Manualshelf

3Com Switch 8800 Family IPsec Module Configuration and Command reference Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module
131132133134135136137138139140
132 CHAPTER 9: CONFIGURATION OF GRE
multicast data with GRE, and then encrypt the encapsulated data using IPsec.
Thus, data secrecy in transmission can be achieved.
In addition, GRE also supports users to select and record identification key of
Tunnel interface, and supports the end-to-end check of encapsulated message.
Due to the influence of such factors as encapsulation and decapsulation between
GRE sender and receiver and data increase caused by encapsulation, the use of
GRE may somewhat decrease the data forwarding efficiency of security gateways.
GRE Configuration Among all the configuration tasks, virtual Tunnel interface must be created first
before other function features can be configured on it. Deleting a virtual Tunnel
interface deletes all configurations on it.
GRE configuration tasks include:
Create virtual Tunnel interface (required)
Set encapsulation mode (optional)
Specify source end of Tunnel (required)
Specify destination end of Tunnel (required)
Set network address of Tunnel interface (required)
Configure end-to-end verification on both ends of Tunnel (optional)
Set identification key of Tunnel interface (optional)
Configure routing via Tunnel (optional)
Creating Virtual Tunnel
Interface
Virtual Tunnel interface should be created so that other parameters of GRE can be
configured on it. These configurations are required to be performed on both ends
of the Tunnel.
Perform the following configuration in system view.
By default, no virtual Tunnel interface is created.
The device adopts distributed structure, on which interfaces are represented in a
three-dimension way; namely, slot/card/port. The parameter slot represents slot
number of the specified universal interface module; card represents the number of
the installed card, which can take on the value of 0 or 1; port represents the
number of the specified interface, ranging from 0 to 1023, but the actual number
of created Tunnels depends on the total number of interfaces and available
memory.
On creating Tunnel interface, it is recommended that the parameter slot should
keep in line with the slot of source end interface configured by the source
command. In other words, slot number specified by slot is the same as that of the
Tabl e 118 Create virtual Tunnel interface
Operation Command
Create a virtual Tunnel interface interface tunnel number
Delete a virtual Tunnel interface undo interface tunnel number