More specifically, dynamic routing protocols like ospf and rip.
There is no technical difference for running ospf and rip over IPsec tunnel or GRE tunnel. (other than the encapsulation itself) Implementations may (and do) force you to do suboptimal things because they are either designed or implemented way too long ago to make use of more recent technology in the most efficient fashion. Pete -----Original Message----- From: Petri Helenius [mailto:pete@he.iki.fi] Sent: Monday, February 17, 2003 5:21 PM To: Iljitsch van Beijnum; Steve Feldman Cc: nanog@nanog.org Subject: Re: VoIP over IPsec
On Mon, 17 Feb 2003, Steve Feldman wrote:
through the corporate enterprise net, Cisco routers with IPSEC/GRE tunnels over the public Internet.
Maybe a stupid question... why would you need GRE tunneling while IPsec has a tunnel mode of its own?
Probably because a major router vendor, despite of repeated customer requests, declined to implement routing across such tunnel mode. Pete