GRE tunnel原理:
一、穿马甲,走出去
GRE的原理是将3层报文封装到IP报文里,送到tunnel对端后在解开的技术。你可以把tunnel想象成一个DDN专线,tunnel口上配置的ip地址就相当于连接DDN专线的串口的IP地址。这个地址一般是内部的IP,Internet上是不认的(假设tunnel通过Internet来建)。而tunnel source和tunnel destination地址是Internet上可以路由的IP地址,用于建立tunnel,并不是tunnel口的IP。
二、tunnel使用分类:
1.gre tunnel
2、IPsec over GRE 和GRE over IPsec
三、实例
四、报错
1.
R2#
*Mar 1 00:29:25.787: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to up
R2#
*Mar 1 00:29:35.987: %OSPF-5-ADJCHG: Process 100, Nbr 4.4.4.4 on Tunnel0 from LOADING to FULL, Loading Done
R2#
*Mar 1 00:29:44.787: %TUN-5-RECURDOWN: Tunnel0 temporarily disabled due to recursive routing
*Mar 1 00:29:45.787: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to down
*Mar 1 00:29:45.803: %OSPF-5-ADJCHG: Process 100, Nbr 4.4.4.4 on Tunnel0 from FULL to DOWN, Neighbor Down: Interface down or detached
R2#
2. FPC 1 has unreachable destination
3. Tunnel0 temporarily disabled due to recursive routing
Nbr 4.4.4.4 on Tunnel0 from FULL to DOWN,
Neighbor Down: Interface down or detached
未完,待续。。。。。。
