Home > GRE Tunnel

GRE Tunnel

August 1st, 2017 in ROUTE 300-101 Go to comments

Question 1


GRE packets are encapsulated within IP and use IP protocol type 47

Question 2


A GRE interface definition includes:

+ An IPv4 address on the tunnel
+ A tunnel source
+ A tunnel destination

Below is an example of how to configure a basic GRE tunnel:

interface Tunnel 0
ip address
tunnel source fa0/0
tunnel destination

In this case the “IPv4 address on the tunnel” is and “sourced the tunnel from an Ethernet interface” is the command “tunnel source fa0/0”. Therefore it only needs a tunnel destination, which is

Note: A multiple GRE (mGRE) interface does not require a tunnel destination address.

Question 3


The tunnel interface is configured in default mode means the tunnel has been configured as a point-to-point (P2P) GRE tunnel. Normally, a P2P GRE Tunnel interface comes up (up/up state) as soon as it is configured with a valid tunnel source address or interface which is up and a tunnel destination IP address which is routable.

Under normal circumstances, there are only three reasons for a GRE tunnel to be in the up/down state:
+ There is no route, which includes the default route, to the tunnel destination address.
+ The interface that anchors the tunnel source is down.
+ The route to the tunnel destination address is through the tunnel itself, which results in recursion.

Therefore if a route towards the tunnel destination has not been configured then the tunnel is stuck in up/down state.

Reference: http://www.cisco.com/c/en/us/support/docs/ip/generic-routing-encapsulation-gre/118361-technote-gre-00.html

Question 4


In this question only answer A is a reasonable answer. When the state of the tunnel interface is continuously moving between up and down we must make sure the route towards the tunnel destination address is good. If it is not good then that route may be removed from the routing table -> the tunnel interface comes down.

Question 5


The IP protocol was designed for use on a wide variety of transmission links. Although the maximum length of an IP datagram is 65535, most transmission links enforce a smaller maximum packet length limit, called an MTU. The value of the MTU depends on the type of the transmission link. The design of IP accommodates MTU differences since it allows routers to fragment IP datagrams as necessary. The receiving station is responsible for the reassembly of the fragments back into the original full size IP datagram.

Fragmentation and Path Maximum Transmission Unit Discovery (PMTUD) is a standardized technique to determine the maximum transmission unit (MTU) size on the network path between two hosts, usually with the goal of avoiding IP fragmentation. PMTUD was originally intended for routers in IPv4. However, all modern operating systems use it on endpoints.

The TCP Maximum Segment Size (TCP MSS) defines the maximum amount of data that a host is willing to accept in a single TCP/IP datagram. This TCP/IP datagram might be fragmented at the IP layer. The MSS value is sent as a TCP header option only in TCP SYN segments. Each side of a TCP connection reports its MSS value to the other side. Contrary to popular belief, the MSS value is not negotiated between hosts. The sending host is required to limit the size of data in a single TCP segment to a value less than or equal to the MSS reported by the receiving host.

TCP MSS takes care of fragmentation at the two endpoints of a TCP connection, but it does not handle the case where there is a smaller MTU link in the middle between these two endpoints. PMTUD was developed in order to avoid fragmentation in the path between the endpoints. It is used to dynamically determine the lowest MTU along the path from a packet’s source to its destination.

Reference: http://www.cisco.com/c/en/us/support/docs/ip/generic-routing-encapsulation-gre/25885-pmtud-ipfrag.html (there is some examples of how TCP MSS avoids IP Fragmentation in this link but it is too long so if you want to read please visit this link)

Note: IP fragmentation involves breaking a datagram into a number of pieces that can be reassembled later.

Question 6


A valid tunnel destination is one which is routable (which means the destination is present or there is a default route in the routing table). However, it does not have to be reachable -> Answer B is correct.

Reference: http://www.cisco.com/c/en/us/support/docs/ip/generic-routing-encapsulation-gre/118361-technote-gre-00.html

For a tunnel to be up/up, the source interface must be up/up, it must have an IP address, and the destination must be reachable according to your own routing table.

