gre tunnel

gre

Enables GRE (Generic Routing Encapsulation) tunneling on this profile, and creates a new GRE tunnel or modifies an existing GRE tunnel.

The GRE protocol allows encapsulation of one protocol within another. It is a tunneling protocol that transports any layer 3 protocol over an IP network. When enabled, a payload packet is first encapsulated in the GRE protocol. The GRE encapsulated payload is then encapsulated in another IP packet before being forwarded to the destination.

GRE tunneling can be configured to bridge Ethernet packets between WLANs and a remote WLAN gateway over an IPv4 GRE tunnel. The tunneling of 802.3 packets using GRE is an alternative to MiNT or L2TPv3. Related features like ACLs for extended VLANs are still available using layer 2 tunneling over GRE.

Using GRE, access points map one or more VLANs to a tunnel. The remote end point is a user-configured WLAN gateway IP address, with an optional secondary IP address should connectivity to the primary GRE peer be lost. VLAN traffic is expected in both directions in the GRE tunnel. A WLAN mapped to these VLANs can be either open or secure. Secure WLANs require authentication to a remote RADIUS server available within your deployment using standard RADIUS protocols. Access Points can reach both the GRE peer as well as the RADIUS server using IPv4.

The WiNG software now supports both IPv4 or IPv6 tunnel endpoints. However, a tunnel needs to contain either IPv4 or IPv6 formatted device addresses and cannot be mixed. With the new IPv6 tunnel implementation, all outbound packets are encapsulated with the GRE header, then the IPv6 header. The header source IP address is the local address of the IPv6 address of tunnel interface, and the destination address peer address of the tunnel. All inbound packets are de-capsulated by removing the IPv6 and GRE header before sending it over to the IP stack.

Note

Note

Only one GRE tunnel can be created for every profile.

Supported on the following devices:

Syntax

gre tunnel <GRE-TUNNEL-NAME>

Parameters

gre tunnel <GRE-TUNNEL-NAME>
gre tunnel <GRE-TUNNEL-NAME> Creates a new GRE tunnel or modifies an existing GRE tunnel. If creating a new tunnel, specify a unique name for it. If modifying an existing tunnel, specify its name.

Example

rfs4000-229D58(config-profile testRFS4000-gre-tunnel-testGREtunnel)#?
GRE Tunnel Mode commands:
  dscp                    Differentiated Services Code Point
  establishment-criteria  Set tunnel establishment criteria
  failover                L2gre tunnel failover
  mtu                     L2GRE tunnel endpoint maximum transmission unit(MTU)
  native                  Native trunking characteristics
  no                      Negate a command or set its defaults
  peer                    L2GRE peer
  tunneled-vlan           VLANs to tunnel

  clrscr                  Clears the display screen
  commit                  Commit all changes made in this session
  do                      Run commands from Exec mode
  end                     End current mode and change to EXEC mode
  exit                    End current mode and down to previous mode
  help                    Description of the interactive help system
  revert                  Revert changes
  service                 Service Commands
  show                    Show running system information
  write                   Write running configuration to memory or terminal

rfs4000-229D58(config-profile testRFS4000-gre-tunnel-testGREtunnel)#

rfs4000-229D58(config-profile testRFS4000-gre-tunnel-testGREtunnel)#peer 1 ip 192.168.13.8
rfs4000-229D58(config-profile testRFS4000-gre-tunnel-testGREtunnel)#peer 2 ip 192.168.13.10

rfs4000-229D58(config-profile testRFS4000-gre-tunnel-testGREtunnel)#show context
 gre tunnel testGREtunnel
  peer 1 ip 192.168.13.8
  peer 2 ip 192.168.13.10
rfs4000-229D58(config-profile testRFS4000-gre-tunnel-testGREtunnel)#

rfs4000-229D58(config-profile-testRFS4000)#show context
profile rfs4000 testRFS4000
 bridge vlan 1
  tunnel-over-level2
  ip igmp snooping
  ip igmp snooping querier
..................................................................................
 use firewall-policy default
 service pm sys-restart
 router ospf
 gre tunnel testGREtunnel
  peer 1 ip 192.168.13.8
  peer 2 ip 192.168.13.10
rfs4000-229D58(config-profile-testRFS4000)#

Related Commands

dscp Sets the GRE tunnel‘s DSCP / 802.1q priority value
establishment-criteria Configures the GRE tunnel establishment criteria
failover Enables periodic pinging of the primary gateway to assess its availability, in case it is unreachable
mtu Configures the MTU for IPv4/IPv6 L2GRE tunnel endpoints
native Configures native trunking settings for this GRE tunnel
no Removes the GRE tunnel settings based on the parameters passed
peer Configures the GRE tunnel‘s end-point peers
tunneled-vlan Defines the VLAN that connected clients use to route GRE-tunneled traffic within their respective WLANs
no Disables GRE tunneling on this profile