What two features are benefits of using GRE tunnels with IPsec over using an IPsec tunnel alone in building-tobuilding site-to-site VPNs?

ccnp-dump
ccnp-route-dump
ccnp-route

#1

What two features are benefits of using GRE tunnels with IPsec over using an IPsec tunnel alone in building-tobuilding site-to-site VPNs? (Choose two.)
A. allows dynamic routing securely over the tunnel
B. IKE keepalives are unidirectional and sent every ten seconds
C. reduces IPsec headers overhead since tunnel mode is used
D. supports non-IP traffic over the tunnel
E. uses Virtual Tunnel Interface (VTI) to simplify the IPsec VPN configuration

Correct Answer: AD

Explanation:
A drawback of IPSec is it does not support multicast traffic. But most popular routing protocols nowadays rely
on multicast (like OSPF, EIGRP, RIP… except BGP) to send their routing updates. A popular solution to this is using GRE tunnels. GRE tunnels do support transporting IP multicast and broadcast packets to the other end of the GRE tunnel -> A is correct.

Non-IP traffic (such as IPX, AppleTalk) can be wrapped inside GRE encapsulation and then this packet is
subjected to IPSec encapsulation so all traffic can be routed -> D is correct.