H3C Technologies H3C SecPath F1000-E User Manual
Page 750
4
As shown in
, for higher network reliability, you can deploy multiple gateways at the
headquarters and specify one or more backup interfaces for the main tunnel interface on the main
gateway, such as Tunnel 1, to implement headquarters node backup and GRE tunnel backup. If the link
between the main gateway and the branch gateway goes down, the main tunnel interface will soon lose
the matching tunnel entry for forwarding packets to the branch. In this case, the main tunnel interface will
forward the packets to the backup interface, which will then forward the packets to the branch. You need
to configure the GRE over IPv4 mode on the backup interface.
When a matching tunnel entry exists, a backup interface can also participate in tunnel selection that is
based on tunnel priority. If you do not specify a GRE key on a backup interface, the backup interface will
have a lower priority than any P2MP tunnel entry. If you specify a GRE key on the backup interface, the
key value will be compared with the GRE key values in the P2MP tunnel entries, and the smaller the key
value, the higher the priority.
Advantages and Restrictions of the P2MP GRE Tunnel
Technology
The P2MP GRE tunnel technology features the following advantages:
•
Simple configuration. On the headquarters node, you only need to configure the P2MP GRE tunnel
mode, instead of configuring a P2P GRE tunnel with each branch node.
•
Low maintenance cost. When a branch is added, no manual configuration is required on the
headquarters node; the headquarters node will learn the address of the added branch and then
establish a tunnel with the branch node.
•
Flexible access of branches: As the headquarters node learns tunnel destination addresses
dynamically, whether the branches obtain public addresses dynamically or not does not impact the
configurations on the headquarters node. This allows for more flexible accesses for branches.
•
Wonderful interoperability and investment protection: Based on the standard GRE protocol, the
P2MP GRE tunnel technology requires no special or proprietary protocol, nor special requirements
on branch gateways. The branch gateways can be from any vendors as long as they support GRE.
This not only ensures better cooperation of devices from different vendors, but also helps avoid
repetitive investments on branch node devices.
•
High reliability: It supports GRE tunnel backup at the headquarters and branches, improving the
network reliability.
The P2MP GRE tunnel technology has the following restrictions:
•
Both the transport protocol and passenger protocol must be IPv4.
•
The headquarters node cannot send packets to a branch before the branch sends packets to it. Only
after receiving a packet from the branch, can the headquarters node installs a tunnel entry for the
branch and send packets to the branch.
•
No tunnel can be established between branch nodes and therefore branch nodes cannot
communicate with each.