking is not recommended. As shown in Figure 9-8, R1 can be used as a CE device so no GRE tunnel is required.
Previous
