Jump to content
Sadikhov IT Certification forums
Sign in to follow this  
mcsewannabe

Doubts regarding the use of GRE

Recommended Posts

R1#sh ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route

 

Gateway of last resort is not set

 

C 192.168.10.0/24 is directly connected, FastEthernet0/1

D 192.168.20.0/24 [90/307200] via 10.1.1.2, 00:04:19, FastEthernet0/0

10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks

C 10.1.1.0/24 is directly connected, FastEthernet0/0

D 10.0.0.0/8 is a summary, 00:25:39, Null0

R1#sh run

Building configuration...

 

Current configuration : 1420 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname R1

!

boot-start-marker

boot-end-marker

!

enable password cisco

!

no aaa new-model

memory-size iomem 5

ip cef

!

!

!

!

no ip domain lookup

!

multilink bundle-name authenticated

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

crypto isakmp policy 10

encr aes

authentication pre-share

group 2

lifetime 3600

crypto isakmp key cisco123 address 10.1.1.2

!

!

crypto ipsec transform-set R1TRANSFORM esp-aes esp-sha-hmac

mode transport

!

crypto map R1CRYPTO 10 ipsec-isakmp

set peer 10.1.1.2

set transform-set R1TRANSFORM

match address 110

!

!

!

archive

log config

hidekeys

!

!

!

!

!

!

interface Tunnel0

ip address 20.1.1.1 255.255.255.0

shutdown

tunnel source 10.1.1.1

tunnel destination 10.1.1.2

crypto map R1CRYPTO

!

interface FastEthernet0/0

ip address 10.1.1.1 255.255.255.0

duplex auto

speed auto

crypto map R1CRYPTO

!

interface FastEthernet0/1

ip address 192.168.10.1 255.255.255.0

duplex auto

speed auto

!

router eigrp 1

network 10.0.0.0

network 20.0.0.0

network 192.168.10.0

auto-summary

!

!

!

no ip http server

no ip http secure-server

!

access-list 110 permit ip 192.168.10.0 0.0.0.255 192.168.20.0 0.0.0.255

!

!

!

!

!

!

control-plane

!

!

!

!

!

!

!

!

!

!

line con 0

exec-timeout 0 0

logging synchronous

line aux 0

line vty 0 4

password cisco

login

!

!

end

 

 

R2#sh ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route

 

Gateway of last resort is not set

 

D 192.168.10.0/24 [90/307200] via 10.1.1.1, 00:05:14, FastEthernet0/0

C 192.168.20.0/24 is directly connected, FastEthernet0/1

10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks

C 10.1.1.0/24 is directly connected, FastEthernet0/0

D 10.0.0.0/8 is a summary, 00:30:27, Null0

R2#sh run

Building configuration...

 

Current configuration : 1375 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname R2

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

memory-size iomem 5

ip cef

!

!

!

!

no ip domain lookup

!

multilink bundle-name authenticated

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

crypto isakmp policy 10

encr aes

authentication pre-share

group 2

lifetime 3600

crypto isakmp key cisco123 address 10.1.1.1

!

!

crypto ipsec transform-set R2TRANSFORM esp-aes esp-sha-hmac

mode transport

!

crypto map R2CRYPTO 10 ipsec-isakmp

set peer 10.1.1.1

set transform-set R2TRANSFORM

match address 110

!

!

!

archive

log config

hidekeys

!

!

!

!

!

!

interface Tunnel0

ip address 20.1.1.2 255.255.255.0

shutdown

tunnel source 10.1.1.2

tunnel destination 10.1.1.1

crypto map R2CRYPTO

!

interface FastEthernet0/0

ip address 10.1.1.2 255.255.255.0

duplex auto

speed auto

crypto map R2CRYPTO

!

interface FastEthernet0/1

ip address 192.168.20.1 255.255.255.0

duplex auto

speed auto

!

router eigrp 1

network 10.0.0.0

network 20.0.0.0

network 192.168.20.0

auto-summary

!

!

!

no ip http server

no ip http secure-server

!

access-list 110 permit ip 192.168.20.0 0.0.0.255 192.168.10.0 0.0.0.255

!

!

!

!

!

!

control-plane

!

!

!

!

!

!

!

!

!

!

line con 0

exec-timeout 0 0

logging synchronous

line aux 0

line vty 0 4

!

!

end

 

R2#

 

 

as u can see, i have shut the tunnel interface.Even then the EIGRP routes are there and the neighborship doesnt go down.I thought the reason for using gre was to pass routing details flow through the ipsec tunnel.Am i missing something here.What exactly is the use of GRE.this is gns3 topology not a real one..Please explain.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this  

×