In global configuration mode, create a tunnel with the command
interface tunnel 10
Next, configure the source address or interface of the tunnel with the command
tunnel source. For example,.
tunnel source GigabitEthernet0/0
The tunnel source command indicates the interface that will be used for tunnelling the traffic.
Configure the address of the destination interface. This is the IP address on the remote router that the GRE tunnel will connect to. An example of the command is
tunnel destination 220.127.116.11
With the source and the address of the tunnel interface defined, the tunnel itself now needs an IP address. Add one with the command
ip address 192.168.20.254 255.255.255.0
The next steps are optional:
Configure a tunnel bandwidth with the command
bandwidth followed by a numerical value in kilobits. This does not limit the speed on the tunnel interface but can be used in routing decisions and calculations on where packets should be sent.
Configure a keepalive value on the tunnel interface with
keepalive 10 3 (The default value of every ten seconds, with up to three retries). A keepalive will ensure that there is end to end communication on the tunnel interface to keep the line protocol on the interface as up.
Configure the maximum transmission unit with the command
ip mtu 1476. The overheads of GRE result in 24 bytes being added to the headers. The payload of our packet must be reduced from 1500 to 1476.
Next, configure the remote side of the router with the configuration to connect back to the local router.
The MTU of the packet may need to be reduced further if you are using other technologies in combination with GRE.
- GRE – 24 bytes
- DES/3DES IPSec in transport mode – 18 to 25 bytes
- DES/3DES IPSec in tunnel mode – 38 to 45 bytes
- GRE with DES/3DES – 42 to 49 bytes
- GRE with AES and SHA-1 – 62 to 77 bytes