实验需求
1、R6为ISP只能配置IP地址,R1-R5的环回为私有网段
2、R1/4/5为全连的MGRE结构,R1/2/3为星型的拓扑结构,r1为中心站点
3、所有私有网段可以互相通讯,私有网段使用OSPF完成
第一步:IP地址规划
设备 | 接口 | 网址 |
R1 | g0/0/1 | 61.1.1.1 24 |
g0/0/0 | 16.1.1.1 24 | |
lookback0 | 192.168.1.1 24 | |
R2 | g0/0/0 | 26.1.1.2 24 |
lookback0 | 192.168.2.1 24 | |
R3 | g0/0/0 | 36.1.1.3 24 |
lookback0 | 192.168.3.1 24 | |
R4 | g0/0/0 | 46.1.1.4 24 |
lookback0 | 192.168.4.1 24 | |
R5 | g0/0/0 | 56.1.1.5 24 |
lookback0 | 192.168.5.1 24 | |
R6 | g0/0/1 | 61.1.1.6 24 |
g0/0/0 | 16.1.1.6 24 | |
g0/0/2 | 26.1.1.6 24 | |
g2/0/0 | 36.1.1.6 24 | |
g3/0/0 | 46.1.1.6 24 | |
g4/0/0 | 56.1.1.6 24 | |
lookback0 | 6.6.6.6 24 |
第二步:配置IP地址
RI配置
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 16.1.1.1/24 up up
GigabitEthernet0/0/1 61.1.1.1/24 up up
GigabitEthernet0/0/2 unassigned down down
GigabitEthernet4/0/0 unassigned down down
LoopBack0 192.168.1.1/24 up up(s)
NULL0 unassigned up up(s)
Tunnel0/0/0 10.1.1.1/24 up up
Tunnel0/0/1 20.1.1.1/24 up up
R2配置
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 26.1.1.2/24 up up
GigabitEthernet0/0/1 unassigned down down
GigabitEthernet0/0/2 unassigned down down
LoopBack0 192.168.2.1/24 up up(s)
NULL0 unassigned up up(s)
Tunnel0/0/0 unassigned up down
Tunnel0/0/1 20.1.1.2/24 up up
R3配置
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 36.1.1.3/24 up up
GigabitEthernet0/0/1 unassigned down down
GigabitEthernet0/0/2 unassigned down down
LoopBack0 192.168.3.1/24 up up(s)
NULL0 unassigned up up(s)
Tunnel0/0/1 20.1.1.3/24 up up
R4配置
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 46.1.1.4/24 up up
GigabitEthernet0/0/1 unassigned down down
GigabitEthernet0/0/2 unassigned down down
LoopBack0 192.168.4.1/24 up up(s)
NULL0 unassigned up up(s)
Tunnel0/0/0 10.1.1.4/24 up up
R5配置
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 56.1.1.5/24 up up
GigabitEthernet0/0/1 unassigned down down
GigabitEthernet0/0/2 unassigned down down
LoopBack0 192.168.5.1/24 up up(s)
NULL0 unassigned up up(s)
Tunnel0/0/0 10.1.1.5/24 up up
R6配置
Interface IP Address/Mask Physical Protocol
GigabitEthernet0/0/0 16.1.1.6/24 up up
GigabitEthernet0/0/1 61.1.1.6/24 up up
GigabitEthernet0/0/2 26.1.1.6/24 up up
GigabitEthernet2/0/0 36.1.1.6/24 up up
GigabitEthernet3/0/0 46.1.1.6/24 up up
GigabitEthernet4/0/0 56.1.1.6/24 up up
LoopBack0 6.6.6.6/24 up up(s)
NULL0 unassigned up up(s)
第二步:缺省路由
[R1]ip route-static 0.0.0.0 0 16.1.1.6
[R2]ip route-static 0.0.0.0 0 26.1.1.6
[R3]ip route-static 0.0.0.0 0 36.1.1.6
[R4]ip route-static 0.0.0.0 0 46.1.1.6
[R5]ip route-static 0.0.0.0 0 56.1.1.6
第三步:ACL
R1配置
[r1]acl 2000
[r1-acl-basic-2000]rule 1 permit source any
[r1]int g 0/0/0
[r1-GigabitEthernet0/0/0]nat outbound 2000
R2配置
[r2]acl 2000
[r2-acl-basic-2000]rule 1 permit source any
[r2]int g 0/0/0
[r2-GigabitEthernet0/0/0]nat outbound 2000
R3配置
[r3]acl 2000
[r3-acl-basic-2000]rule 1 permit source any
[r3]int g 0/0/0
[r3-GigabitEthernet0/0/0]nat outbound 2000
R4配置
[r4]acl 2000
[r4-acl-basic-2000]rule 1 permit source any
[r4]int g 0/0/0
[r4-GigabitEthernet0/0/0]nat outbound 2000
R5配置
[r5]acl 2000
[r5-acl-basic-2000]rule 1 permit source any
