1
00:00:00,700 --> 00:00:07,120
You can once again look at RFC 2784 or go to the updated version 2890.

2
00:00:07,240 --> 00:00:13,150
To see some of the extra extensions to go back in to 784.

3
00:00:14,230 --> 00:00:21,340
Notice once again you can see the encapsulated packet with a payload header and delivery header.

4
00:00:21,640 --> 00:00:24,610
You can see what the grey header looks like.

5
00:00:25,000 --> 00:00:30,340
As an example, you can see the protocol type, you can see the version and other fields.

6
00:00:30,370 --> 00:00:34,180
That kind of information is explained in this RFC.

7
00:00:34,630 --> 00:00:40,510
But rather than boring you going through an RFC, I'm going to show you practically with a Wireshark

8
00:00:40,510 --> 00:00:43,900
capture what the actual packets look like.

9
00:00:44,650 --> 00:00:46,110
In our topology.

10
00:00:46,120 --> 00:00:48,070
So we'll capture some packets here.

11
00:00:48,850 --> 00:00:55,540
And we'll also capture them on the Internet to see how the packets are encapsulated and what headers

12
00:00:55,540 --> 00:00:56,230
are used.

13
00:00:57,180 --> 00:01:03,210
You can see the protocol type used by E in RFC 1700.

14
00:01:03,540 --> 00:01:08,580
And in this RFC, you'll see that Joey uses protocol number 47.

15
00:01:09,880 --> 00:01:14,740
Other protocols that you may be more familiar with include TCP, which is Protocol six.

16
00:01:16,100 --> 00:01:18,770
And UDP, which is Protocol 17.

17
00:01:21,150 --> 00:01:28,930
So the point to remember is GRC is a protocol that resides next to UDP and TCP.

18
00:01:29,070 --> 00:01:37,140
In the OSA model, GRC doesn't run on top of UDP or on top of TCP, it's its own protocol type.

19
00:01:37,410 --> 00:01:43,590
You can also see the ether type for Jerry in the Ethernet numbers on the IANA.

20
00:01:44,300 --> 00:01:49,790
But once again, I'm going to be using Wireshark to show you this, even though that kind of information

21
00:01:49,790 --> 00:01:52,040
is contained in the various RF keys.

22
00:01:52,880 --> 00:01:55,760
So let's get started configuring tunnels.

23
00:01:55,940 --> 00:02:04,070
In this example, rather, one and router five are configured as PCs topping the show IP Route Command.

24
00:02:04,100 --> 00:02:07,220
Shows me that no routing is enabled on this router.

25
00:02:07,610 --> 00:02:11,270
A default gateway has been configured to ten 112.

26
00:02:12,160 --> 00:02:18,190
Now I disabled routing on the router using the command.

27
00:02:18,190 --> 00:02:19,570
No IP routing.

28
00:02:19,750 --> 00:02:26,710
So this router doesn't even have a routing table as you would expect from a normal router.

29
00:02:27,100 --> 00:02:31,750
I've turned off routing and essentially turned the router into a PC.

30
00:02:33,380 --> 00:02:39,080
The router can ping its default gateway, which is reported to but cannot ping.

31
00:02:40,170 --> 00:02:41,400
Root of five.

32
00:02:43,500 --> 00:02:47,370
And that's because no routing has been configured on rather three.

33
00:02:50,200 --> 00:02:54,280
Rather three has only been configured with IP addresses.

34
00:02:54,880 --> 00:03:01,060
The command show IP route on router three shows us that it has directly connected interfaces.

35
00:03:01,600 --> 00:03:07,450
It has an interface here and an interface here, but no routing is configured.

36
00:03:07,600 --> 00:03:14,140
The only configuration at the moment is IP addresses on these interfaces, and the interfaces have been

37
00:03:14,140 --> 00:03:14,890
enabled.

38
00:03:15,280 --> 00:03:16,810
Once we've configured this topology.

39
00:03:16,840 --> 00:03:23,140
However, rather, one should be able to ping router five without router three having any visibility

40
00:03:23,290 --> 00:03:24,790
of the ten networks.

41
00:03:25,330 --> 00:03:27,950
Ten is once again in RFC 1918 address.

42
00:03:27,970 --> 00:03:30,070
In other words, it's a private IP address.

43
00:03:30,790 --> 00:03:35,470
I've used Network four, which is part of level three on the Internet.

44
00:03:35,470 --> 00:03:38,950
So this is a public IP address that belongs to an ISP.

45
00:03:39,100 --> 00:03:42,910
So I'm doing that in this topology to emulate the Internet.

46
00:03:43,360 --> 00:03:49,990
And once again, Router three in this example has no visibility of this network or this network, and

47
00:03:49,990 --> 00:03:55,450
we are not going to configure it with any visibility of these private IP addresses.

48
00:03:56,200 --> 00:04:03,130
But when the jury tunnel is configured logically, traffic is going to go across this Ethernet interface,

49
00:04:03,130 --> 00:04:05,800
hit this router, go through the tunnel.

50
00:04:06,500 --> 00:04:11,990
Come out of the tunnel and go across this Ethernet interface and hit four out of five and return back

51
00:04:11,990 --> 00:04:13,010
through the tunnel.

52
00:04:13,160 --> 00:04:16,339
So we should have connectivity between router one and router five.

53
00:04:17,480 --> 00:04:20,540
Now rather to and rather for have static default routes.

54
00:04:21,240 --> 00:04:22,590
Pointing to Rada three.

55
00:04:23,040 --> 00:04:29,640
So in this example, rather two is configured with an Internet facing IP address as well as an internal

56
00:04:29,640 --> 00:04:31,860
IP address on Fost Ethernet zero zero.

57
00:04:32,070 --> 00:04:37,170
And once again, with the default gateway pointing to router three, router four.

58
00:04:38,220 --> 00:04:39,360
Has something similar.

59
00:04:40,910 --> 00:04:46,670
Sure pirate shows default route pointing to ten 121, which is rather three.

60
00:04:48,120 --> 00:04:55,380
We have an Internet facing interface and an internal interface, but at the moment, no tunnels have

61
00:04:55,380 --> 00:04:57,210
been configured on these routers.

62
00:04:58,080 --> 00:05:06,120
So on router four, we see first Ethernet zero zero, we see Serial 2/0, but we don't see a tunnel

63
00:05:06,120 --> 00:05:09,270
interface and on router two.

64
00:05:10,690 --> 00:05:11,830
The same is true.

65
00:05:11,860 --> 00:05:13,900
There's Foster Ethernet zero zero.

66
00:05:15,240 --> 00:05:17,550
Here is serial 2/0.

67
00:05:17,970 --> 00:05:19,650
So that's the initial topology.

68
00:05:19,680 --> 00:05:25,920
Now let's configure the tunnel between router two and router four and prove that we can send traffic

69
00:05:25,920 --> 00:05:27,690
from router one to out of five.