Consider the following topology: Router A - Router B
Assume I build 2 GRE tunnels over the one link between these two routers
interface Tunnel1
ip address 10.0.0.1 255.255.255.0
ip ospf 1 area 0
tunnel source Ethernet0/0
tunnel destination 1.0.0.2
--aaaa
--aaaa
--aaaa
interface Tunnel2
ip address 20.0.0.1 255.255.255.0
ip ospf 1 area 0
tunnel source Ethernet0/0
tunnel destination 1.0.0.2
assume the other side is configured with the mirror
How come pings between these work? They are built out of the same source and destination. Inspecting the packets shows no tunnel key. Adding a unique tunnel key to each side does indeed add it to the packets when I inspect them but how is the router able to differentiate them? I even tried transit ICMP through them and I get the same working pings.
** That brings me to the question, does the tunnel key only matter when we are doing IPSEC with the tunnel? I thought thats what the freaking SPI in ESP was for. **
No comments:
Post a Comment