GRE (Generic Routing Encapsulation) is a tunnelling protocol that was originally developed by Cisco. It can encapsulate a wide variety of protocols creating a virtual point-to-point link.
GRE is the same as IPIP and EoIP which were originally developed as stateless tunnels. Which means that if the remote end of the tunnel goes down, all traffic that was routed over the tunnels will gets blackholed. To solve this problem, RouterOS have added 'keepalive' feature for GRE tunnels. GRE tunnel adds a 24 byte overhead (4-byte gre header + 20-byte IP header).
Example uses
• In conjunction with PPTP to create VPNs.
• In conjunction with IPsec VPNs to allow passing of routing information between connected networks.
• In Mobility protocols.
• In A8/A10 interfaces to encapsulate IP data to/from Packet Control Function (PCF).
• Linux and BSD can establish ad-hoc IP over GRE tunnels which are interoperable with Cisco equipment.
• Distributed denial of service (DDoS) protected appliance to an unprotected endpoint.
Step 1: Login the Mikrotik router using winbox and done the necessary configuration like set ip address (wan & local), dns, nat and dhcp server (if dhcp is required) etc.
GRE is the same as IPIP and EoIP which were originally developed as stateless tunnels. Which means that if the remote end of the tunnel goes down, all traffic that was routed over the tunnels will gets blackholed. To solve this problem, RouterOS have added 'keepalive' feature for GRE tunnels. GRE tunnel adds a 24 byte overhead (4-byte gre header + 20-byte IP header).
Example uses
• In conjunction with PPTP to create VPNs.
• In conjunction with IPsec VPNs to allow passing of routing information between connected networks.
• In Mobility protocols.
• In A8/A10 interfaces to encapsulate IP data to/from Packet Control Function (PCF).
• Linux and BSD can establish ad-hoc IP over GRE tunnels which are interoperable with Cisco equipment.
• Distributed denial of service (DDoS) protected appliance to an unprotected endpoint.
Step 1: Login the Mikrotik router using winbox and done the necessary configuration like set ip address (wan & local), dns, nat and dhcp server (if dhcp is required) etc.
Step 3: The below screenshot is ip information of Mikrotik (For first mikrotik router).
Step 4: Add the static router to reach the remote side local ip address (For first mikrotik router).
Step 5: After completing the necessary configuration, follow the below screenshot for example (For second mikrotik router)..
Step 6: The below screenshot is ip information of Mikrotik (For second mikrotik router).
Step 7: Add the static router to reach the remote side local ip address (For second mikrotik router).
Explanation: Let's assume this configuration.
For first mikrotik router:
/system identity
set name=MikroTik_1
/ip address
add address=182._._.52/27 comment="Public IP" interface=ether1 network=\
182._._.32
add address=192.168.20.1/24 comment=Local interface=Bridge_Lan network=\
192.168.20.0
add address=172.16.1.1/30 comment="P2P IP" interface=\
gre-tunnel_with_Mikrotik_1 network=172.16.1.0
/interface gre
add !keepalive local-address=182._._.52 name=gre-tunnel_with_Mikrotik_1 \
remote-address=122._._.35
/ip route
add distance=1 gateway=182._._.33
add distance=1 dst-address=192.168.21.0/24 gateway=172.16.1.2
For second mikrotik router:
/system identity
set name=MikroTik_2
/ip address
add address=122._._.35/27 comment="Public IP" interface=ether1 network=\
122._._.32
add address=10.1.1.1/24 comment=Local interface=Bridge_Lan network=10.1.1.0
add address=192.168.21.1/24 comment=Local interface=ether4 network=\
192.168.21.0
add address=172.16.1.2/30 comment=P2P interface=gre-tunnel_with_Mikrotik_2 \
network=172.16.1.0
/interface gre
add !keepalive local-address=122._._.35 name=gre-tunnel_with_Mikrotik_2 \
remote-address=182._._.52
/ip route
add distance=1 gateway=122._._.33
add distance=1 dst-address=192.168.20.0/24 gateway=172.16.1.1
set name=MikroTik_1
/ip address
add address=182._._.52/27 comment="Public IP" interface=ether1 network=\
182._._.32
add address=192.168.20.1/24 comment=Local interface=Bridge_Lan network=\
192.168.20.0
add address=172.16.1.1/30 comment="P2P IP" interface=\
gre-tunnel_with_Mikrotik_1 network=172.16.1.0
/interface gre
add !keepalive local-address=182._._.52 name=gre-tunnel_with_Mikrotik_1 \
remote-address=122._._.35
/ip route
add distance=1 gateway=182._._.33
add distance=1 dst-address=192.168.21.0/24 gateway=172.16.1.2
For second mikrotik router:
/system identity
set name=MikroTik_2
/ip address
add address=122._._.35/27 comment="Public IP" interface=ether1 network=\
122._._.32
add address=10.1.1.1/24 comment=Local interface=Bridge_Lan network=10.1.1.0
add address=192.168.21.1/24 comment=Local interface=ether4 network=\
192.168.21.0
add address=172.16.1.2/30 comment=P2P interface=gre-tunnel_with_Mikrotik_2 \
network=172.16.1.0
/interface gre
add !keepalive local-address=122._._.35 name=gre-tunnel_with_Mikrotik_2 \
remote-address=182._._.52
/ip route
add distance=1 gateway=122._._.33
add distance=1 dst-address=192.168.20.0/24 gateway=172.16.1.1
Thank You