[r5]int g 0/0/0
[r5-GigabitEthernet0/0/0]nat outbound 2000
第四步:配置MGRE环境
R1配置
[r1]interface Tunnel 0/0/0
[r1-Tunnel0/0/0]ip address 10.1.1.1 24
[r1-Tunnel0/0/0]tunnel-protocol gre p2mp
[r1-Tunnel0/0/0]source 16.1.1.1
[r1-Tunnel0/0/0]nhrp network-id 100
[r1-Tunnel0/0/0]nhrp entry 10.1.1.4 46.1.1.4 register
[r1-Tunnel0/0/0]nhrp entry 10.1.1.5 56.1.1.5 register
R4配置
[r4]interface Tunnel 0/0/0
[r4-Tunnel0/0/0]ip address 10.1.1.4 24
[r4-Tunnel0/0/0]tunnel-protocol gre p2mp
[r4-Tunnel0/0/0]source 46.1.1.4
[r4-Tunnel0/0/0]nhrp entry 10.1.1.1 16.1.1.1 register
[r4-Tunnel0/0/0]nhrp entry 10.1.1.5 56.1.1.5 register
[r4-Tunnel0/0/0]nhrp network-id 100
R5配置
[r5]interface Tunnel 0/0/0
[r5-Tunnel0/0/0]ip address 10.1.1.5 24
[r5-Tunnel0/0/0]tunnel-protocol gre p2mp
[r5-Tunnel0/0/0]source 56.1.1.5
[r5-Tunnel0/0/0]nhrp entry 10.1.1.4 46.1.1.4 register
[r5-Tunnel0/0/0]nhrp entry 10.1.1.1 16.1.1.1 register
[r5-Tunnel0/0/0]nhrp network-id 100
第六步:R1/2/3配置MGRE环境
R1配置
[r1]interface Tunnel 0/0/1
[r1-Tunnel0/0/1]ip address 20.1.1.1 24
[r1-Tunnel0/0/1]tunnel-protocol gre p2mp
[r1-Tunnel0/0/1]source 61.1.1.1
[r1-Tunnel0/0/1]nhrp network-id 101
R2配置
[r2]interface Tunnel 0/0/1
[r2-Tunnel0/0/1]ip address 20.1.1.2 24
[r2-Tunnel0/0/1]tunnel-protocol gre p2mp
[r2-Tunnel0/0/1]source g 0/0/0
[r2-Tunnel0/0/1]nhrp entry 20.1.1.1 61.1.1.1 re
[r2-Tunnel0/0/1]nhrp network-id 101
R3配置
[r3]interface Tunnel 0/0/1
[r3-Tunnel0/0/1]ip address 20.1.1.3 24
[r3-Tunnel0/0/1]tunnel-protocol gre p2mp
[r3-Tunnel0/0/1]source g 0/0/0
[r3-Tunnel0/0/1]nhrp entry 20.1.1.1 61.1.1.1 register
[r3-Tunnel0/0/1]nhrp network-id 101
第七步:书写OSPF
R1配置
[r1]ospf 1 router-id 1.1.1.1
[r1-ospf-1]area 0
[r1-ospf-1-area-0.0.0.0]network 192.168.1.0 0.0.0.255
[r1-ospf-1-area-0.0.0.0]network 20.1.1.0 0.0.0.255
[r1-ospf-1-area-0.0.0.0]network 10.1.1.0 0.0.0.255
R2配置
[r2]ospf 1 router-id 2.2.2.2
[r2-ospf-1]area 0
[r2-ospf-1-area-0.0.0.0]network 20.1.1.0 0.0.0.255
[r2-ospf-1-area-0.0.0.0]network 192.168.2.0 0.0.0.255
R3配置
[r3]ospf 1 router-id 3.3.3.3
[r3-ospf-1]area
[r3-ospf-1-area-0.0.0.0]network 192.168.3.0 0.0.0.255
[r3-ospf-1-area-0.0.0.0]network 20.1.1.0 0.0.0.255
R4配置
[r4]ospf 1 router-id 4.4.4.4
[r4-ospf-1]area 0
[r4-ospf-1-area-0.0.0.0]network 192.168.1.0 0.0.0.255
[r4-ospf-1-area-0.0.0.0]network 10.1.1.0 0.0.0.255
R5配置
[r5]ospf 1 router-id 5.5.5.5
[r5-ospf-1]area 0
[r5-ospf-1-area-0.0.0.0]network 192.168.5.0 0.0.0.255
[r5-ospf-1-area-0.0.0.0]network 10.1.1.0 0.0.0.255
第八步:开启为广播
R4配置
[r4]interface Tunnel 0/0/0
[r4-Tunnel0/0/0]nhrp entry multicast dynamic
R5配置
[r5]interface Tunnel 0/0/0
[r5-Tunnel0/0/0]nhrp entry multicast dynamic
第九步:将p2p修改为bordcast
R1配置
[r1]interface Tunnel 0/0/1
[r1-Tunnel0/0/1]ospf network-type broadcast
[r1]interface Tunnel 0/0/0
[r1-Tunnel0/0/1]ospf network-type broadcast
R2配置
[r2]interface Tunnel 0/0/1
[r2-Tunnel0/0/1]ospf network-type broadcast
R3配置
[r3]interface Tunnel 0/0/1
[r3-Tunnel0/0/1]ospf network-type broadcast
R4配置
[r4]interface Tunnel 0/0/0
[r4-Tunnel0/0/0]ospf network-type broadcast
R5配置
[r5]interface Tunnel 0/0/0
