GRE tunnel key operation with only one tunnel key configured

When using the GRE tunnel key feature, all tunnel interfaces should be assigned a tunnel key. If one or more are not, network connectivity may be compromised.

If traffic is routed towards the tunnel with the configured key, then communication takes place correctly.

If traffic is routed towards the tunnel without the configured key, then packets exit the correct tunnel interface on one end of the tunnel, but are never registered on the stats of any tunnel interface on the other end.

It seems that if a router has at least one GRE tunnel configured with a key, and the arriving packet has no key, it simply drops the packet.


Links to this page: