Home > GRE Tunnel

GRE Tunnel

August 1st, 2017 in ROUTE 300-101 Go to comments

Question 1

Explanation

GRE packets are encapsulated within IP and use IP protocol type 47

Question 2

Explanation

A GRE interface definition includes:

+ An IPv4 address on the tunnel
+ A tunnel source
+ A tunnel destination

Below is an example of how to configure a basic GRE tunnel:

interface Tunnel 0
ip address 10.10.10.1 255.255.255.0
tunnel source fa0/0
tunnel destination 172.16.0.2

In this case the “IPv4 address on the tunnel” is 10.10.10.1/24 and “sourced the tunnel from an Ethernet interface” is the command “tunnel source fa0/0”. Therefore it only needs a tunnel destination, which is 172.16.0.2.

Note: A multiple GRE (mGRE) interface does not require a tunnel destination address.

Question 3

Explanation

The tunnel interface is configured in default mode means the tunnel has been configured as a point-to-point (P2P) GRE tunnel. Normally, a P2P GRE Tunnel interface comes up (up/up state) as soon as it is configured with a valid tunnel source address or interface which is up and a tunnel destination IP address which is routable.

Under normal circumstances, there are only three reasons for a GRE tunnel to be in the up/down state:
+ There is no route, which includes the default route, to the tunnel destination address.
+ The interface that anchors the tunnel source is down.
+ The route to the tunnel destination address is through the tunnel itself, which results in recursion.

Therefore if a route towards the tunnel destination has not been configured then the tunnel is stuck in up/down state.

Reference: http://www.cisco.com/c/en/us/support/docs/ip/generic-routing-encapsulation-gre/118361-technote-gre-00.html

Question 4

Explanation

In this question only answer A is a reasonable answer. When the state of the tunnel interface is continuously moving between up and down we must make sure the route towards the tunnel destination address is good. If it is not good then that route may be removed from the routing table -> the tunnel interface comes down.

Question 5

Explanation

The IP protocol was designed for use on a wide variety of transmission links. Although the maximum length of an IP datagram is 65535, most transmission links enforce a smaller maximum packet length limit, called an MTU. The value of the MTU depends on the type of the transmission link. The design of IP accommodates MTU differences since it allows routers to fragment IP datagrams as necessary. The receiving station is responsible for the reassembly of the fragments back into the original full size IP datagram.

Fragmentation and Path Maximum Transmission Unit Discovery (PMTUD) is a standardized technique to determine the maximum transmission unit (MTU) size on the network path between two hosts, usually with the goal of avoiding IP fragmentation. PMTUD was originally intended for routers in IPv4. However, all modern operating systems use it on endpoints.

The TCP Maximum Segment Size (TCP MSS) defines the maximum amount of data that a host is willing to accept in a single TCP/IP datagram. This TCP/IP datagram might be fragmented at the IP layer. The MSS value is sent as a TCP header option only in TCP SYN segments. Each side of a TCP connection reports its MSS value to the other side. Contrary to popular belief, the MSS value is not negotiated between hosts. The sending host is required to limit the size of data in a single TCP segment to a value less than or equal to the MSS reported by the receiving host.

TCP MSS takes care of fragmentation at the two endpoints of a TCP connection, but it does not handle the case where there is a smaller MTU link in the middle between these two endpoints. PMTUD was developed in order to avoid fragmentation in the path between the endpoints. It is used to dynamically determine the lowest MTU along the path from a packet’s source to its destination.

Reference: http://www.cisco.com/c/en/us/support/docs/ip/generic-routing-encapsulation-gre/25885-pmtud-ipfrag.html (there is some examples of how TCP MSS avoids IP Fragmentation in this link but it is too long so if you want to read please visit this link)

Note: IP fragmentation involves breaking a datagram into a number of pieces that can be reassembled later.

Question 6

Explanation

A valid tunnel destination is one which is routable (which means the destination is present or there is a default route in the routing table). However, it does not have to be reachable -> Answer B is correct.

Reference: http://www.cisco.com/c/en/us/support/docs/ip/generic-routing-encapsulation-gre/118361-technote-gre-00.html

For a tunnel to be up/up, the source interface must be up/up, it must have an IP address, and the destination must be reachable according to your own routing table.

Question 7

Question 8

Question 9

Explanation

GRE tunnel provides a way to encapsulate any network layer protocol over any other network layer protocol. GRE allows routers to act as if they have a virtual point-to-point connection to each other. GRE tunneling is accomplished by creating routable tunnel endpoints that operate on top of existing physical and/or other logical endpoints. Especially, IPsec does not support multicast traffic so GRE tunnel is a good solution instead (or we can combine both).

Question 10

Question 11

Explanation

When running GRE tunnel over IPSec, a packet is first encapsulated in a GRE packet and then GRE is encrypted by IPSec -> C is correct.

