From 750387723f2b9bc7ce6d82ce4e27dd58fc1a3c3a Mon Sep 17 00:00:00 2001
From: currite <sll@disroot.org>
Date: Wed, 11 Nov 2020 10:12:18 +0100
Subject: tunnel: add tunnel keys

---
 docs/interfaces/tunnel.rst | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

(limited to 'docs/interfaces')

diff --git a/docs/interfaces/tunnel.rst b/docs/interfaces/tunnel.rst
index f20127f5..24fbed44 100644
--- a/docs/interfaces/tunnel.rst
+++ b/docs/interfaces/tunnel.rst
@@ -124,6 +124,29 @@ ip otherwise it would have to be configured as well.
   tunnel source 203.0.113.10
   tunnel destination 198.51.100.2
 
+
+Tunnel keys
+^^^^^^^^^^^
+
+GRE is also the only classic protocol that allows creating multiple tunnels with the same source and destination due to its support for tunnel keys. Despite its name, this feature has nothing to do with security: it's simply an identifier that allows routers to tell one tunnel from another.
+
+An example:
+
+.. code-block:: none
+
+   set interfaces tunnel tun0 local-ip 192.0.2.10
+   set interfaces tunnel tun0 remote-ip 192.0.2.20
+   set interfaces tunnel tun0 address 10.40.50.60/24
+   set interfaces tunnel tun0 parameters ip key 10
+  
+.. code-block:: none
+
+   set interfaces tunnel tun0 local-ip 192.0.2.10
+   set interfaces tunnel tun0 remote-ip 192.0.2.20
+   set interfaces tunnel tun0 address 172.16.17.18/24
+   set interfaces tunnel tun0 parameters ip key 20
+
+
 Troubleshooting
 ^^^^^^^^^^^^^^^
 
-- 
cgit v1.2.3