A Brief Introduction to the GRE Protocol

Generic Routing Encapsulation protocol (GRE) is a compact tunneling protocol developed by Cisco to encapsulate a large number of low-level networking layer protocols within virtual local area networks (LANs) or point-to-point multipoint networks over an IP network. The name itself indicates the purpose: a great part of GRE’s strength derives from its ability to create small Local Area Networks (LANs), which are effectively wider than conventional Wide Area Networks (WANs). Another advantage of using GRE over WANs is that it provides greater scalability, making it possible for small networks to grow without the need for large investments in new infrastructure. GRE is also able to scale better to changing business needs.

One of the many benefits of the GRE is that it offers support for the SRE protocol. The SRE or Service Request protocol is a mechanism used by edge routers to request information from higher level protocol nodes such as routers or switchboards. The information requested includes destination IP, source IP, header bits, and so on. When a SRE is sent, the other party will respond with a SYN or chunk of data, which contains the requested information, including the SRE.

Unlike other protocols that require two separate connections to initiate a session, a GRE requires one connection for each hop, making it very fast. This characteristic makes it suitable for small and simple networks. In addition, unlike other protocols that allow only eight hops, GRE allows up to sixteen hops. It can also use a single broadcast domain, which simplifies the process of matching on different subnets. Because of these advantages, GRE is commonly used for VPN networks and traffic management purposes.

By assigning different values to different areas of a subnet, GRE is able to provide authentication, portability, gateway, and security properties to different networks and devices. For example, it can create what is known as ‘wan links’ where routers can connect to other routers within a larger network without having to use the typical L2 or L3 IP addresses. GRE is also commonly used in conjunction with other protocols to secure VPNs. There are some cases where multiple protocols are applied to a single physical device such as in a VPN where various networks are allowed to connect to one another without sharing a common port number.

To give a better example of how GRE works in practice, consider a scenario where a VPN is established between two sites. At the initial site, there is a GRE tunnel that connects the two sites. However, once at the other end of the tunnel, users can log on to the VPN from either site at any time. The VPN will be operational just like any other traditional IP network (through the client router) through the use of GRE tunneling. With this approach, there is no need for the VPN to maintain two separate IP address allocations for users at the two sites.

The second part of the protocol is the encapsulated packet. This part consists of an IP header followed by a Solicited payload packet. Encapsulating the payload ensures that the integrity of both the input and output is preserved. Moreover, since the encapsulated packet has an IP header and Solicited payload, the data cannot be narrowed or changed during the course of the session. Unlike an IP packet, an encapsulated payload cannot be modified before being delivered or used by other systems.

To encapsulate a packet, the GRE protocol calls for a single output port or a GRE + SEDU (Search Engine Discovery Univerge) session. If a session is not possible due to lack of an active GRE + SEDU record, then the next best thing to do is to wait for a refresh of the existing record. Once the SEDU record is refreshed, the encapsulated payload will be ready to be sent. The encapsulated payload will be delivered and decoded in the same way as an IP packet.

One of the most interesting things about the GRE is that while it works on the most common types of networking protocols, it also supports several attack types. The two attack types that are supported are Code Based and MAC Detection. There are many more attack types that can be supported by GRE software. Some of the other attack types include Code Based and MAC Detection.