CCNA 4.3: Configure, verify and troubleshoot GRE tunnel connectivity (FREE LAB!)

Overview

Generic routing encapsulation (GRE) is a simple site-to-site VPN tunneling protocol.

Study Notes:

• Nonsecure, site-to-site VPN tunneling protocol
• Used to tunnel IP packets across the internet
• GRE header encapsulates an IP header and packet
  • The IP header and packet is the letter
  • The GRE header is the envelope
• GRE can encapsulate any OSI layer 3 protocol, but it’s typically IP
• GRE is encapsulation not encryption.  There are no strong security mechanisms
• GRE is stateless and does not include flow control
• GRE header plus IP header equals 24 bytes (minimum) additional overhead
• GRE tunnel interface addresses will be in the same subnet

Labs:

THIS LAB FREE!
PacketTracer Lab: CCNA-4.3-Configure-verify-and-troubleshoot-GRE-tunnel-connectivity.pkt

The objective of this lab is to establish a GRE tunnel between Router1 and Router3 and verify it is working by pinging across the tunnel.

• On Router1, create the tunnel interface named Tunnel1

config t
    interface Tunnel 1

• Set the tunnel mode to gre ip
  • tunnel = protocol-over-protocol tunneling
  • mode = tunnel encapsulation method
  • gre = generic route encapsulation protocol
  • ip = over IP

        tunnel mode gre ip

• Set the IP address of the tunnel interface

        ip address 172.16.0.1 255.255.255.252

• Set the source interface of the tunnel interface.  This is Serial1/0 interface on Router1.

        tunnel source s1/0

• Set the destination address of the tunnel interface.  This is the S1/1 interface on Router3.

        tunnel destination 192.168.1.2

• Activate the tunnel interface

        no shut
        exit

• Configure a route that tells Router1 how to get to Router3.  To get to 192.168.1.2/32 go to 192.168.0.2.

    ip route 192.168.1.2 255.255.255.255 192.168.0.2

• Configure a default route pointing to the Tunnel interface on Router3 so that all other traffic uses the GRE tunnel.

    ip route 0.0.0.0 0.0.0.0 172.16.0.2
    exit

• On Router3, create the tunnel interface named Tunnel1

config t
    interface Tunnel 1

• Set the tunnel mode to gre ip

        tunnel mode gre ip

• Set the IP address of the tunnel interface

        ip address 172.16.0.2 255.255.255.252

• Set the source interface of the tunnel interface.  This is Serial1/01 interface on Router3.

        tunnel source s1/1

• Set the destination address of the tunnel interface.  This is the S1/0 interface on Router1.

        tunnel destination 192.168.0.1

• Activate the tunnel interface

        no shut
        exit

• Configure a route that tells Router3 how to get to Router1.  To get to 192.168.0.1/32 go to 192.168.1.1

    ip route 192.168.0.1 255.255.255.255 192.168.1.1

• Configure a default route pointing to the Tunnel interface on Router1 so that all other traffic uses the GRE tunnel.

    ip route 0.0.0.0 0.0.0.0 172.16.0.1
    exit

• Verification
• On Router1 and Router3, verify that Serial1/0 is up/up and that Tunnel1 is up/up

show ip int brief

• On Router1 and Router3, view the tunnel interfaces. In this case only 1 has been configured.

show interface Tunnel 1

• From Router1, ping the tunnel interface on Router3

ping 172.16.0.2

• From Router3, ping the tunnel interface on Router1

ping 172.16.0.1

• Additional verification
• Configure a loopback interface on Router1

config t
    interface loopback1
        ip address 10.0.0.1 255.255.255.255
        no shut

• On Router3, traceroute to the loopback interface on Router1 and notice how it uses the GRE tunnel to get there

traceroute 10.0.0.1
Type escape sequence to abort.
Tracing the route to 10.0.0.1

1 172.16.0.1 6 msec 2 msec 2 msec