A Generic Routing Encapsulation (GRE) topology traverses wireless client traffic from a campus AP to a locally managed Extreme Networks VPN Concentrator or third-party GRE terminating device. GRE tunneling supports traversing client traffic through positioned access points at a location separated from ExtremeCloud IQ Controller.
The GRE Point-to-Point tunneling feature makes use of the Internet Control Message Protocol (ICMP). This is a network level protocol that communicates network connectivity issues back to the source of the compromised transmission. When more than one GRE concentrator is configured on a topology, access points use ICMP ping to check connectivity between the access point and the GRE concentrator. When the ICMP ping to concentrator fails, the access point selects the next configured concentrator as a destination for the GRE tunnel. The communication ports on each device must be open to allow ICMP communication between the access points and GRE concentrators.
Note
Performance can vary depending on the AP model.APs communicate through the GRE tunnel. Although each AP can support many GRE topologies, a single assigned topology supports three concentrators. IPv6 is not supported.
Each AP issues a ping to the GRE concentrator to determine reachability. If there is no response within 30 seconds, the AP fails over to a backup concentrator.
Note
It is a best practice to configure more than one VPN Concentrator per VLAN topology for failover. A topology that uses a single generic (non-encrypted) GRE tunnel, without configured backups, is not using the available mechanisms to detect if a VPN Concentrator is down. Therefore, no AP alarms, related to the tunnel connectivity, are generated for such a topology.