GRE (Generic Routing Encapsulation) Overview
GRE is one of the most traditional tunneling protocols, and its fundamental function is to realize the tunnel function, the two remote networks connected through the tunnel are like direct-attached, GRE, which simulates a direct link between two remote networks to achieve direct connectivity, and for this reason the GRE needs to be packaged several times in total 3 times, in other words, Is that the data packets that are transmitted in the GRE tunnel have 3 heads, because only talk about IP protocol, so the GRE IP packet is a layer, a total of 3 IP address, GRE in the implementation of the tunnel, the need to create a virtual direct link, the GRE virtual link can be considered as a tunnel, the tunnel is analog link, So there are IP addresses at both ends of the tunnel, but the tunnel needs to find a starting point and focus in the public network, so the source and end of the tunnel to the public IP address of the end, the link is through the GRE protocol to complete the tunnel delivery packet process is divided into 3 steps:
1, receive the original IP packet as a passenger agreement, the original packet header IP address is a private IP address.
2, the original IP packets into the GRE protocol, the GRE protocol becomes the Encapsulation Protocol (encapsulation Protocol), the encapsulated Baotou IP address is virtual direct link at both ends of the IP address.
3, the entire GRE packet as data, the outer layer of the public network of the IP header, which is the origin and end of the tunnel, and thus routed to the end of the tunnel.
The data packets transmitted in the GRE tunnel are formatted as follows:
Note:
1, one of the public network IP Baotou section also become a transport protocol (transport Protocol)
2, the GRE will be in the original IP packets, an additional package of 24 bytes or 28 bytes, depending on the GRE mode.
The following image transmits the data process for the GRE:
GRE to create a virtual direct link between the remote routers, that is, the tunnel (tunnel), if not the tunnel, the GRE can not complete the tunnel function, the tunnel is the most basic function of the GRE, but also all the functions of the GRE; in the image environment, when Shanghai branch R2 package IP address into 192.168.1.4 to Wuhan, the GRE operation process is as follows:
1, assuming that R1 and R3 of the GRE Virtual Direct link (tunnel) has been resumes, the tunnel link at both ends of the address is 1.1.1.1 and 1.1 1.2, the origin and end of the tunnel ends are 202.1.1.1 and 61.1.1.1.
2, R1 received the target IP as the 192.168.1.4 packet, the original packet as a passenger packet into the GRE protocol, and add the GRE Baotou, The source IP in Baotou is the tunnel's local address 1.1.1.1, and the target IP in Baotou is the tunnel to the end address 1.1.1.2, thus completes the GRE packet's loading.
3, in the package of the GRE tunnel address of the packet outside the source of the GRE tunnel Origin IP address, the IP address is public network address, that is, the source IP is 100.1 1.1, the destination IP for the tunnel endpoint 200.1.1.1, the last packet sent out.
After the packet is sent to the Internet, all routers are forwarded only according to the outermost public network IP of the packet, that is, only the public network IP address 61.1 1.1来 forwarding, until the packet reached the true destination of the public network IP, After reaching R3 (ip:61.1.1.1), public network IP header will be stripped open, when R3 peel off the packet of the public network IP header, found the GRE Baotou, found that the target IP address is 1.1 1.2, so that they are the end of the GRE tunnel, so continue to peel the GRE Baotou, The destination IP address was finally found to be 192.168.1.4, and the packet was then sent to 192.168.1.4 (router R4).
Through the above GRE process, Shanghai branch R2 directly through the private IP address 192.168.1.4, finally successfully communicates with Wuhan branch R4.