Generic Routing Encapsulation (GRE)

Contributor(s): Tessa Parmenter and Lisa Phifer

Generic Routing Encapsulation (GRE) is a protocol that encapsulates packets in order to route other protocols over IP networks. GRE  is defined by RFC 2784

GRE was developed as a tunneling tool meant to carry any OSI Layer 3 protocol over an IP network. In essence, GRE creates a private point-to-point connection like that of a virtual private network (VPN).  

Content Continues Below

GRE works by encapsulating a payload -- that is, an inner packet that needs to be delivered to a destination network -- inside an outer IP packet. GRE tunnel endpoints send payloads through GRE tunnels by routing encapsulated packets through intervening IP networks. Other IP routers along the way do not parse the payload (the inner packet); they only parse the outer IP packet as they forward it towards the GRE tunnel endpoint. Upon reaching the tunnel endpoint, GRE encapsulation is removed and the payload is forwarded along to its ultimate destination.

In contrast to IP-to-IP tunneling, GRE tunneling can transport multicast and IPv6 traffic between networks. Advantages of GRE tunnels include the following:

  • GRE tunnels encase multiple protocols over a single-protocol backbone.
  • GRE tunnels provide workarounds for networks with limited hops.
  • GRE tunnels connect discontinuous sub-networks.
  • GRE tunnels allow VPNs across wide area networks (WANs).

While GRE provides a stateless, private connection, it is not considered a secure protocol because it does not use encryption like the IP Security (IPsec) Encapsulating Security Payload (ESP), defined by RFC 2406.


This was last updated in December 2011

Continue Reading About Generic Routing Encapsulation (GRE)

Dig Deeper on Network protocols and standards

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

Hi. Actually as defined in the RFC 2784, the Protocol Type field (in the GRE header) contains the protocol type of the payload packet. These Protocol Types are defined in [RFC1700] as "ETHER TYPES" and in [ETYPES]. As consequence not only layer 3 protocols can be encapsulated in GRE.


File Extensions and File Formats