See the graphic from an old JNCIS-ENT Routing study guide:
Can somebody explain me how the routing tables of the intermediate routers should look like to route to the 192.168.x.x (private) addres? How can you route over the internet to private IP addresses?
of course in real life the tunnel endpoints for a tunnel going over the Internet must have global and global reachable internet-addresses.
Otherwise intermediate routers in teh Internet cannot forward the tunneled packets.
Unfortunately the example uses private addresses
IP addresses used in this case study are all in Private ranges (LAN,WAN, lo0). It is used for demo purpose only and I believe they cannot use Public range as that ip range may be registered by someone in the internet (legal issue).
As you thought, if you want to build a gre tunnel over internet the tunnel end point IP address should be Public range so that it can be routed by the intermediate devices.
Below static route is created towards the ISP router from R1 in your picture, same static created from the R2 ruoter as well.
set routing-options static route 192.168.2.1/32 next-hop 172.18.1.1
But you need to have a public ip to transport you GRE packet in a real time scenario.
Below is a operation happens during the GRE tunneling.
Encapsulation—A router operating as a tunnel source router encapsulates and forwards GRE packets as follows:
De-encapsulation—A router operating as a tunnel remote router handles GRE packets as follows:
'Please Mark My Solution Accepted if it Helped, Kudos are Appreciated too!'
Thank you gentlemen,
I really thought I was missing something. Indeed Nellikka, it could have something to do with privacy (somebody owns such an public ip-address).
Nevertheless, careless of Juniper not to mention that the ip-address should be public. Especially because, in het cloud, the word "Internet" is stated. Because tunneling can be used for traffic with non routable ip addresses I thought I was misunderstanding something, but now it's clear.