GRE

Basic configuration

GRE protocol provides a simple and general mechanism to encapsulate a network layer protocol in another network layer protocol. It is defined in RFC 2784.

This interface is point to point. So its configuration is different from ethernet interfaces (arp/ndp, dhcp are not available).

To configure GRE, enter the context interface type gre from the VRF in which you plan to define a GRE interface.

Here is an example of a GRE named tunnel1, with connecting the local address 1.1.1.1 and the remote address 2.2.2.2:

vrouter running vrf main# interface gre tunnel1
vrouter running gre tunnel1#! local 1.1.1.1 remote 2.2.2.2
vrouter running gre tunnel1# commit

Let’s fetch the state after committing this configuration:

vrouter running vrf main# interface gre tunnel1
vrouter running gre tunnel1# show state
gre tunnel1
    remote 2.2.2.2
    enabled true
    oper-status UP
    mtu 1476
    local 1.1.1.1
    counters
        in-octets 0
        out-octets 0
        in-errors 0
        in-unicast-pkts 0
        in-discards 0
        out-unicast-pkts 0
        out-errors 0
        out-discards 0
        ..
    ipv6
        address fe80::200:5efe:101:101/64
        ..
    ..

The same configuration can be made using this NETCONF XML configuration:

vrouter running gre tunnel1# show config xml absolute
<config xmlns="urn:6wind:vrouter">
  <vrf>
    <name>main</name>
    <interface xmlns="urn:6wind:vrouter/interface">
      <gre xmlns="urn:6wind:vrouter/gre">
        <name>tunnel1</name>
        <enabled>true</enabled>
        (...)
        <local>1.1.1.1</local>
        <remote>2.2.2.2</remote>
      </gre>
    </interface>
  </vrf>
</config>

Link VRF

A GRE interface may perform cross-VRF, i.e change the VRF of encapsulated and decapsulated packets:

vrouter running vrf main# interface gre tunnel1
vrouter running gre tunnel1# link-vrf wan

The link VRF is the VRF of encapsulated packets. The interface VRF is the VRF of output packets before encapsulation and of input packets after decapsulation.

GRE key

The GRE key is an extension defined in RFC 2890. It is an optional 32 bit field that enables to identify an individual traffic flow or service within a GRE tunnel.

When using this feature, each individual flow/service is processed by a different GRE interface, identified with the key assigned to the flow/service.

An optional output key may be assigned to a GRE interface. If set, GRE packets output by this interface will have a key field with the configured value:

vrouter running vrf main# interface gre tunnel1
vrouter running gre tunnel1# key output 5

An optional input key may be assigned to a GRE interface. If set, only GRE packets with a key field set to this value will be processed by this interface. If unset, only GRE packets without a key field will be processed by this interface.

vrouter running gre tunnel1# key input 2

key both assigns the same value for the input and output keys. It is overriden if key input or key output is specified:

vrouter running gre tunnel1# key both 3

The use of input and output keys is independant: it is possible to assign an output key without assigning an input key, and vice versa.

The tuple (local, remote, link-vrf, key input) must be unique among all GRE interfaces, whatever their vrf.

See also

The command reference for details.