GRE Generic Routing Encapsulation creates GRE packets by encapsulating packets that are created by other protocols. The GRE packets, in turn, are encapsulated within IP packets. In this way, GRE is similar to the IPsec protocols AH Authentication Header and ESP Encapsulating Security Protocol. However, unlike AH and ESP, GRE does not ensure data integrity and confidentiality. On the Threat Management Services (TMS) zl Module, GRE encapsulates HTTP and FTP packets. Because GRE encapsulates packets and repackages them with a delivery IP header, it renders the original IP header transparent. GRE establishes a point-to-point link between two non-directly connected gateways; these gateways can then tunnel packets from hosts on private networks through another network. For example, on the TMS zl Module, a GRE tunnel can transit traffic through a network that uses the same IP addresses, which is useful for integrating sites that use overlapping addresses. GRE is often used in conjunction with IPsec to create a secure tunnel. You can also use GRE to establish a virtual point-to-point tunnel between two gateways that are separated by an intervening network. For example, you can create a VPN connection through the Internet between two remote sites. You would create a tunnel whose address is on the private network, but whose source and destination endpoints are on the public network. Advantages of GRE
Disadvantages of GRE
|