[r5-Tunnel0/0/0]ospf network-type broadcast
第十步:修改优先级
R2配置
[r2]interface Tunnel 0/0/1
[r2-Tunnel0/0/1]ospf dr-priority 0
R3配置
[r3]interface Tunnel 0/0/1
[r3-Tunnel0/0/1]ospf dr-priority 0
第十一步:检查
R1查看
<r1>display ip routing-table protocol ospf
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Public routing table : OSPF
Destinations : 4 Routes : 4OSPF routing table status : <Active>
Destinations : 4 Routes : 4Destination/Mask Proto Pre Cost Flags NextHop Interface
192.168.2.1/32 OSPF 10 1562 D 20.1.1.2 Tunnel0/0/1
192.168.3.1/32 OSPF 10 1562 D 20.1.1.3 Tunnel0/0/1
192.168.4.1/32 OSPF 10 1562 D 10.1.1.4 Tunnel0/0/0
192.168.5.1/32 OSPF 10 1562 D 10.1.1.5 Tunnel0/0/0OSPF routing table status : <Inactive>
Destinations : 0 Routes : 0
R2检查
<r2>display ip routing-table protocol ospf
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Public routing table : OSPF
Destinations : 4 Routes : 4OSPF routing table status : <Active>
Destinations : 4 Routes : 4Destination/Mask Proto Pre Cost Flags NextHop Interface
10.1.1.0/24 OSPF 10 3124 D 20.1.1.1 Tunnel0/0/1
192.168.1.1/32 OSPF 10 1562 D 20.1.1.1 Tunnel0/0/1
192.168.3.1/32 OSPF 10 1562 D 20.1.1.3 Tunnel0/0/1
192.168.5.1/32 OSPF 10 3124 D 20.1.1.1 Tunnel0/0/1OSPF routing table status : <Inactive>
Destinations : 0 Routes : 0
R3检查
<r3>display ip routing-table protocol ospf
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Public routing table : OSPF
Destinations : 5 Routes : 5OSPF routing table status : <Active>
Destinations : 5 Routes : 5Destination/Mask Proto Pre Cost Flags NextHop Interface
10.1.1.0/24 OSPF 10 3124 D 20.1.1.1 Tunnel0/0/1
192.168.1.1/32 OSPF 10 1562 D 20.1.1.1 Tunnel0/0/1
192.168.2.1/32 OSPF 10 1562 D 20.1.1.2 Tunnel0/0/1
192.168.4.1/32 OSPF 10 3124 D 20.1.1.1 Tunnel0/0/1
192.168.5.1/32 OSPF 10 3124 D 20.1.1.1 Tunnel0/0/1OSPF routing table status : <Inactive>
Destinations : 0 Routes : 0
R4检查
<r4>display ip routing-table protocol ospf
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Public routing table : OSPF
Destinations : 5 Routes : 5OSPF routing table status : <Active>
Destinations : 5 Routes : 5Destination/Mask Proto Pre Cost Flags NextHop Interface
20.1.1.0/24 OSPF 10 3124 D 10.1.1.1 Tunnel0/0/0
192.168.1.1/32 OSPF 10 1562 D 10.1.1.1 Tunnel0/0/0
192.168.2.1/32 OSPF 10 3124 D 10.1.1.1 Tunnel0/0/0
192.168.3.1/32 OSPF 10 3124 D 10.1.1.1 Tunnel0/0/0
192.168.5.1/32 OSPF 10 1562 D 10.1.1.5 Tunnel0/0/0OSPF routing table status : <Inactive>
Destinations : 0 Routes : 0
R5检查
<r5>display ip routing-table protocol ospf
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Public routing table : OSPF
Destinations : 5 Routes : 5OSPF routing table status : <Active>
Destinations : 5 Routes : 5Destination/Mask Proto Pre Cost Flags NextHop Interface
20.1.1.0/24 OSPF 10 3124 D 10.1.1.1 Tunnel0/0/0
192.168.1.1/32 OSPF 10 1562 D 10.1.1.1 Tunnel0/0/0
192.168.2.1/32 OSPF 10 3124 D 10.1.1.1 Tunnel0/0/0
192.168.3.1/32 OSPF 10 3124 D 10.1.1.1 Tunnel0/0/0
192.168.4.1/32 OSPF 10 1562 D 10.1.1.4 Tunnel0/0/0OSPF routing table status : <Inactive>
Destinations : 0 Routes : 0
第十二步:检测
检测成功,所有私有网段可以互相通讯!!!