It would be good finally to have GRE tunneling, ( that you can tunnel multicast on this , and then secure it with IPSec ), ipip tunnel is not an option..

what about EoIP?

is it compatible with GRE on Cisco ? if yes, there should be some information in documentation
i assume it support mcast on this ?

no, EoIP works only between RouterOS devices.

ok, so its feature request,

to have tunnels between ROS and Cisco/Juniper

and how about PPTP? it uses GRE, and is compatible with Cisco. Not sure if it fits all your requirements though:
http://www.mikrotik.com/testdocs/ros/3.0/vpn/pptp.php

ok for me, will look into this. I need to tunnel IPTV to my home from Cisco..

thanks

Are there some news about GRE tunnel ?

Hi,

There is an ongoing effort to get Mikrotik to add "IPv4 Tunnel" support to their IPSEC implementation. This will allow easy direct compatibility with Juniper, Cisco, Netscreen, Fortinet, Watchguard to support interface/route based tunnels. It will allow dynamic routing as well as multicast between the different vendors units easily.

If you would like this please chime in on the v4 feature requests thread http://forum.mikrotik.com/viewtopic.php?f=1&t=21357

Hello. Very disappointed in Mikrotik Router OS is not supported by clear GRE tunnel (port 47) . Your IPIP tunnel (port 4) is not supported in hardware Cisco. PPTP tunnel I do not fit (the technical requirements of VoIP provider Rostelecom) Now I have to throw out your Router board in the scrap-heap, and buy Cisco . Why is it so difficult to add pure GRE tunnel in Mikrotik Router OS? I do not understand your lack of talent and stubborn programmers .... : (((I guess just on that - that you Lietuviai ....

unfortunately, I had to replace one MK by cisco router to be use a simple gre tunnel with a carrier...

I agree as well, PLEASE just support GRE. Hell it's already included but not "available" through RouterOS. All EoIP is an extension "on-top" of GRE, meaning GRE already exists in RouterOS. Please Mikrotik, EoIP is great, but don't strip away functions to add new ones.

So I say - just add a blank GRE tunnel, and so many users with Mikrotik Router OS will be easier and more pleasant!

guess just on that - that you Lietuviai

confusing latvians with lithuanians will definitely not get you any bonus points for new feature requests

confusing latvians with lithuanians will definitely not get you any bonus points for new feature requests

I love the Latvians people! well.... brazilian love all people...

So, get me now a GRE !

Sorry, my English language I was brought into such subtleties.

OK, I will file this as a feature request, but it will not be my decision.

Liels paldies!

Nice

Normis, jūs esat gudrs persona

:-)

LOL man šķiet ka turpmāk forumā vajadzētu sarunāties tikai latviešu valodā.

Интернациональный форум )))

Normis, я тоже считаю, что надо общаться только на английском

sorry, the forum 's language is english. jajaja

Hi All,
Is it any new about GRE support? I need actually this feature to run IPTV multicast tunnel between Cisco router and MikroTik. I am new with MikroTik. Is it possible to fix establish muticast tunnel between Cisco and MikroTik?
Thanks!

Two features I want to use on a weekly basis in RouterOS but cannot:

- GRE tunnels
- IPSEC VTI (Virtual Tunnel Interface)

I hope that Mikrotik will add these, I know it is not trivial but adding these will vastly improve the flexibility when connecting to networks using equipment from other vendors.

So what about GRE tunnels? It shouldn't be so hard because is already in kernel source as well as ipip.

Correct, it's already included as a kernel module. EoIP is just layered on-top of GRE.

thumbs up for this one - GRE would be absolutely splendid! I would even pay an extra buck to get the GRE support! we are using EoIP now, however we will have to replace the RB1000U for CISCO because of the policy in the datacentre - GRE would do the trick!

maybe to have a chip-in site set up? if you get enough money from forum folks to implement a feature - you will just do it

Configuring a GRE Tunnel over IPsec with OSPF
Are this solution is possible whit MT?

Also miss and need GRE support

any news about GRE?

I'd also really like to see GRE-tunnels be possible with Mikrotik. PPTP/L2TP are bit too heavy solutions just to create simple tunnels between Mikrotik and Juniper/Cisco routers.

After fighting more interconnections with GGSN's I had to revert to another CISCO (damn)....

Guys, GRE support (as in direct GRE tunnel compatible with Cisco) would be a life saver....

I'd like to see GRE tunnels as well, for compatibility reasons with Linux.

We need as well the possibility to do policy routing on EoIP or GRE tunnels. Not possible actually if the tunnels destination adress is the same for all tunnel.

After fighting more interconnections with GGSN's I had to revert to another CISCO (damn)....

Guys, GRE support (as in direct GRE tunnel compatible with Cisco) would be a life saver....

Most probably they won't add support for pure GRE, because it will confilct with current implementation of EoIP.

It should not conflict because Mikrotik has added an Index to allow more than one tunnel.

So a true GRE tunnel (without tunnel index) should not conflict with an EoIP tunnel...


It would be desirable that Mikrotik gives some clarifications about how they did implement EoIP. Do they follow RFC1701 (Generic Routing Encapsulation). Do they use the optionnal key field for their index ?

If they used this field, then EoIP should be compatible with GRE, if we use index=0.

