Which two statements are true of GRE? (Choose two.)

Which two statements are true of GRE? (Choose two.)

Which two statements are true of GRE? (Choose two.)

A.
GRE can encapsulate and transport protocols other than IP across an IP network.

B.
GRE can create a point-to-point link between two devices separated by multiple hops.

C.
GRE encrypts the data it transports to ensure data integrity.

D.
GRE maintains state at Layer 5 of the OSI reference model.

Explanation:
Overview
Generic Routing Encapsulation (GRE) is a protocol for encapsulation of an arbitrary network layer protocol over another arbitrary network layer protocol.

In the most general case, a system has a packet, that needs to be encapsulated and delivered to some destination, which is called payload. The payload is first encapsulated in a GRE packet.The resulting GRE packet can then be encapsulated in some other protocol and then forwarded. This outer protocol is called the delivery protocol.

GRE tunnels are designed to be completely stateless. This means that each tunnel end-point does not keep any information about the state or availability of the remote tunnel end-point. Normally, a GRE tunnel interface comes up as soon as it is configured and it stays up as long as there is a valid tunnel source address or interface which is up

BASIC STEPS NEEDED TO CONFIGURE GRE

1)Configure a GRE (gr) interface. The gr interface contains a local address and destination address. It comes up as soon as it is configured. You can even configure an IP address on the gr interface. (It is not mandatory.)
2) Configure a route to reach the destination subnet (End to End connectivity). You can configure either a static route through the gr interface or use a IGP (i.e. OSPF can be used for this purpose).

Basic GRE Configuration Example
The following example illustrates a configuration with the following settings:

* Local subnet interface is ge-0/0/0 with IPv4 address as 10.10.11.1/24
* Destination subnet is 10.10.10.0/24 with the tunnel end point IPv4 interface as 10.10.10.1/24
* Bind gr-0/0/0 interface to a security zone

Configuration using Static route
[edit interfaces]
root@password# show
ge-0/0/0 {
unit 0 {
family inet {
address 10.10.11.1/24;
}
}
}

gr-0/0/0 {
unit 0 {
tunnel {
source 1.1.1.1;
destination 2.2.2.1;
}
family inet {
address 192.168.1.1/24;
}
}
}

ge-0/0/1 {
unit 0 {
family inet {
address 1.1.1.1/24;
}
}
}

[edit security]
root@password# show
zones {
security-zone trust {
host-inbound-traffic {
system-services {
all;
}
protocols {
all;
}
}
interfaces {
gr-0/0/0.0;
}
}
}

root@password# show routing-options
static {
route 10.10.10.0/24 next-hop gr-0/0/0.0;
}
In case you do not want to define a static route, OSPF can be configured between interfaces gr-0/0/0 on both sides and internal subnet as passive neighbor, to receive all the internal routes.

[edit protocols]
root@password# show
ospf {
area 0.0.0.0 {
interface gr-0/0/0.0;
interface ge-0/0/0.0 {
passive;
}
}
}

Verify your work:
1. Verify the GRE interfaces are up.

root@password>show interfaces gr-0/0/0 terse

Interface Admin Link Proto Local Remote
gr-0/0/0 up up
gr-0/0/0.0 up up inet 192.168.1.1/24

2. Verify packets are leaving through gr- interface
root@password> show interfaces gr-0/0/0 extensive

Traffic statistics:
Input bytes : 0
Output bytes : 384
Input packets : 0
Output packets: 4
Local statistics:
Input bytes : 0
Output bytes : 216
Input packets : 0
Output packets: 2
Transit statistics:
Input bytes : 0 0 bps
Output bytes : 168 0 bps
Input packets : 0 0 pps
Output packets: 2 0 pps

Purpose:
Configuration
Implementation
Troubleshooting



Leave a Reply 0

Your email address will not be published. Required fields are marked *