【实验】GRE

【实验】IPSec LAN to LAN(附有关于IPSec的一些ACL应用)

实验环境:

操作系统:Mac OS X 10.11.5 Beta 1(当时最新测试版),模拟器:GNS3 IOU for Mac 1.4.5(当时最新版本)
注:当然,只要有思科模拟器都可以做这个实验

实验需求:

site 1 和 site 2 均需要开启 OSPF ,实现 R1 到 R5 的内网通信。

实验步骤:(基础配置)

R1 :

interface Loopback0
ip address 1.1.1.1 255.255.255.255

interface FastEthernet1/0
ip address 12.1.1.1 255.255.255.0
no sh

router ospf 12
router-id 1.1.1.1
network 0.0.0.0 255.255.255.255 area 0

 R3 :

interface FastEthernet1/0
ip address 34.1.1.3 255.255.255.0
no sh

interface FastEthernet1/1
ip address 23.1.1.3 255.255.255.0
no sh

 R5 :

interface Loopback0
ip address 5.5.5.5 255.255.255.255

interface FastEthernet1/1
ip address 45.1.1.5 255.255.255.0
no sh

router ospf 45
router-id 5.5.5.5
network 0.0.0.0 255.255.255.255 area 0
R2 :

interface Loopback0
ip address 2.2.2.2 255.255.255.255

interface FastEthernet1/0
ip address 12.1.1.2 255.255.255.0
no sh

interface FastEthernet1/1
ip address 23.1.1.2 255.255.255.0
no sh

ip route 0.0.0.0 0.0.0.0 23.1.1.3

router ospf 12
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 12.1.1.0 0.0.0.255 area 0
default-information originate

 R4 :

interface Loopback0
ip address 4.4.4.4 255.255.255.255

interface FastEthernet1/0
ip address 34.1.1.4 255.255.255.0
no sh

interface FastEthernet1/1
ip address 45.1.1.4 255.255.255.0
no sh

ip route 0.0.0.0 0.0.0.0 34.1.1.3

router ospf 45
router-id 4.4.4.4
network 4.4.4.4 0.0.0.0 area 0
network 45.1.1.0 0.0.0.255 area 0
default-information originate

GRE 的配置:

R2 :

R2(config)#int tunnel 0
R2(config-if)#tunnel source f 1/1
R2(config-if)#tunnel destination 34.1.1.4 —— tunnel mode 默认就是 gre ,可以不
配置 tunnel mode gre 这条命令
R2(config-if)#ip add 24.1.1.2 255.255.255.0
R2(config-if)#ip ospf 12 a 0

R4 :

R4(config)#int tunnel 0
R4(config-if)#tunnel source f 1/0
R4(config-if)#tunnel destination 23.1.1.2
R4(config-if)#ip add 24.1.1.4 255.255.255.0
R4(config-if)#ip ospf 45 a 0

测试:

R2#sh ip ro
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is 23.1.1.3 to network 0.0.0.0

S*    0.0.0.0/0 [1/0] via 23.1.1.3
      1.0.0.0/32 is subnetted, 1 subnets
O        1.1.1.1 [110/2] via 12.1.1.1, 00:20:54, FastEthernet1/0
      2.0.0.0/32 is subnetted, 1 subnets
C        2.2.2.2 is directly connected, Loopback0
      4.0.0.0/32 is subnetted, 1 subnets
O        4.4.4.4 [110/1001] via 24.1.1.4, 00:01:21, Tunnel0
      5.0.0.0/32 is subnetted, 1 subnets
O        5.5.5.5 [110/1002] via 24.1.1.4, 00:01:21, Tunnel0 —— 直接就能学到 R5 的路由
      12.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C        12.1.1.0/24 is directly connected, FastEthernet1/0
L        12.1.1.2/32 is directly connected, FastEthernet1/0
      23.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C        23.1.1.0/24 is directly connected, FastEthernet1/1
L        23.1.1.2/32 is directly connected, FastEthernet1/1
      24.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C        24.1.1.0/24 is directly connected, Tunnel0
L        24.1.1.2/32 is directly connected, Tunnel0
      45.0.0.0/24 is subnetted, 1 subnets
O        45.1.1.0 [110/1001] via 24.1.1.4, 00:01:21, Tunnel0
R1#p 5.5.5.5 so l 0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 52/65/72 ms

 

本文完。如有疑问,欢迎在下方留言;如本文有什么错误,欢迎在下方留言指正,谢谢。

 

其他相关文章:

打赏分享

这篇文章对你有帮助吗?

相关文章

发表评论?

此站点使用Akismet来减少垃圾评论。了解我们如何处理您的评论数据