题目要求:
R1-R2之间启用ppp的pap单向认证
R2-R3之间启用PPP的chap双向认证
R3-R5-R6之间使用MGRE,R3为hub端,R5 R6为spoke端: 要求MGRE接口网络类型为BMA,spoke之间通信必须经过hub端
1:先按图示进行接口基础配置,环回为x.x.x.x 24,比如R1路由器环回1.1.1.1 24,R2 2.2.2.2 24
2.启用ospf单区域,以r1为例
[r1]ospf 1 router-id 91.1.1.1
[r1-ospf-1]area 0
[r1-ospf-1-area-0.0.0.0]network 12.1.1.1 0.0.0.0
[r1-ospf-1-area-0.0.0.0]network 1.1.1.1 0.0.0.0
查看路由表
[r1]display ip routing-table protocol o
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Public routing table : OSPF
Destinations : 9 Routes : 9
OSPF routing table status : <Active>
Destinations : 9 Routes : 9
Destination/Mask Proto Pre Cost Flags NextHop Interface
2.2.2.2/32 OSPF 10 48 D 12.1.1.2 Serial4/0/0
3.3.3.3/32 OSPF 10 96 D 12.1.1.2 Serial4/0/0
4.4.4.4/32 OSPF 10 97 D 12.1.1.2 Serial4/0/0
5.5.5.5/32 OSPF 10 98 D 12.1.1.2 Serial4/0/0
6.6.6.6/32 OSPF 10 98 D 12.1.1.2 Serial4/0/0
23.1.1.0/24 OSPF 10 96 D 12.1.1.2 Serial4/0/0
34.1.1.0/24 OSPF 10 97 D 12.1.1.2 Serial4/0/0
45.1.1.0/24 OSPF 10 98 D 12.1.1.2 Serial4/0/0
46.1.1.0/24 OSPF 10 98 D 12.1.1.2 Serial4/0/0
OSPF routing table status : <Inactive>
Destinations : 0 Routes : 0
3. R1-R2之间启用ppp的pap单向认证
R1为主认证方:在接口调用
[r1]aaa
[r1-aaa]local-user hcip password cipher 123
Info: Add a new user.
[r1-aaa]local-user hcip service-type ppp
[r1-aaa]q
[r1]int s 4/0/0
[r1-Serial4/0/0]ppp authentication-mode pap
R2为被认证方:提供账号和密码
[r2]int s4/0/1
[r2-Serial4/0/1]ppp pap local-user hcip password cipher 123
4.R2-R3之间启用PPP的chap双向认证
①R2为主认证方
[r2]aaa
[r2-aaa]local-user hcip password cipher 123
Info: Add a new user.
[r2-aaa]local-user hcip service-type ppp
[r2-aaa]int s4/0/0
[r2-Serial4/0/0]ppp authentication-mode chap
R3为被认证方
[r3]int s 4/0/1
[r3-Serial4/0/1]ppp chap user hcip
[r3-Serial4/0/1]ppp chap password cipher 123
②R3为主认证方
[r3]aaa
[r3-aaa]local-user hcip1 password cipher 123
Info: Add a new user.
[r3-aaa]local-user hcip1 service-type ppp
[r3-aaa]int s 4/0/1
[r3-Serial4/0/1]ppp authentication-mode chap
R2为被认证方
[r2]int s 4/0/0
[r2-Serial4/0/0]ppp chap user hcip1
[r2-Serial4/0/0]ppp chap password cipher 123
5.R3-R5-R6之间使用MGRE,R3为hub端,R5 R6为spoke端: 要求MGRE接口网络类型为BMA,spoke之间通信必须经过hub端
R3、R5、R6写缺省指向R4
[r3]ip route-static 0.0.0.0 0 34.1.1.2
[r5]ip route-static 0.0.0.0 0 45.1.1.1
[r6]ip route-static 0.0.0.0 0 46.1.1.1
R3为中心站点hub端
[r3]interface Tunnel 0/0/0
[r3-Tunnel0/0/0]ip add 10.1.1.1 24
[r3-Tunnel0/0/0]tunnel-protocol gre p2mp
[r3-Tunnel0/0/0]source 34.1.1.1
Jul 6 2023 21:23:08-08:00 r3 %%01IFNET/4/LINK_STATE(l)[16]:The line protocol IP
on the interface Tunnel0/0/0 has entered the UP state.
