Book Image

OpenStack Cloud Security

By : Fabio Alessandro Locati
Book Image

OpenStack Cloud Security

By: Fabio Alessandro Locati

Overview of this book

Table of Contents (14 chapters)
OpenStack Cloud Security
Credits
About the Author
About the Reviewers
www.PacktPub.com
Preface
Index

Generic Routing Encapsulation (GRE)


GRE is a Cisco tuning protocol that is difficult to position in the OSI model. The best place for it to be is between layers 2 and 3. Being above layer 2 (where VLANs are), we can use GRE inside VLAN. We will not go deep into the technicalities of this protocol. I'd like to focus more on the advantages and disadvantages it has over VLAN.

The first advantage of (extended) GRE over VLAN is scalability. In fact, VLAN is limited to 4,096, while GRE tunnels do not have this limitation. If you are running a private cloud and you are working in a small corporation, 4,096 networks could be enough, but will definitely not be enough if you work for a big corporation or if you are running a public cloud. Also, unless you use VTP for your VLANs, you'll have to add VLANs to each network device, while GREs don't need this.

Note

You cannot have more than 4,096 VLANs in an environment.

The second advantage is security. Since you can deploy multiple GRE tunnels in a single...