WHAT R GRE TUNNELS?
AND R THEY RELATED TO VPN?
Yes, either or VPN or GRE tunnels (generic routing encapsulation or GRE) will provide an end-to-end, segregated path across the network.
GRE is a Cisco tunneling protocol capable of encapsulating a wide variety of network layer protocols packets inside special IP tunnels. The goal is to create a virtual point-to-point link between two remote locations, sort of VPN link.
GRE is not encryption protocol; it is just encapsulation protocol. S, you still need add encryption for security;
GRE ccan replaced OSPF Virtual links;
GRE are easy to create;
One side is
1. create interface tunnel 0
2. add ip address 172.17.100.2 255.255.255.252
3. specify tunnel source 184.108.40.206
4. tunnel destination 220.127.116.11
the other side will have
ip address 172.17.100.1 255.255.255.252
tunnel source 18.104.22.168
tunnel destination 22.214.171.124
Ipsec is used with GRE encapsulation because GRE sends data in plain text format
Find the link which describes about IPSEC over GRE tunnels
Adding to the excellent answers above, after configuring GRE tunnel, your IGP will now see those routes learned via the external VPN network reachable via a point to point interface which is your GRE tunnel interface. As the name applies, point to point = hop count one, which makes it easier for you IGP for metric calculations too.
Any discontinous network can be made to look as if it is single hop away (connected via the point to point tunnel interface).
When you understand the fact that it can connect any discontinuos network, you can understand Brian's statement on how it can relace the virtual link in OSPF. As you progress in your studies and understand Stub areas, you will come to know that It can even be applied in places where a virtual link cannot be applied.
Area 0 -- > Area 1 -- > Area 2 -- > Area 3
In above network, if area 2 is a Stub, but you still want to have area 3 in your OSPF domain, you use a GRE tunnel between the Area12 ABR and AREA 23 ABR to extend area 0 to Area 3. And you will use a Virtual link between Area01 ABR and Area 12 ABR to extend area 0 out to Area 2.
I learned this concept for God Scott. Thanks to him
GRE is layer 3 IP protocol. It can encapsulate following protocols: IP, IPX, apple talk ....
GRE has two main disadvantages:
+GRE works only on cisco routers
+GRE lacks protection capacities: authentication, encryption, integrity checking
It can be combined with other solution, such as IP SEC, to create a more robust VPN deloyment