Question 7

Question 8

Question 9


GRE tunnel provides a way to encapsulate any network layer protocol over any other network layer protocol. GRE allows routers to act as if they have a virtual point-to-point connection to each other. GRE tunneling is accomplished by creating routable tunnel endpoints that operate on top of existing physical and/or other logical endpoints. Especially, IPsec does not support multicast traffic so GRE tunnel is a good solution instead (or we can combine both).

Question 10

Question 11


When running GRE tunnel over IPSec, a packet is first encapsulated in a GRE packet and then GRE is encrypted by IPSec -> C is correct.

Question 12


Four steps to configure GRE tunnel over IPsec are:

1. Create a physical or loopback interface to use as the tunnel endpoint. Using a loopback rather than a physical interface adds stability to the configuration.
2. Create the GRE tunnel interfaces.
3. Add the tunnel subnet to the routing process so that it exchanges routing updates across that interface.
4. Add GRE traffic to the crypto access list, so that IPsec encrypts the GRE tunnel traffic.

An example of configuring GRE Tunnel is shown below:

interface Tunnel0
ip address
tunnel source FastEthernet1/0
tunnel destination
tunnel mode gre ip

Note: The last command is enabled by default so we can ignore it in the configuration)

(Reference: CCNP Routing and Switching Quick Reference)

Question 13


The address of the crypto isakmp key (line “crypto isakmp key ******* address”) should be, not -> A is correct.

Question 14


The access-list must also support GRE traffic with the “access-list 102 permit gre host host” command -> B is correct.

Below is the correct configuration for GRE over IPsec on router B1 along with descriptions.


The interface tunnel configuration is rather simple so I don’t post it here.

Question 15


The “tunnel destination” in interface tunnel should be, not -> D is correct.

  1. Sam
    June 2nd, 2016

    {email not allowed},ph

    (change “,” to “.” )

  2. Anonymous
    July 19th, 2016

    need latest dump for 300-101 urgently

  3. Anonymous
    July 25th, 2016

    latest dumps ccnp route at taurusisverycool @ yahoo . com

  4. Anonymous
    July 28th, 2016

    Hi plis I need latest dump for 300-101 {email not allowed}

  5. Carlos Rodriguez
    July 28th, 2016

    Hi plis I need latest dump for 300-101 crodriguezra @ gmail.com

  6. ND
    August 5th, 2016

    I need the latest dumps pls my mail is nodebeanyaoku @ yahoo . com

  7. derval
    August 9th, 2016

    hello, can someone please send me the latest dumps ; {email not allowed}

  8. derval
    August 9th, 2016

    {email not allowed}

    August 10th, 2016

    Please Send lastest dumps mackmdbrown @ aol com

  10. TBF
    August 15th, 2016

    Hello guys,
    anyone can share me the latest pdf dumps. I am planning to take the exam soon.
    incredibletbf @ gmail . com
    Thanks alot

  11. Anonymous
    August 16th, 2016

    please send the latest dumps to {email not allowed}

  12. Anonymous
    August 24th, 2016

    pass ccna a week ago thanks for the support

  13. alain
    August 25th, 2016

    I need the latest dumps pls my mail is alainplay8 @ yahoo . es

  14. Anonymous
    August 31st, 2016

    I need the latest dumps too.thanks! my email is denismoen @ yahoo .com

  15. Joe
    August 31st, 2016

    Hey gurus, please, please, please send me the latest pdf dumps for 300-101 to joel.masocha @ gmail .com, I am writing the day after tomorrow and I am desparate to pass. I shall e forever indebted.

  16. Anonymous
    September 4th, 2016

    If someone has the latest pdf dumps please send it to me.

    info at anemosradio.com

    Thank you!!!

  17. Mahmud
    September 10th, 2016

    I need the latest valid dumps…if u get please send me({email not allowed})

  18. Anonymous
    September 14th, 2016

    please if someone has the latest dumps,please send it to me,i am writting next week,please,please

    this is my email:romualdtsafong@ yahoo.fr

  19. Anonymous
    September 14th, 2016


  20. Hit me
    October 4th, 2016

    I failed today with a 640. The ‘300-101: Implementing Cisco IP Routing’ exam is completely different then what is on this site. Not even close. There are maybe 10 questions that are the same… What happened???

