Layer-2 GRE Tunnels

Layer-2 GRE Generic Routing Encapsulation. GRE is an IP encapsulation protocol that is used to transport packets over a network. tunnels allow you to have the same VLAN Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. in multiple locations (separated by a Layer-3 network) and be connected. The forwarding method for a Layer-2 GRE Generic Routing Encapsulation. GRE is an IP encapsulation protocol that is used to transport packets over a network. tunnel is bridging.

However, the drawback of using Layer-2 GRE Generic Routing Encapsulation. GRE is an IP encapsulation protocol that is used to transport packets over a network. tunnels is that all broadcasts are flooded through the tunnel, adding traffic load to the network and the managed devices. Starting from ArubaOS 8.4.0.0, both trusted and untrusted VLANs Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. are supported on a single Layer-2 GRE Generic Routing Encapsulation. GRE is an IP encapsulation protocol that is used to transport packets over a network. tunnel.

Figure 1  Layer-2 GRE Tunnel

The traffic flow illustrated by Figure 1 is as follows:

  1. The frame enters the source managed device (Controller-1) on VLAN Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. 101.
  2. The frame is bridged through Controller-1 into the Layer-2 GRE Generic Routing Encapsulation. GRE is an IP encapsulation protocol that is used to transport packets over a network. tunnel.
  3. The frame is encapsulated in a GRE Generic Routing Encapsulation. GRE is an IP encapsulation protocol that is used to transport packets over a network. packet.
  4. The GRE Generic Routing Encapsulation. GRE is an IP encapsulation protocol that is used to transport packets over a network. packet enters the network on VLAN Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. 10, is routed across the network to the destination managed device (Controller-2), and then exits the network on VLAN Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. 20.
  5. The source IP address of the GRE Generic Routing Encapsulation. GRE is an IP encapsulation protocol that is used to transport packets over a network. packet is the IP address of the interface in VLAN Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. 10 in Controller 1.
  6. The frame is de-encapsulated and bridged out of the destination managed device (Controller-2) on VLAN Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. 101.

The following procedure configures a Layer-2 GRE Generic Routing Encapsulation. GRE is an IP encapsulation protocol that is used to transport packets over a network. tunnel for a source managed device and destination managed device:

  1. In the Managed Network node hierarchy, navigate to Configuration > Interfaces > GRE Tunnels.
  2. Create a new GRE Generic Routing Encapsulation. GRE is an IP encapsulation protocol that is used to transport packets over a network. tunnel by clicking + below the GRE Tunnel table, or edit an existing GRE Generic Routing Encapsulation. GRE is an IP encapsulation protocol that is used to transport packets over a network. tunnel by selecting an entry from the GRE Tunnel table.
  3. Enter the corresponding GRE Generic Routing Encapsulation. GRE is an IP encapsulation protocol that is used to transport packets over a network. tunnel values for this managed device.
  4. (Optional) Select the Enable keepalive checkbox to enable tunnel keepalive Signal sent at periodic intervals from one device to another to verify that the link between the two devices is working. If no reply is received, data will be sent by a different path until the link is restored. A keepalive can also be used to indicate that the connection should be preserved so that the receiving device does not consider it timed out and drop it. heartbeats. For more information on this feature, see Layer-2 GRE Tunnels
  5. Click Submit.
  6. Click Pending Changes.
  7. In the Pending Changes window, select the check box and click Deploy changes.
  8. Next, access the destination managed device and navigate to Configuration > Interfaces > GRE Tunnels.
  9. Select the tunnel ID of interest from the GRE Tunnel table.
  10. Use the edit screen to configure the destination managed device.
  11. (Optional) Select the Enable keepalive checkbox to enable tunnel keepalive Signal sent at periodic intervals from one device to another to verify that the link between the two devices is working. If no reply is received, data will be sent by a different path until the link is restored. A keepalive can also be used to indicate that the connection should be preserved so that the receiving device does not consider it timed out and drop it. heartbeats.
  12. Click Submit.
  13. Click Pending Changes.
  14. In the Pending Changes window, select the check box and click Deploy changes.

Referring to Figure 1, the following are the required configurations to create the Layer-2 GRE Generic Routing Encapsulation. GRE is an IP encapsulation protocol that is used to transport packets over a network. tunnel between controllers named Controller-1 and Controller-2:

IPv4 Controller-1 Configuration

(host) [mynode] (config) # interface tunnel 101

description “IPv4 Layer-2 GRE 101"

tunnel mode gre 1

tunnel source vlan 101

tunnel destination 192.168.1.1

tunnel keepalive

trusted

tunnel vlan 101

trusted vlan 101

IPv4 Controller-2 Configuration

(host) [mynode] (config) # interface tunnel 201

description “IPv4 Layer-2 GRE 201"

tunnel mode gre 1

tunnel source vlan 201

tunnel destination 192.168.2.1

tunnel keepalive

trusted

tunnel vlan 201

trusted vlan 201

The following command example configures a Layer-2 GRE Generic Routing Encapsulation. GRE is an IP encapsulation protocol that is used to transport packets over a network. tunnel for IPv6:

IPv6 Controller-1 Configuration

(host) [mynode] (config) # interface tunnel 301

description “IPv6 Layer-2 GRE 301"

tunnel mode gre 1

tunnel source ipv6 vlan 301

tunel destination ipv6 2001:1:2:2020::1

tunnel keepalive

trusted

tunnel vlan 301

trusted vlan 301

IPv6 Controller-2 Configuration

(host) [mynode] (config) # interface tunnel 401

description “IPv6 Layer-2 GRE 401"

tunnel mode gre 2

tunnel source ipv6 vlan 401

tunnel destination ipv6 2001:1:2:1010::1

tunnel keepalive

trusted

tunnel vlan 401

trusted vlan 401