How to configure GRE on Juniper Devices?

Generic Routing Encapsulation (GRE) is a tunneling protocol that was developed to carry L3 traffic over an IP network. It encapsulates packets in a manner, so that it creates a private point-to-point link between 2 networks. In this lesson, we will learn how to configure a GRE on Juniper devices. So, let’s get started.

GRE Lab Diagram:

How to configure GRE on Juniper

Goal:

In this Lab, we will configure GRE tunnel between R1 and R2, and then we will establish connection between network 10.1.1.0/24 with 192.168.0.0/24, which will be forwarded through GRE.

Advertisements

Configuration:

In GRE configuration, we have three mandatory components. These are-

  • GRE P2P Tunnel IP
  • Tunnel Source IP
  • Tunnel Destination IP

GRE Tunnel IP is the point-to-point IP between two GRE nodes. Tunnel source is the IP gateway from a device for the GRE traffic. Usually, it’s the WAN IP and in this example, we will use WAN IP as our tunnel source. Destination IP is the IP of remote end.

Let’s verify, interfaces configuration for both R1 and R2 routers.

Interfaces configuration on R1:
rajib@R1# show interfaces
ge-0/0/0 {
    unit 0 {
        description ***WAN***;
        family inet {
            address 103.31.40.2/30;
        }
    }
}
ge-0/0/1 {
    unit 0 {
        description ***LAN***;
        family inet {
            address 10.1.1.1/24;
        }
    }
}


Interfaces configuration on R2:
rajib@R2# show interfaces
ge-0/0/0 {
    unit 0 {
        description ***WAN***;
        family inet {
            address 97.2.41.2/30;
        }
    }
}
ge-0/0/1 {
    unit 0 {
        description ***LAN***;
        family inet {
            address 192.168.0.1/24;
        }
    }
}

In our LAB, we have OSPF with ISP routers from both R1 and R2, which makes our reachability from R1 to R2. Let’s verify it using the PING command from R1 router to R2 router.

[edit]
rajib@R1# run ping 97.2.41.2
PING 97.2.41.2 (97.2.41.2): 56 data bytes
64 bytes from 97.2.41.2: icmp_seq=0 ttl=64 time=0.431 ms
64 bytes from 97.2.41.2: icmp_seq=1 ttl=64 time=0.472 ms
64 bytes from 97.2.41.2: icmp_seq=2 ttl=64 time=0.445 ms
64 bytes from 97.2.41.2: icmp_seq=3 ttl=64 time=0.517 ms
64 bytes from 97.2.41.2: icmp_seq=4 ttl=64 time=0.525 ms
^C
--- 97.2.41.2 ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.431/0.478/0.525/0.038 ms

Now, we will start GRE configuration. We will use 172.16.0.0/30 for GRE point-to-point IP.

Advertisements
GRE on R1 Router:
set interfaces gr-0/0/0 unit 0 family inet address 172.16.0.1/30
set interfaces gr-0/0/0 unit 0 tunnel source 103.31.40.2
set interfaces gr-0/0/0 unit 0 tunnel destination 97.2.41.2

Before, committing above configuration, verify it using show | compare command. If everything OK, we will commit our new configuration.

[edit]
rajib@R1# show | compare
[edit interfaces]
+   gr-0/0/0 {
+       unit 0 {
+           tunnel {
+               source 192.168.3.200;
+               destination 192.168.3.201;
+           }
+           family inet {
+               address 172.16.0.1/30;
+           }
+       }
+   }

[edit]
rajib@R1#

[edit]
rajib@R1# commit
commit complete

Similarly, we will configure GRE for router R2. And. commit it.

GRE on R2 Router:
set interfaces gr-0/0/0 unit 0 family inet address 172.16.0.2/30
set interfaces gr-0/0/0 unit 0 tunnel source 97.2.41.2
set interfaces gr-0/0/0 unit 0 tunnel destination 103.31.40.2

Finally, we need to have a routing protocol to route 10.1.1.0/24 to 192.168.0.0/24. We can configure a static route to fulfill this.

Routing on R1 Router:
set routing-options static route 192.168.0.0/24 next-hop 172.16.0.2

Routing on R2 Router:
set routing-options static route 10.1.1.0/24 next-hop 172.16.0.1

NOTE: Don’t forget to commit new configurations.

Verification

We will ping PC2 (192.168.0.10) from PC1 (10.1.1.10) and here is the output.

Advertisements
root@PC1:~# ping 192.168.0.10
PING 192.168.0.10 (192.168.0.10) 56(84) bytes of data.
64 bytes from 192.168.0.10: icmp_req=1 ttl=64 time=0.213 ms
64 bytes from 192.168.0.10: icmp_req=2 ttl=64 time=0.221 ms
64 bytes from 192.168.0.10: icmp_req=3 ttl=64 time=0.209 ms
64 bytes from 192.168.0.10: icmp_req=4 ttl=64 time=0.254 ms
64 bytes from 192.168.0.10: icmp_req=5 ttl=64 time=0.558 ms
^C
--- 192.168.0.10 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 3999ms
rtt min/avg/max/mdev = 0.209/0.291/0.558/0.134 ms
root@PC1:~# 

Below are other important commands, which will help.

run show interfaces terse | match gre 
show interfaces gr-0/0/0 extensive
run show route 192.168.0.2

Let me know, if you have any questions.

Leave a Comment

Your email address will not be published. Required fields are marked *

12 thoughts on “How to configure GRE on Juniper Devices?”

  1. Hi, thank you for the explanation. if i want to use a juniper switch that sits behind a Cisco firewall, how would the config look like?

  2. static route in two routers is inverse.

    Routing on R1 Router:
    set routing-options static route 192.168.0.0/24 next-hop 172.16.0.2

    Routing on R2 Router:
    set routing-options static route 10.1.1.0/24 next-hop 172.16.0.1

  3. Hi Rajib, I m falling in love with Juniper again now as i have been off it for long, i picked it up about two years and the love of it made me do the certification JNCIA and JNCIS. reading the GRE tunnel and your enthusiastic with the passion and love to help i am most impressed with the work you are doing . Thanks and hopefully i will be needing your help to learn more.

    Thanks

  4. Great Nice one,

    I do this every time on cisco devices and is the same you made it simple and easy to understand for others. Nice work and great.

    Keep the good work

Scroll to Top