Tuesday, June 1, 2010

Checkpoint : Why GRE is needed on IPSec for dynamic routing? and What is GRE??

Its nothing but IPSec doesnt support Multicast Traffic.. I recalled my routing KB, yeas,,, most of the routing updates are done with Multicast.. So they needed a work around, and hence GRE into the scene... Now what is GRE....??

GRE is nothing but, type of a VPN, which create a virtual tunnel towards the destination from a particular source..

It hides the Multicast Packets, generated by your D. Routing Protocol and fools IPSEC, pretending that its a normal IP Packet.. I felt GRE is just like sea, hiding so many things in them and pretends everything normal...

Now, is GRE is only meant for IPSEC?? Answer is simple.. NO.. whenever you want to hide something from your transit path, can do the same..

It seems nothing wrong in hiding something and fooling someone .... here is the twist, there will be overheads for these type of packets.. Did you forget the MSS value... ?? So beware those who fools someone.. there will be twists in the Story...

