The source code for this example is released with your software in the following locations:
- Source for the three components:
- DDL source:
This topic discusses how to write an application to implement packet flow through GRE and IP-in-IP gateways, using the APIs in the Services SDK. The discussion is based on the sample gateway application that is released with the SDK software.
- ODL source:
GRE (Generic Routing Encapsulation) specifies a protocol for encapsulation of an arbitrary protocol over another arbitrary network layer protocol. It is defined in the standards document RFC 2784, at http://www.faqs.org/rfcs/rfc2784.html.
The IP-in-IP encapsulation protocol is used to bridge portions of the Internet which have disjoint capabilities or policies. It is defined in the standards document RFC 1853, at http://www.faqs.org/rfcs/rfc1853.html.
A basic application architecture might look like this:
Packet processing on the Multiservices PIC involves interfacing to the external gateways as well as internally processing the packet. In the following sequence, the steps you must code in your SDK application are prefaced with (Application).
Basic Application Architecture
These steps assume the packet is coming into the router through a GRE gateway, leaving the router, and then accessing an external server through an IP-in-IP gateway. The reply from the server goes in the opposite direction. On the Multiservices PIC within the router, tunneling and detunneling code corresponding to each gateway decodes and encodes the packet as needed.
This topic presents an overview of the gateway sample application and a set of tables that give the entry points into the various areas of the code that implement each piece of its functionality. Additional sub-topics provide a closer look at selected parts of the application.
The end user activates a client (for example, turns on a mobile phone, or sends a message to a VPN).
The client sends a profile authentication request to the router through the GRE gateway.
(Application) Code on the Multiservices PIC accepts the client based on policy matching and assigns IP addresses so the client can send traffic.
The client connects to the GRE gateway and sends the packet. The gateway forwards the GRE encapsulated packet to the router.
The packet reaches the ingress port on the router. (Application) GRE tunneling code on the Multiservices PIC performs a lookup for the destination IP Address on its VRF, detunnels the packet from the GRE gateway, and locates the IP-in-IP tunnel for proceeding towards the server.
(Application) Code on the Multiservices PIC sends the IP-in-IP encapsulated packet to the gateway through the IP-in-IP tunnel.
On receipt of the packet, the IP-In-IP gateway detunnels it and forwards it to the server.
The server returns TCP control messages to the client: the IP-In-IP gateway sends the message to the IP-in-IP tunnel software on the router.
(Application) The IP-in-IP tunnel decodes the message.
(Application) Additional code on the Multiservices PIC forwards the message to the GRE tunnel, which encodes and sends it out of the router to the GRE gateway.
The GRE gateway decodes the message and forwards it to the client.
This topic continues with the following sections:
© 2007-2009 Juniper Networks, Inc. All rights reserved. The information contained herein is confidential information of Juniper Networks, Inc., and may not be used, disclosed, distributed, modified, or copied without the prior written consent of Juniper Networks, Inc. in an express license. This information is subject to change by Juniper Networks, Inc. Juniper Networks, the Juniper Networks logo, and JUNOS are registered trademarks of Juniper Networks, Inc. in the United States and other countries. All other trademarks, service marks, registered trademarks, or registered service marks are the property of their respective owners.
Generated on Sun May 30 20:26:47 2010 for Juniper Networks Partner Solution Development Platform JUNOS SDK 10.2R1 by Doxygen 1.4.5