[r3-Tunnel0/0/0]nhrp network-id 100
[r3-Tunnel0/0/0]nhrp entry multicast dynamic
查看
{
[r3-Tunnel0/0/0]display this
[V200R003C00]
#
interface Tunnel0/0/0
ip address 10.1.1.1 255.255.255.0
tunnel-protocol gre p2mp
source 34.1.1.1
nhrp entry multicast dynamic
nhrp network-id 100
#
return
}
R5为spoke端
[r5]int t0/0/0
[r5-Tunnel0/0/0]ip add 10.1.1.2 24
[r5-Tunnel0/0/0]tunnel-protocol gre p2mp
[r5-Tunnel0/0/0]source 45.1.1.2
Jul 6 2023 21:29:10-08:00 r5 %%01IFNET/4/LINK_STATE(l)[4]:The line protocol IP
on the interface Tunnel0/0/0 has entered the UP state.
[r5-Tunnel0/0/0]
[r5-Tunnel0/0/0]nhrp network-id 100
[r5-Tunnel0/0/0]nhrp entry 10.1.1.1 34.1.1.1 register
[r5-Tunnel0/0/0]dis th
[V200R003C00]
#
interface Tunnel0/0/0
ip address 10.1.1.2 255.255.255.0
tunnel-protocol gre p2mp
source 45.1.1.2
nhrp network-id 100
nhrp entry 10.1.1.1 34.1.1.1 register
#
return
R6为spoke端
[r6]int t0/0/0
[r6-Tunnel0/0/0]ip add 10.1.1.3 24
[r6-Tunnel0/0/0]tunnel-protocol gre p2mp
[r6-Tunnel0/0/0]source 46.1.1.2
Jul 6 2023 21:31:41-08:00 r6 %%01IFNET/4/LINK_STATE(l)[4]:The line protocol IP
on the interface Tunnel0/0/0 has entered the UP state.
[r6-Tunnel0/0/0]
[r6-Tunnel0/0/0]nhrp network-id 100
[r6-Tunnel0/0/0]nhrp entry 10.1.1.1 34.1.1.1 register
[r6-Tunnel0/0/0]display this
[V200R003C00]
#
interface Tunnel0/0/0
ip address 10.1.1.3 255.255.255.0
tunnel-protocol gre p2mp
source 46.1.1.2
nhrp network-id 100
nhrp entry 10.1.1.1 34.1.1.1 register
#
return
在hub端查看邻居关系
[r3]dis nhrp peer all
-------------------------------------------------------------------------------
Protocol-addr Mask NBMA-addr NextHop-addr Type Flag
-------------------------------------------------------------------------------
10.1.1.2 32 45.1.1.2 10.1.1.2 dynamic route tunnel
-------------------------------------------------------------------------------
Tunnel interface: Tunnel0/0/0
Created time : 00:05:03
Expire time : 01:54:57
-------------------------------------------------------------------------------
Protocol-addr Mask NBMA-addr NextHop-addr Type Flag
-------------------------------------------------------------------------------
10.1.1.3 32 46.1.1.2 10.1.1.3 dynamic route tunnel
-------------------------------------------------------------------------------
Tunnel interface: Tunnel0/0/0
Created time : 00:02:18
Expire time : 01:57:42
Number of nhrp peers: 2
设置网络类型为BMA
[r5-Tunnel0/0/0]ospf network-type broadcast
[r6-Tunnel0/0/0]ospf network-type broadcast