Two LAN (office network-IDC) Security Interoperability Scheme 2:by GRE and Linux server& in-depth understanding of GRE

Source: Internet
Author: User

(0) The Turnel of GRE

1. This process is the process of establishing turnel on both sides.

(1) LAN routing process

1, host A to send a source of 192.168.1.2, the purpose of 10.1.1.2 package

(2) Packaging process

1, depending on the internal network, may be your default route gateway to route it to 192.168.1.254

2, 192.168.1.254 the first package package, increase the GRE header, the purpose of the package is the address 192.192.192.1 and the source address 192.192.192.2.

3, 192.168.1.254 2nd time package, increase the public network of Baotou (otherwise on the public Internet can not be routed), the purpose of the package address 110.2.2.2 and source address 180.1.1.1.

4, 192.168.1.254 all the packets to 10.1.1.0/24, the address is converted from 192.192.192.2 (SNAT)

(3) Public network routing process

1. After n routing devices, the packet is eventually routed to 110.2.2.2

(4) Unpacking process

1, b end of the router detects that it is to reach their own IP, began unpacking

2. After unpacking, the GRE protocol is found, and the package is further dismantled.

3, after unpacking found that the destination is not their own intranet IP, found themselves local did Snat, will be to the source IP replaced with 10.1.1.1

(5) LAN routing

1, in fact, from the 10.1.1.1, arrived at the destination for the 10.1.1.2 package, without routing, directly in the LAN broadcast. The 10.1.1.2 machine determines that it is sent to its own package and is received. And then processed it further.

Two LAN (office network-IDC) Security Interoperability Scheme 2:by GRE and Linux server& in-depth understanding of GRE

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.