The configs gives a GRE tunnel to destination address 10.207.42.3.This is a sort of logical tunnel link between 2 locations.BOth ends will have to be specified with a source & destination for the tunnel to know where to enter and look for a particular end node.
Although this doesnt give security as gud as wat ipsec gives still it encapsulates the packets ..sort of IP within IP.
You can use tunnels to say connect ur 2 remote end offices located geographically @ different places and want to share/access variety of application either ways without goin all the way thru the internet.
the other end will have same config as above but the tunnel source will change to actual external interface u will use to route the packets out of ur network, also tunnel destination will change to the other ends external entry interface.
Also , u will need to put routes @ either ends pointing the path to your internal nodes.
say, ip route 192.168.2.0 255.255.255.0 tunnel1
where 192.168.2.0 255.255.255.0 is the other ends internal network and tunnel1 is the exit logical interface from where it can reach 192.168.2.0/24 network on the other end.
When configuring routes, you usually need to overcome "recursive routing".
GRE is configured with, and knows of the tunnel endpoints, but sees the path to the far-side tunnel endpoint as being via the tunnel itself (recursive routing).
We need to provide an alternative (typically a static host route) that tells GRE to reach the far-side tunnel endpoint by way of a "physical" interface.
i.e.: reach the far-side tunnel endpoint aaa.bbb.ccc.ddd (on a different network) by way of our default gateway (next hop).
ip route 255.255.255.255 2
Usually, you will use dynamic routing protocols to populate the routing tables with routes to the far side network(s). So, "192.168.2.0 255.255.255.0 via tunnel1" would be a dynamically learned route, and not a static configured route.
Also, the tunnel endpoints do NOT have to be the external physical interface addresses. It is not uncommon to use Loopback interfaces as the GRE tunnel endpoints.
These addresses can be private addresses when GRE is encapsulated within IPSec (ESP Tunnel Mode) because the outermost IP header would be using globally routable external interface addresses.
GRE is a tunneling protocol used to create virtual point-to-point links. It encapsulates network layer packets inside an IP tunneling packet. It is often used to extend dynamic routing (or other multicast traffic) between sites.
The 255.255.255.252 mask, and the point-to-point portion of the "ip ospf network point-to-point" command suggest that you are running the GRE tunnel over a physical serial interface.
The tunnel source and destination convey the logical entry and exit points of the GRE tunnel. It is these addresses that will be used in the GRE encapsulation header.
Tunnel checksumming provides packet integrity for passenger protocols that don't provide integrity checking for themselves. With this feature enabled, the router will drop corrupted packets (i.e.: those with bad checksums).
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...