GRE is using to build logical connection over untrusted network.
Why we need to use GRE ?
There might be infrastructure where requirement does not get met using protocol being used or it lacks routing information to route packet or it des not support multicast or broadcast in such cases we can make of GRE.
Private IP address used on remote side packets can get routed across other site by using GRE as it encapsulates packet inside new header and reaching ther end it decap it and route packet accordingly.
With support for multicast traffic hello messages created by protocol reaches remote side using GRE tunnel.
Use Case ?
To establish remote connectivity between two sites over public internet for example Internet.
In that scenario GRE creates a logical tunnel between two sites during communication packet destined to destination network gets encapsulated in new IP header , GRE adds 24 byte extra header.
In above Diagram GRE is Setup between Firewall 1 and 2.
Packet Capture
When R2 ( HOST IP – 192.168.3.2) try to ping R4 ( HOST IP – 192.168.2.2).
There is default route on R2 that will send traffic to FW ETH2 ( 192.168.3.1)
Firewall will do route lookup for destination IP 192.168.2.2.
It will find static route for network 192.168.2.0 pointing to Tunne1.
Packet gets encapsulated by Tunnel1 as by default interface type for Tunnel is GRE.
GRE Adds 24 Bytes header - 20 Byte IP header and 4 Byte GRE.
As show in below screen shot ICMP request packet is handed over to IP header with SRC IP 192.168.3.2 and DST 192.168.2.2
Once it reaches Tunnel interface GRE header of 4 bytes is added and IP header of 20 byte with source IP 1.1.1.1 and DST IP 2.2.2.1 is added.
Then firewall again does routing lookup to find 2.2.2.2 it goes to egress interface and reverse process happen.
Below is image showing GRE and IP header adding 4 bytes and 20 bytes.