Question 12

Explanation

Four steps to configure GRE tunnel over IPsec are:

1. Create a physical or loopback interface to use as the tunnel endpoint. Using a loopback rather than a physical interface adds stability to the configuration.
2. Create the GRE tunnel interfaces.
3. Add the tunnel subnet to the routing process so that it exchanges routing updates across that interface.
4. Add GRE traffic to the crypto access list, so that IPsec encrypts the GRE tunnel traffic.

An example of configuring GRE Tunnel is shown below:

interface Tunnel0
ip address 192.168.16.2 255.255.255.0
tunnel source FastEthernet1/0
tunnel destination 14.38.88.10
tunnel mode gre ip

Note: The last command is enabled by default so we can ignore it in the configuration)

(Reference: CCNP Routing and Switching Quick Reference)

Question 13

Explanation

The address of the crypto isakmp key (line “crypto isakmp key ******* address 172.16.1.2”) should be 192.168.2.1, not 172.16.1.2 -> A is correct.

Question 14

Explanation

The access-list must also support GRE traffic with the “access-list 102 permit gre host 192.168.1.1 host 192.168.2.1” command -> B is correct.

Below is the correct configuration for GRE over IPsec on router B1 along with descriptions.

Configure_GRE_tunnel_over_IPsec.jpg

The interface tunnel configuration is rather simple so I don’t post it here.

Question 15

Explanation

The “tunnel destination” in interface tunnel should be 192.168.2.1, not 172.16.1.2 -> D is correct.

Comments
  1. Sam
    June 2nd, 2016

    {email not allowed},ph

    (change “,” to “.” )

  2. Anonymous
    July 19th, 2016

    need latest dump for 300-101 urgently

  3. Anonymous
    July 25th, 2016

    latest dumps ccnp route at taurusisverycool @ yahoo . com

  4. Anonymous
    July 28th, 2016

    Hi plis I need latest dump for 300-101 {email not allowed}

  5. Carlos Rodriguez
    July 28th, 2016

    Hi plis I need latest dump for 300-101 crodriguezra @ gmail.com

  6. ND
    August 5th, 2016

    I need the latest dumps pls my mail is nodebeanyaoku @ yahoo . com

  7. derval
    August 9th, 2016

    hello, can someone please send me the latest dumps ; {email not allowed}
    Thanks

  8. derval
    August 9th, 2016

    {email not allowed}

  9. NYGIANT
    August 10th, 2016

    Please Send lastest dumps mackmdbrown @ aol com

  10. TBF
    August 15th, 2016

    Hello guys,
    anyone can share me the latest pdf dumps. I am planning to take the exam soon.
    incredibletbf @ gmail . com
    Thanks alot

  11. Anonymous
    August 16th, 2016

    please send the latest dumps to {email not allowed}

  12. Anonymous
    August 24th, 2016

    pass ccna a week ago thanks for the support

  13. alain
    August 25th, 2016

    I need the latest dumps pls my mail is alainplay8 @ yahoo . es

  14. Anonymous
    August 31st, 2016

    I need the latest dumps too.thanks! my email is denismoen @ yahoo .com

  15. Joe
    August 31st, 2016

    Hey gurus, please, please, please send me the latest pdf dumps for 300-101 to joel.masocha @ gmail .com, I am writing the day after tomorrow and I am desparate to pass. I shall e forever indebted.

  16. Anonymous
    September 4th, 2016

    If someone has the latest pdf dumps please send it to me.

    info at anemosradio.com

    Thank you!!!

  17. Mahmud
    September 10th, 2016

    I need the latest valid dumps…if u get please send me({email not allowed})

  18. Anonymous
    September 14th, 2016

    please if someone has the latest dumps,please send it to me,i am writting next week,please,please

    this is my email:romualdtsafong@ yahoo.fr

  19. Anonymous
    September 14th, 2016

    300-101

  20. Hit me
    October 4th, 2016

    I failed today with a 640. The ‘300-101: Implementing Cisco IP Routing’ exam is completely different then what is on this site. Not even close. There are maybe 10 questions that are the same… What happened???

  21. set
    October 4th, 2016

    Hit Me I Had the same result, I do not know what happened, it was today too

  22. tagwa ali
    October 10th, 2016

    for new dump 183q
    send to me in

    tagwatagelsir88 @ gmail . com
    i have it

  23. IQ
    October 11th, 2016

    Questions are same guys dont worry

  24. Bikimi
    October 13th, 2016

    if you need a lab with lab materials, i can provide you with good one at $55 only.

  25. Passed
    October 17th, 2016

    Questions are pretty similar, you just need to study to understand what are you doing. Good luck!

  26. Passed
    October 17th, 2016

    Bikimi, you should be ashamed for trying to take advantage of us. Labs are the same as here and we can easily reproduce it in gns3 or packet tracert.

  27. CCNP 301-101 exam
    October 24th, 2016

    Hello can some one provide the latest dumps to {email not allowed}

  28. CCNP 301-101 exam
    October 24th, 2016

    Hello can some one provide the latest dumps to nine inch rick at gmail dot com

  29. Io
    November 14th, 2016

    Everything you require to get ready and quickly pass the tough Cisco Certified Design Professional 300-101exam with 100% pass guarantee in first attempt. http://www.grades4sure.com/300-101-exam-questions.html

  30. Jakson
    November 17th, 2016

    I passed the exam tomorrow with 93%. Almost each question is from this http://www.testmayor.com dumps! Such a great work, guys! You can pass the exam easily by using this material alone. About 3 questions were new but all were easy. Thanks for your help!

