Template:Networking rutxxx manual vpn gre
Generic Routing Encapsulation (GRE) is a tunneling protocol used to establish point-to-point connections between remote private networks. GRE tunnels encapsulate data packets in order to route other protocols over IP networks.
GRE: main & tunnel settings
To create a new GRE Tunnel instance, go to the Services → VPN → GRE Tunnel section, enter a custom name and click the 'Add' button. A GRE instance with the given name will appear in the "GRE Configuration" list.
To begin configuration, click the 'Edit' button located next to the instance. Refer to the figure and table below for information on the fields located in the GRE Tunnel instance configuration section.
|Enabled||yes | no; default: no||Turns the GRE Tunnel instance on or off.|
|Tunnel source||network interface; default: none||Network interface used to establish the GRE Tunnel.|
|Remote endpoint IP address||ip; default: none||External IP address of another GRE instance used to establish the initial connection between peers.|
|Use Ipv6: Remote endpoint IPv6 address||ip; default: none||External IPv6 address of GRE instance used to establish the initial connection between peers.|
|MTU||integer; default: 1476||Sets the maximum transmission unit (MTU) size. It is the largest size of a protocol data unit (PDU) that can be transmitted in a single network layer transaction.|
|TTL||integer [0..255]; default: 255||Sets a custom TTL (Time to Live) value for encapsulated packets. TTL is a field in the IP packet header which is initially set by the sender and decreased by 1 on each hop. When it reaches 0 it is dropped and the last host to receive the packet sends an ICMP "Time Exceeded" message back to the source.|
|Outbound key||integer [0..65535]; default: none||A key used to identify outgoing packets. A This value should match the "Inbound key" value set on the opposite GRE instance or both key values should be omitted on both sides.|
|Inbound key||integer [0..65535]; default: none||A key used to identify incoming packets. This value should match the "Outbound key" value set on the opposite GRE instance or both key values should be omitted on both sides.|
|Don't fragment||yes | no; default: yes||When unchecked, sets the nopmtudisc option for tunnel. Can not be used together with the TTL option.|
|Keep alive||yes | no; default: no||Turns "keep alive" on or off. The "keep alive" feature sends packets to the remote instance in order to determine the health of the connection. If no response is received, the device will attempt to re-establish the tunnel.|
|Keep alive interval||integer [0..255]; default: none||Frequency (in seconds) at which "keep alive" packets are sent to the remote instance.|
|Local GRE interface IP address||ip; default: none||IP address of the local GRE Tunnel network interface.|
|Local GRE interface netmask||netmask; default: none||Subnet mask of the local GRE Tunnel network interface.|
|Use IPv6: Enabled Local GRE interface IPv6 address||ip; default: none||IPv6 address of the local GRE Tunnel network interface.|
- Some configuration fields become available only when certain other parameters are selected. The names of the parameters are followed by a prefix that specifies the authentication type under which they become visible. Different color codes are used for different prefixes:
- Red for Use IPv6: Enabled
- After changing any of the parameters, don't forget to click the Save button located at the bottom-right side of the page.
GRE: routing settings
Routing settings are used to configure routes to networks that are behind the device that hosts the opposite GRE instance. To add a new route, simply click the 'Add' button. For information on configuring the route refer to the figure and table below.
|Remote subnet IP address||ip; default: none||IP address of the network behind the device that hosts the remote GRE instance.|
|Remote subnet netmask||netmask; default: none||Subnet mask of the network behind the device that hosts the remote GRE instance.|