GRE over IPv4 tunnel configuration example

Switch A and Switch B are interconnected through the Internet. Two private IPv4 subnets Group 1 and Group 2 are interconnected through a GRE tunnel between the two switches.

Before the configuration, make sure that Switch A and Switch B are reachable to each other.

1. Configure Switch A:

   # Configure an IPv4 address for interface GigabitEthernet 1/0/1.

   <SwitchA> system-view
   [SwitchA] vlan 100
   [SwitchA-vlan100] port GigabitEthernet 1/0/1
   [SwitchA-vlan100] quit
   [SwitchA] interface vlan-interface 100
   [SwitchA-Vlan-interface100] ip address 10.1.1.1 255.255.255.0
   [SwitchA-Vlan-interface100] quit
   

   # Configure an IPv4 address for interface GigabitEthernet 1/0/2, the physical interface of the tunnel.

   [SwitchA] vlan 101
   [SwitchA-vlan101] port GigabitEthernet 1/0/2
   [SwitchA-vlan101] quit
   [SwitchA] interface vlan-interface 101
   [SwitchA-Vlan-interface101] ip address 1.1.1.1 255.255.255.0
   [SwitchA-Vlan-interface101] quit
   

   # Create service loopback group 1, and configure the service type as tunnel.

   [SwitchA] service-loopback group 1 type tunnel
   

   # Add port GigabitEthernet 1/0/3 to service loopback group 1, and disable STP, NDP, and LLDP on the port.

   [SwitchA] interface GigabitEthernet 1/0/3
   [SwitchA-GigabitEthernet1/0/3] undo stp enable
   [SwitchA-GigabitEthernet1/0/3] undo ndp enable
   [SwitchA-GigabitEthernet1/0/3] undo lldp enable
   [SwitchA-GigabitEthernet1/0/3] port service-loopback group 1
   [SwitchA-GigabitEthernet1/0/3] quit
   

   # Create a tunnel interface Tunnel1.

   [SwitchA] interface tunnel 1
   

   # Configure an IPv4 address for the tunnel interface Tunnel1.

   [SwitchA-Tunnel1] ip address 10.1.2.1 255.255.255.0
   

   # Configure the tunnel encapsulation mode as GRE over IPv4.

   [SwitchA-Tunnel1] tunnel-protocol gre
   

   # Configure the source address of the tunnel interface Tunnel1 as the IP address of the VLAN interface of interface GigabitEthernet 1/0/2.

   [SwitchA-Tunnel1] source vlan-interface 101
   

   # Configure the destination address for tunnel interface Tunnel1 (IP address of the VLAN interface to which GigabitEthernet 1/0/2 of Switch B belongs).

   [SwitchA-Tunnel1] destination 2.2.2.2
   

   # Apply service loopback group 1 to the tunnel in tunnel interface view.

   [SwitchA-Tunnel1] service-loopback-group 1
   [SwitchA-Tunnel1] quit
   

   # Configure a static route from Switch A through tunnel interface Tunnel1 to Group 2.

   [SwitchA] ip route-static 10.1.3.0 255.255.255.0 tunnel 1
   

2. Configure Switch B:

   # Configure an IPv4 address for interface GigabitEthernet 1/0/1.

   <SwitchB> system-view
   [SwitchB] vlan 100
   [SwitchB-vlan100] port GigabitEthernet 1/0/1
   [SwitchB-vlan100] quit
   [SwitchB] interface vlan-interface 100
   [SwitchB-Vlan-interface100] ip address 10.1.3.1 255.255.255.0
   [SwitchB-Vlan-interface100] quit
   

   # Configure an IPv4 address for interface GigabitEthernet 1/0/2, the physical interface of the tunnel.

   [SwitchB] vlan 101
   [SwitchB-vlan101] port GigabitEthernet 1/0/2
   [SwitchB-vlan101] quit
   [SwitchB] interface vlan-interface 101
   [SwitchB-Vlan-interface101] ip address 2.2.2.2 255.255.255.0
   [SwitchB-Vlan-interface101] quit
   

