What is Generic Routing Encapsulation (GRE)?
Generic routing encapsulation (GRE) is an IP encapsulation protocol which is used to transport IP packets over a network. Generic routing encapsulation (GRE) was initially developed by Cisco and later become industry standard (RFC 1701, RFC 2784 and RFC 2890)
GRE (Generic Routing Encapsulation) an IP datagram is tunnelled (encapsulated) within another IP datagram.GRE (Generic Routing Encapsulation) also supports encapsulating IPv4 broadcast and multicast traffic. The clear advantage of GRE over other tunnelling protocols is that it can encapsulate broadcast, multicast traffic (multicast streaming or routing protocols) or other non-IP protocols. GRE packets can be protected by using Internet Protocol Security (IPSec) ensuring confidentiality and integrity of the tunneled traffic.
Related- GRE vs IPSEC
Generic routing encapsulation (GRE) tunnels are not secure because Generic routing encapsulation (GRE) does not encrypt its Data payload. In real-time, Generic routing encapsulation (GRE) used together with other secure tunneling protocols like IPSec to provide network security.
GRE is stateless and has no knowledge of the configuration or even the existence of the remote tunnel endpoint. Once GRE is configured, packets are encapsulated and forwarded whether the decapsulating device is present or not.
Related- GRE vs L2TP
In contrast to IP-to-IP tunnelling, GRE tunnelling can transport multicast and IPv6 traffic between networks. Advantages of GRE tunnels include the following:
- GRE tunnels encase multiple protocols over a single-protocol backbone.
- GRE tunnels provide workarounds for networks with limited hops.
- GRE tunnels connect discontinuous sub-networks.
- GRE tunnels allow VPNs across wide area networks (WANs).
Some of the characteristics of GRE tunnels include the following:
- Data encapsulation – GRE tunnels encapsulate packets that use protocols incompatible with an intermediary network (passenger protocols) within protocols that are compatible (transport protocols). This allows data to be sent across networks that otherwise could not be traversed. For example, you could implement a GRE tunnel to connect two AppleTalk networks through an IP-only network or to route IPv4 packets across a network that only uses IPv6.
- Simplicity – GRE tunnels lack mechanisms related to flow-control and security by default. This lack of features can ease the configuration process. However, you probably don’t want to transfer data in an unencrypted form across a public network; therefore, GRE tunnels can be supplemented by the IPSec suite of protocols for security purposes. In addition, GRE tunnels can forward data from discontiguous networks through a single tunnel, which is something VPNs cannot do.
- Multicast traffic forwarding – GRE tunnels can be used to forward multicast traffic, whereas a VPN cannot. Because of this, multicast traffic such as advertisements sent by routing protocols can be easily transferred between remote sites when using a GRE tunnel.
GENERIC ROUTING ENCAPSULATION (GRE) HEADER
Following are the fields of Generic Routing Encapsulation (GRE) Header –
Flag C (Checksum Present): Used to indicate that the Checksum field is present and contains valid information, when set to 1.Flag R (Routing Present): Used to indicate that the Routing fields are present and contain valid information when set to 1.
Flag K (Key Present): Used to indicate that the Key field is present in the GRE header when set to 1.
Flag S (Sequence Number Present): Used to indicate that the Sequence Number field is present when set to 1.
Flag s (Strict Source Route): Set to 1 the routing information consists of Strict Source Routes
Recursion Control and Version Number are normally set to 0
Protocol Type: Protocol Type field is used to mention the protocol payload of the GRE packet. For IP, this field is set to 0x800
Checksum: Checksum field value is used to check the integrity of the GRE header and the payload.
Key: Key field value is used to authenticate the GRE packet’s encapsulator.
Sequence Number: Sequence Number filed value is used to track the sequence of GRE packets
GRE encapsulation structure is shown below –