Then it should be compatible with Cisco and Linux GRE (for Cisco, GRE keepalive needs to be disabled to work with Linux GRE).

maybe someone can shiff and compare EoIP and GRE packets? =)

GRE Tunnels would help me a lot as well - I most often have to deploy small Cisco boxes when I would much rather use a Mikrotik.

--- Just one more person asking for this feature request... Thank you.

i would also like gre tunnel support. it would be very usefull.

It looks like 5.0b7 has a "/interface gre" section and a "GRE Tunnel" tab in Winbox.

Awesome!

Thanks guys.

Glad you're able to get your hands on that before the rest of us.

Glad you're able to get your hands on that before the rest of us.

It's currently running on demo2, so anyone can have a look.

finally... so we waiting for new release ;)

Whoopie and it even gives the option of source-ip!
Now bless L2TP, PPTP and EoIP with the same source-ip option and there will be a lot of happiness in Mikrotik land

Whoopie and it even gives the option of source-ip!
Now bless L2TP, PPTP and EoIP with the same source-ip option and there will be a lot of happiness in Mikrotik land

I've been asking for that feature since 2.8 : )

yes, EoIP with source IP, I want this too

Good point. Should permit compatibility with Cisco, Linux, Vyatta and others...

I hope that Keepalive option will be present, so that we can have a statefull tunel for static routes.


We need this capability for a link to a provider where we cannot use BGP. He has only support for Cisco GRE, so there is no other possibility than using GRE + Keepalive.




According to Cisco about Keepalive option :

"GRE tunnels are designed to be completely stateless. This means that each tunnel end-point does not keep any information about the state or availability of the remote tunnel end-point. A consequence of this is that the local tunnel end-point router does not have the ability to bring the line protocol of the GRE Tunnel interface down if the remote end of the tunnel is unreachable. The ability to mark an interface as down when the remote end of the link is not available is used in order to remove any routes (specifically static routes) in the routing table that use that interface as the outbound interface. Specifically, if the line protocol for an interface is changed to down, then any static routes that point out that interface are removed from the routing table. This allows for the installation of an alternate (floating) static route or for Policy Based Routing (PBR) to select an alternate next-hop or interface.

Normally, a GRE Tunnel interface comes up as soon as it is configured and it stays up as long as there is a valid tunnel source address or interface which is up. The tunnel destination IP address must also be routable. This is true even if the other side of the tunnel has not been configured. This means that a static route or PBR forwarding of packets via the GRE tunnel interface remains in effect even though the GRE tunnel packets do not reach the other end of the tunnel.

Before GRE keepalives were implemented, there were only three reasons for a GRE tunnel to shut down:

*

There is no route to the tunnel destination address.
*

The interface that anchors the tunnel source is down.
*

The route to the tunnel destination address is through the tunnel itself.

These three rules (missing route, interface down and mis-routed tunnel destination) are problems local to the router at the tunnel endpoints and do not cover problems in the intervening network. For example, these rules do not cover the case in which the GRE tunneled packets are successfully forwarded, but are lost before they reach the other end of the tunnel. This causes data packets that go through the GRE tunnel to be "black holed", even though an alternate route that uses PBR or a floating static route via another interface is potentially available. Keepalives on the GRE tunnel interface are used in order to solve this issue in the same way as keepalives are used on physical interfaces.

With Cisco IOS® Software Release 12.2(8)T, it is possible to configure keepalives on a point-to-point GRE tunnel interface. With this change, the tunnel interface dynamically shuts down if the keepalives fail for a certain period of time. In order to better understand how GRE tunnel keepalives work, these sections discuss some other common keepalive mechanisms. "

As did I see on demo.mt.lv there is keepalive support.

normis: When we can expect 5.0beta7?

Good People from Latvia,

I've just replaced a Cisco 1841 (huge) with a RB-750G/5.0rc1 (tiny) to manage some GRE tunnels.

I'd like to suggest to fix the default GRE MTU in 1476 bytes, the default value is 1480 and it caused some problems that lasted a bit to find out.

Now everything's working fine.

Mikrotik, thank you very much !!!

Best regards, Jero
Belo Horizonte / MG / Brazil

ps: sorry for my (very) poor English.

your english is not worse than mine

Normis, Sergejs can You check my ticket status?
[Ticket#2010092166000418] Broken GRE in RC1

I got no reply for a past few days ;)

Kamil

It’s great that there is support for GRE now, but why is there no option for tunnel ID (tunnel-key) like with EoIP?

Appears that the GRE tunnels can not be bridged though.

Also, the keepalive on EoIP does nothing! Doesn't matter what I set it to the interface will stay up, any idea when either of these issues will be resolved?

Thanks!

EOIP is stateless. You can't use that if you need to know the state of the tunnel.


GRE is IP only. Ethernet GRE is not implemented.

can you describe the problem.

as far as i know, you have to set keepalive on both ends of the tunnel

I understand that EoIP WAS stateless, but 5.x seems to have added a keepalive field. I had it set to 00:00:10 on both sides, if I take it down the interface always stays running.

I believe the keepalive is only to send some traffic over the tunnel, not to detect running state. EoIP is still stateless in that it will always show running state, even if no traffic is sent across the tunnel.

Is there any chance that Ethernet support for GRE will be added? Otherwise there really is no good way to provide failover to a customer that is using our native IP space between us and another provider.