  31. Julian
    November 30th, 2016

    Many Thanks @ Akpofure. Passed the CCNA exam using the ebay link Akpofure provided above. Good luck to others.

  32. Julian
    November 30th, 2016

    CCNP Route I mean lol

  33. Tanzir
    December 20th, 2016

    Passed using the ebay materials. Not sure about others ones here, but the ebay materials are legit. Received no new questions. Exam details are as below:

    Simulations: PBR, Redistribution, IPv6 OSPF
    Simlets: EIGRP TShoot and OSPF TShoot
    54 Multiple choice questions

    Hope this helps, Cheers!

  34. Dinesh
    December 26th, 2016
  35. New Dumps
    January 30th, 2017

    100%, guaranteed passing material get Download package, (AllinONE) that you need to clear exam.
    All 5 Tickets in Packet Tracer
    149+41 Qs in VCE Player and PDF

    http://rebrand.ly/ccnac5f48

  36. Anonymous
    February 1st, 2017

    Is the 183q worth looking at, or stick to TAGWA and 149q????

  37. Malik
    February 1st, 2017

    please send me valid dumps, I have exam tomorrow….

    Pleeeeeeeeeeaaaaaaaaaase help zaibalammalik at gmail

  38. Anonymous
    March 7th, 2017

    Passed today,
    Studied the Cisco Official study guide and the question from 9tut.
    20 of the questions were from this dumps I found part of the questions here https://drive.google.com/open?id=0B5mAFqgydmCzTGd0VU9nQVZEaEE

    Good luck all!

  39. Almond
    April 1st, 2017

    FOR THOSE WHO JUST RECENTLY TOOK THE 300-101 EXAM. Please send me the latest dumps. I will take exam this week. Thank you for help. Please help me. :(

    Send it here:
    infinityme143(@)(gmail)(dot)(Com)

  40. mills
    April 5th, 2017

    are the ccnp route questions and sims currently on this digitaltut.com site valid now? please i need to know my exam is next week.

  41. Anonymous
    May 29th, 2017

    Hello Folks, I took the CCNP 300-101 yesterday and unfortunately I failed because the dump that I had was invalid. If anyone has the latest version, please send me to {email not allowed} and I can compare it with my exam and guarantee whether it is valid or not. for any of those who are planning to take it please be advised that the one with 149 questions is invalid.

  42. Tan
    June 1st, 2017

    i am going to take the exam soon, but i do not have the valid dump yet.
    Anyone can share with me ?

    incredibletbf At hotmail dot com

    Thank you in advance

  43. Anonymous
    June 30th, 2017

    can u guys please sende me the latest dumps on miguelfilipe_20_01 @ hotmail . com

  44. Request
    August 21st, 2017

    Hop all of you will be fine and doing well. if any one have the latest dumps would you please send to {email not allowed}

  45. Anonymous
    August 25th, 2017

    Failed today with 760 pts…all labs the same..loads of new questions ..and simlets…all dumps outdated..study hard chaps
    And also loads of routers commands questions for IPv6 EVN and NAT-PT

  46. Anonymous
    August 25th, 2017

    Failed today with 760pts….although I cleared all my labs , loads of new questions ,don’t trust any dumps…study hard chaps….and loads of simlet ( IPV6 , ACL, NAT, NAT-PT ETC ETC )

    ACL very important ( IPV6 and IPV4 both)

    I was using my old 642-902 books :(, please get the new cert guide for CCNP route 300-101)

  47. Steffy
    August 28th, 2017

    Hello everyone, for latest valid dump with continuous update, please contact me at steffyshirls @ gmail .com

  48. anony
    August 31st, 2017

    ALL dumps are valid here

  49. toto
    September 12th, 2017

    Send me the last dumps for ccnp 300-101with this email ta2010ab @ gmail . com

  50. davidmeiker
    September 12th, 2017

    Question 4
    A network engineer has configured GRE between two IOS routers. The state of the tunnel interface is continuously oscillating between up and down. What is the solution to this problem?

    A. Create a more specific static route to define how to reach the remote router.
    B. Create a more specific ARP entry to define how to reach the remote router.
    C. Save the configuration and reload the router.
    D. Check whether the internet service provider link is stable

    Answer: i think is “D”… not “A”

    because if it puts in up/up it means it is in fact reacheable and we can do nothing at the ISP side, we just have 1 way out and it is the gateway of the ISP.

    ¿what do you think?

  51. Howaythelad
    September 20th, 2017

    Best place to get the latest dumps

  52. hugojay
    October 10th, 2017

    please can someone send me the latest dumps for ccnp 300-101 with this email ugoeji4engine @ yahoo . com

  1. No trackbacks yet.