  21. set
    October 4th, 2016

    Hit Me I Had the same result, I do not know what happened, it was today too

  22. tagwa ali
    October 10th, 2016

    for new dump 183q
    send to me in

    tagwatagelsir88 @ gmail . com
    i have it

  23. IQ
    October 11th, 2016

    Questions are same guys dont worry

  24. Bikimi
    October 13th, 2016

    if you need a lab with lab materials, i can provide you with good one at $55 only.

  25. Passed
    October 17th, 2016

    Questions are pretty similar, you just need to study to understand what are you doing. Good luck!

  26. Passed
    October 17th, 2016

    Bikimi, you should be ashamed for trying to take advantage of us. Labs are the same as here and we can easily reproduce it in gns3 or packet tracert.

  27. CCNP 301-101 exam
    October 24th, 2016

    Hello can some one provide the latest dumps to {email not allowed}

  28. CCNP 301-101 exam
    October 24th, 2016

    Hello can some one provide the latest dumps to nine inch rick at gmail dot com

  29. Io
    November 14th, 2016

    Everything you require to get ready and quickly pass the tough Cisco Certified Design Professional 300-101exam with 100% pass guarantee in first attempt. http://www.grades4sure.com/300-101-exam-questions.html

  30. Jakson
    November 17th, 2016

    I passed the exam tomorrow with 93%. Almost each question is from this http://www.testmayor.com dumps! Such a great work, guys! You can pass the exam easily by using this material alone. About 3 questions were new but all were easy. Thanks for your help!

  31. Julian
    November 30th, 2016

    Many Thanks @ Akpofure. Passed the CCNA exam using the ebay link Akpofure provided above. Good luck to others.

  32. Julian
    November 30th, 2016

    CCNP Route I mean lol

  33. Tanzir
    December 20th, 2016

    Passed using the ebay materials. Not sure about others ones here, but the ebay materials are legit. Received no new questions. Exam details are as below:

    Simulations: PBR, Redistribution, IPv6 OSPF
    Simlets: EIGRP TShoot and OSPF TShoot
    54 Multiple choice questions

    Hope this helps, Cheers!

  34. Dinesh
    December 26th, 2016
  35. New Dumps
    January 30th, 2017

    100%, guaranteed passing material get Download package, (AllinONE) that you need to clear exam.
    All 5 Tickets in Packet Tracer
    149+41 Qs in VCE Player and PDF


  36. Anonymous
    February 1st, 2017

    Is the 183q worth looking at, or stick to TAGWA and 149q????

  37. Malik
    February 1st, 2017

    please send me valid dumps, I have exam tomorrow….

    Pleeeeeeeeeeaaaaaaaaaase help zaibalammalik at gmail

  38. Anonymous
    March 7th, 2017

    Passed today,
    Studied the Cisco Official study guide and the question from 9tut.
    20 of the questions were from this dumps I found part of the questions here https://drive.google.com/open?id=0B5mAFqgydmCzTGd0VU9nQVZEaEE

    Good luck all!

  39. Almond
    April 1st, 2017

    FOR THOSE WHO JUST RECENTLY TOOK THE 300-101 EXAM. Please send me the latest dumps. I will take exam this week. Thank you for help. Please help me. :(

    Send it here:

  40. mills
    April 5th, 2017

    are the ccnp route questions and sims currently on this digitaltut.com site valid now? please i need to know my exam is next week.

  41. Anonymous
    May 29th, 2017

    Hello Folks, I took the CCNP 300-101 yesterday and unfortunately I failed because the dump that I had was invalid. If anyone has the latest version, please send me to {email not allowed} and I can compare it with my exam and guarantee whether it is valid or not. for any of those who are planning to take it please be advised that the one with 149 questions is invalid.

