Synopsis:

In the last post, I talked about the GRE tunnels, it’s Class of Service and the Firewall Filters it offers.  The next step is to learn about the simplest way to configure a tunnel between two sites using GRE.  This article aims to give understanding about the Configuration of GRE Tunnels for Juniper Networks.

Pre-requisites:

Before we go in the actual configuration, here is a checklist that you must have before configuring your GRE tunnel between sites.

  1. Physical interface to bind
  2. Logical interface to bind
  3. Source IP address
  4. Destination IP address
  5. Tunnel IP address
  6. Routing protocol binding of interfaces

When we know about all the items in the checklist, we are good to go. Now, let’s start configuring our Tunnel for Juniper Networks JUNOS.

Configuration on site A:

Step 1: Define GRE interface and make sure naming convention is synchronized

Here, we select interface with the keyword gr and then its corresponding port number which in our case we assume to be 0/0/0. So on the CLI it would look like gr-0/0/0

Now, based on the requirement I will mark the GRE tunnel’s source and destination.

Step 2: Assign source and destination to your above assigned GRE interface

For setting up the interface both on my source and destination, the following two sets of commands are used.

set interfaces gr-0/0/0 unit 4 tunnel source 10.240.2.2 
set interfaces gr-0/0/0 unit 4 tunnel destination 10.240.2.6

Step 3: Assign IP address to GRE tunnel interface as well in following manner.

set interfaces gr-0/0/0 unit 4 family inet address 10.104.10.2/30

Step 4: Define a physical interface

The above configuration is all logical in nature so we have to assign a physical interface for data transmission and receiving utilizing above logical interfaces.

set interfaces ge-0/0/4 unit 0 family inet address 172.16.3.253/16

Here is a bonus configuration, right, GRE configuration is complete with above commands but trust me it will not transport data. Therefore, we would like to put a little more effort to make it happen. It is up to your understanding which routing methodology you have to set for your network i.e. static routes, RIP, EIGRP or OSPF or whatever. You have to bind the respective GRE tunnel interface in OSPF.

Step 5: Bind both logical and physical interface to the routing protocol, in our case it is OSPF.

set protocols ospf area 0.0.0.0 interface gr-0/0/0.4

Step 6: Save and Exit

Commit-and quit

After careful consideration, you will notice that the GRE tunnel has gone up and you can verify whether the traffic is flowing from the gr interface or not by entering the following commands.

traceroute 10.4.0.10

And it should reflect IP of your GRE address i.e. 10.104.10.1

Configuration on site B:

After we have configured one end of the tunnel (Site A), the next task is to run all of those commands on the second end of the tunnel (Site B). The steps are followed in the same manner. So here we are, configuring our Site B.

Step 1: Define GRE interface and make sure naming convention is synchronized.

Again, we select interface with the keyword gr and then its corresponding port number which is 0/0/4 so when you type it would look like gr-0/0/4

Step 2: Assign source and destination to your above assigned GRE interface

set interfaces gr-0/0/4 unit 1 tunnel source 10.240.2.6 
set interfaces gr-0/0/4 unit 1 tunnel destination 10.240.2.2

The thing to keep in mind is that here your destination and source have been inter-changed so consequently the source and destination addresses are reversed as compared to site A.

Step 3: Assign IP address to GRE tunnel interface as well in following manner.

set interfaces gr-0/0/4 unit 1 family inet address 10.104.10.1/30

Step 4: Define a physical interface

Like for site A, assigning physical interface for data transmission and receiving utilizing above logical interfaces.

set interfaces fe-0/0/4 unit 0 family inet address 10.4.0.1/24

In the same manner, we will configure OSPF for site B.

Step 5: Bind both logical and physical interface to the routing protocol, in our case it is OSPF.

set protocols ospf area 0.0.0.0 interface gr-0/0/0.0

Step 6: Save and Exit

commit-and quit

For checking

traceroute 172.16.0.10

And it should reflect IP of your GRE address i.e. 10.104.10.2