Problems with gif tunnels
Giorgos Keramidas
keramida at FreeBSD.org
Wed Jun 8 12:20:54 GMT 2005
On 2005-06-08 12:40, Jeremie Le Hen <jeremie at le-hen.org> wrote:
>
> IIRC,
> - Linux uses the ipip module to do IP-over-IP tunnel
> - FreeBSD uses the gre(4) interface to do GRE tunnels
> - GRE is a Cisco product and means ``Generic Routing
> Encapsulation''. I don't know what they mean with the term
> "Generic" because I have only seen IP encapsulated tunnel so
> far.
It's not mandatory to tunnel IP over GRE. Other, non IPv4 protocols can
be encapsulated in the GRE payload.
> According to the GRE header, I guess GRE is far more powerful
> than a simple IP-over-IP encapsulation, and I would be glad if
> someone could explain us what are the benefits of this protocol.
GRE is not a simple encapsulation of an IP packet as the payload of an
IP packet. It also includes fields in the outter IP header that may
support, among other things:
- Source routing
- A crude form of authentication (key & sequence number pair)
- Separation of tunelled "flows" without the payload inspection
IP-IP tunnels may require
More information about the freebsd-net
mailing list