  42. Tan
    June 1st, 2017

    i am going to take the exam soon, but i do not have the valid dump yet.
    Anyone can share with me ?

    incredibletbf At hotmail dot com

    Thank you in advance

  43. Anonymous
    June 30th, 2017

    can u guys please sende me the latest dumps on miguelfilipe_20_01 @ hotmail . com

  44. Request
    August 21st, 2017

    Hop all of you will be fine and doing well. if any one have the latest dumps would you please send to {email not allowed}

  45. Anonymous
    August 25th, 2017

    Failed today with 760 pts…all labs the same..loads of new questions ..and simlets…all dumps outdated..study hard chaps
    And also loads of routers commands questions for IPv6 EVN and NAT-PT

  46. Anonymous
    August 25th, 2017

    Failed today with 760pts….although I cleared all my labs , loads of new questions ,don’t trust any dumps…study hard chaps….and loads of simlet ( IPV6 , ACL, NAT, NAT-PT ETC ETC )

    ACL very important ( IPV6 and IPV4 both)

    I was using my old 642-902 books :(, please get the new cert guide for CCNP route 300-101)

  47. Steffy
    August 28th, 2017

    Hello everyone, for latest valid dump with continuous update, please contact me at steffyshirls @ gmail .com

  48. anony
    August 31st, 2017

    ALL dumps are valid here

  49. toto
    September 12th, 2017

    Send me the last dumps for ccnp 300-101with this email ta2010ab @ gmail . com

  50. davidmeiker
    September 12th, 2017

    Question 4
    A network engineer has configured GRE between two IOS routers. The state of the tunnel interface is continuously oscillating between up and down. What is the solution to this problem?

    A. Create a more specific static route to define how to reach the remote router.
    B. Create a more specific ARP entry to define how to reach the remote router.
    C. Save the configuration and reload the router.
    D. Check whether the internet service provider link is stable

    Answer: i think is “D”… not “A”

    because if it puts in up/up it means it is in fact reacheable and we can do nothing at the ISP side, we just have 1 way out and it is the gateway of the ISP.

    ¿what do you think?

  51. Howaythelad
    September 20th, 2017

    Best place to get the latest dumps

  52. hugojay
    October 10th, 2017

    please can someone send me the latest dumps for ccnp 300-101 with this email ugoeji4engine @ yahoo . com

  53. Anonymous
    October 24th, 2017

    Hi All,
    Question No 13 is repeated twice in the quiz. There are 2 answers for Q13 in the quiz:

    1. The crypto isakmp configuration is not correct.
    2. The interface tunnel configuration is not correct.

    Which is the correct answer? Please help.


  54. Mahi
    November 2nd, 2017

    Guys anyone having dumps, my CCNP expiring this month and I m left with Route

    penigimahidhar at gmail dot come

  55. Anonymous
    November 7th, 2017

    Please help me dumps I need to take exams next month
    acushla4real at gmail dot com

  56. Pablo
    November 9th, 2017

    Passed, if you go the exam study the 440q dumps.

  57. Otha
    November 9th, 2017

    Passed, you can find part of the questions from the exam in this dumps https://drive.google.com/open?id=0B5mAFqgydmCzQUh0SUxOdE03VGc

  58. durshen
    November 11th, 2017

    Hi guys, I have the valid dump with me and I’m wiling to share. Please contact me via durshen81 @ gmail .com

  59. Jarrod
    November 14th, 2017

    Passed, it-libraries questions are still good. check the comments on this forum for the new questions since there are a couple of them posted here.

  60. Kent
    November 14th, 2017

    Confirming the 21q dumps are valid.

  61. Carlo
    November 21st, 2017

    Passed with the 539q dumps, all questions were from there.

  62. Nicky
    November 26th, 2017

    Where 539q dumps can be found

  63. Percy
    November 28th, 2017

    Passed used the 21q dumps from IT-Libraries

  64. Clinton
    November 28th, 2017

    Passed today, used the 440q dumps from IT-Libraries . you can find them for free with a google search

  65. Rashad
    December 4th, 2017

    Dose anyone have the full version for this dumps? https://drive.google.com/open?id=0B5mAFqgydmCzVWtzU09fYV9SZGc

  66. bob
    December 4th, 2017

    are the quizzes on here not current exam questions?

  67. Lunchi
    December 9th, 2017
  68. Lunchi
    December 9th, 2017
  1. No trackbacks yet.