Nested tunneling occurs when the tunnel’s next hop for its destination is another tunnel, or the tunnel itself. When the next hop is the tunnel itself, a tunnel loop occurs. This is also known as recursive routing.

When the Branch Gateway recognizes nested tunneling, it brings down the Tunnel interface and produces a message that the interface is temporarily disabled due to nested tunneling. The tunnel remains down until the tunnel is re-configured to eliminate the nested tunneling.

In addition to checking for nested tunneling, the Branch Gateway prevents loops in connection with GRE tunnels by preventing the same packet from being encapsulated more than once in the Branch Gateway.