   # Create service loopback group 1, and configure the service type as tunnel.

   [SwitchB] service-loopback group 1 type tunnel
   

   # Add port GigabitEthernet 1/0/3 to service loopback group 1, and disable STP, NDP, and LLDP on the port.

   [SwitchB] interface GigabitEthernet 1/0/3
   [SwitchB-GigabitEthernet1/0/3] undo stp enable
   [SwitchB-GigabitEthernet1/0/3] undo ndp enable
   [SwitchB-GigabitEthernet1/0/3] undo lldp enable
   [SwitchB-GigabitEthernet1/0/3] port service-loopback group 1
   [SwitchB-GigabitEthernet1/0/3] quit
   

   # Create a tunnel interface Tunnel1.

   [SwitchB] interface tunnel 1
   

   # Configure an IPv4 address for tunnel interface Tunnel1.

   [SwitchB-Tunnel1] ip address 10.1.2.2 255.255.255.0
   

   # Configure the tunnel encapsulation mode as GRE over IPv4.

   [SwitchB-Tunnel1] tunnel-protocol gre
   

   # Configure the source address for tunnel interface Tunnel1 (IP address of the VLAN interface to which GigabitEthernet 1/0/2 belongs).

   [SwitchB-Tunnel1] source vlan-interface 101
   

   # Configure the destination address for tunnel interface Tunnel1 (IP address of the VLAN interface to which GigabitEthernet 1/0/2 of Switch A belongs).

   [SwitchB-Tunnel1] destination 1.1.1.1
   

   # Apply service loopback group 1 to the tunnel in tunnel interface view.

   [SwitchB-Tunnel1] service-loopback-group 1
   [SwitchB-Tunnel1] quit
   

   # Configure a static route from Switch B through tunnel interface Tunnel1 to Group 1.

   [SwitchB] ip route-static 10.1.1.0 255.255.255.0 Tunnel 1
   

3. Verify the configuration:

   # View the tunnel interface status on Switch A and Switch B.

   [SwitchA] display interface tunnel 1
   Tunnel1 current state: UP
   Line protocol current state: UP
   Description: Tunnel1 Interface
   The Maximum Transmit Unit is 1476
   Internet Address is 10.1.2.1/24 Primary
   Encapsulation is TUNNEL, service-loopback-group ID is 1.
   Tunnel source 1.1.1.1, destination 2.2.2.2
   Tunnel bandwidth 64 (kbps)
   Tunnel protocol/transport GRE/IP
       GRE key disabled
       Checksumming of GRE packets disabled
   Last clearing of counters:  Never
       Last 300 seconds input:  0 bytes/sec, 0 packets/sec
       Last 300 seconds output:  0 bytes/sec, 0 packets/sec
       10 packets input,  840 bytes
       0 input error
       10 packets output,  840 bytes
       0 output error
   [SwitchB] display interface tunnel 1
   Tunnel1 current state: UP
   Line protocol current state: UP
   Description: Tunnel1 Interface
   The Maximum Transmit Unit is 1476
   Internet Address is 10.1.2.2/24 Primary
   Encapsulation is TUNNEL, service-loopback-group ID is 1.
   Tunnel source 2.2.2.2, destination 1.1.1.1
   Tunnel bandwidth 64 (kbps)
   Tunnel protocol/transport GRE/IP
       GRE key disabled
       Checksumming of GRE packets disabled
   Last clearing of counters:  Never
       Last 300 seconds input:  2 bytes/sec, 0 packets/sec
       Last 300 seconds output:  2 bytes/sec, 0 packets/sec
       10 packets input,  840 bytes
       0 input error
       10 packets output,  840 bytes
       0 output error
   

   # From Switch B, ping the IP address of VLAN-interface 100 on Switch A.

   [SwitchB] ping 10.1.1.1
     PING 10.1.1.1: 56  data bytes, press CTRL_C to break
       Reply from 10.1.1.1: bytes=56 Sequence=1 ttl=255 time=2 ms
       Reply from 10.1.1.1: bytes=56 Sequence=2 ttl=255 time=2 ms
       Reply from 10.1.1.1: bytes=56 Sequence=3 ttl=255 time=2 ms
       Reply from 10.1.1.1: bytes=56 Sequence=4 ttl=255 time=2 ms
       Reply from 10.1.1.1: bytes=56 Sequence=5 ttl=255 time=2 ms
   
     --- 10.1.1.1 ping statistics ---
       5 packet(s) transmitted
       5 packet(s) received
       0.00% packet loss
       round-trip min/avg/max = 2/2/2 ms