GRE Tunneling Protocol With IPSec Ethereal Network Sniffer In NPB Protect Multicast Data

GRE Tunneling Protocol with IPSec in Network Packet Broker Protect Multicast Data

GRE Tunneling Protocol Identify Technology in Network Packet Broker
Supported automatically identify various tunneling protocols such as GTP / GRE / PPTP / L2TP / PPPOE. According to the user configuration, the traffic output strategy can be implemented according to the inner or outer layer of the tunnel

What is GRE Tunneling Protocol?
GRE(Generic Routing Encapsulation)can encapsulate Data packets of some network layer protocols (such as IPX, ATM, IPv6, AppleTalk, etc.) so that these encapsulated data packets can be transmitted in another network layer protocol (such as IPv4).GRE provides a mechanism for encapsulating messages of one protocol in another. It is a three-layer tunneling technique that allows messages to be transmitted transparently through the GRE tunnel, solving the transmission problem of heterogeneous networks.
GRE implementation mechanism is simple, the tunnel at both ends of the equipment burden.The GRE tunnel can connect to the local network of various network protocols through the IPv4 network, effectively utilizing the original network architecture and reducing the cost.The GRE tunnel extends the scope of hop-limited network protocols to enable flexible enterprise network topologies.The GRE tunnel can encapsulate multicast data and ensure the security of voice, video and other multicast services when combined with IPSec.GRE tunnel support enables MPLS LDP. GRE tunnel is used to carry MPLS LDP messages, LDP LSP is established, and MPLS backbone network is interoperable.The GRE tunnel connects discrete subnets and is used to set up VPNS for secure connections between corporate headquarters and branches.

The protocol responsible for forwarding encapsulated packets is called the transport protocol.

Network Packet Broker Tuneling Label stripping at GRE Application Scenarios
1) Multi-protocol local network can be transmitted through this GRE tunnel

As shown in the figure above, Term1 and Term2 are local networks running IPv6, while Term3 and Term4 are local networks running IP. Subnetworks in different regions need to communicate with each other through the common IP network.Term1 and Term2, Term3 and Term4 can communicate independently through a tunnel encapsulated in the GRE protocol between Router_1 and Router_2.

2) Use GRE to expand the scope of network work with limited hops

In the figure above, the network runs the IP protocol, assuming that the IP protocol limits the number of hops to 255. If the number of hops between two PCS exceeds 255, they will not be able to communicate.Select two devices in the network to create the GRE tunnel, which can hide the number of hops between devices, thus expanding the network's working range.
For example, a RIP route with 16 hops indicates that the route is unreachable.At this point, the GRE tunnel can be established on the two devices to realize the logical direct connection, so that the RIP routing hops through the GRE tunnel can be reduced to below 16 to ensure the routing is accessible.

3) GRE is combined with IPSec to protect multicast data. IPSec is IP Protocol Security.
The GRE can encapsulate multicast data and transmit it in the GRE tunnel.

As shown in the figure above, in the application of GRE over IPSec tunnel, if multicast data needs to be transmitted in IPSec tunnel, GRE tunnel can be established first, GRE encapsulation of multicast data can be carried out, and then IPSec encryption can be carried out on the encapsulated message, so as to realize encrypted transmission of multicast data in IPSec tunnel.

What kind Network Packet Broker and Network Taps support Tunneling Protocol Identify Technology?




Network Packet Broker Specification and Module Type

NT-FTAP-32QCX Network TAP NPB.pdf

NetTAP® (Full named Chengdu Shuwei Communication Technology Co., Ltd.)was established in 2007. Focusing on the Research and Development of Network TAPs/NPBs Communication Equipment, Data Security Analysis Equipment, which provides products and solutions in Big Data Acquisition, Data Storage, Data Monitoring, Data Processing and Data Analysis for Telecom, TV Broadcasting, Government, Education, IT, Finance, Bank, Hospital, Transportation, Energy, Power, Petroleum, Enterprise and other industries.

NetTAP® has launched various types of high-density devices such as: Fast Gigabit, 10 Gigabit Ethernet Network Traffic Replication, Aggregation, Distribution Network TAPs/NPBs (Network Packet Broker), intelligent Hybrid Traffic Network TAPs, 25G, 40G, 100G, etc. high density and Performance Network TAPs/NPBs(Network Packet Broker).

NetTAP® has a hardware production plant, all the communication products have complete Software and Hardware Independent Intellectual Property Rights, with complete Copyright Registration and Product Certification.

MATRIX NetInsight™ - A Fully Function Network Visibility Control Platform

MATRIX NetInsight™ Network System Value

1- Data Acquisition with centralized planning, eliminate monitoring blind spot

2- Free distribution of data, saving analysis of the overall investment

3- Data Security Control, Reduce the risk of disclosure

4- Overall Traffic visible, Abnormal Located more accurate, Fault analysis more useful

MATRIX NetInsight™ Function Architecture

1- User Interaction Layer

2- Big Data Analysis Layer

3- Data Storage Layer

4- Analysis Visibility Layer

5- Data Acquisition Layer

Zain Cloud Project of Saudi Arabia Telecom