实验要求
1.R7为ISP,只能配置IP;
2.红色为私有IP地址;
3.使用OSPF将所有私有网段实现全通;
4.OSPF的区域划分为紫色;
5.R4-R6可以正常访问R7环回;
6.R1telnet R3公有ip,实际登录到R6;
七台路由,其中R7为ISP,R1/2/3为区域0,R3/4/5为区域1,R5/6为区域2.
拓扑
路由配置
R1:
sys R1
int g 0/0/0
ip address 17.1.1.1 24
int l0
ip address 192.168.1.1 24
ip route-static 0.0.0.0 0.0.0.0 17.1.1.2
int t0/0/0
ip address 10.1.1.1 24
tunnel-protocol gre p2mp
source 17.1.1.1
ospf network-type broadcast
nhrp entry multicast dynamic
nhrp network-id 100
nhrp entry 10.1.1.2 27.1.1.1 register
nhrp entry 10.1.1.3 37.1.1.1 register
ospf 1 router-id 1.1.1.1
area 0
network 10.1.1.0 0.0.0.255
network 192.168.1.0 0.0.0.255
R2:
sys R2
int g 0/0/1
ip address 27.1.1.1 24
int l0
ip address 192.168.2.1 24
ip route-static 0.0.0.0 0.0.0.0 27.1.1.2
int t0/0/0
ip address 10.1.1.2 24
tunnel-protocol gre p2mp
source 27.1.1.1
ospf network-type broadcast
nhrp entry multicast dynamic
nhrp network-id 100
nhrp entry 10.1.1.1 17.1.1.1 register
nhrp entry 10.1.1.3 37.1.1.1 register
ospf 1 router-id 2.2.2.2
area 0
network 10.1.1.0 0.0.0.255
network 192.168.2.0 0.0.0.255
R3:
sys R3
int g 0/0/0
ip address 192.168.34.1 24
int g 0/0/2
ip address 37.1.1.1 24
int l0
ip address 192.168.3.1 24
ip route-static 0.0.0.0 0.0.0.0 37.1.1.2
int t0/0/0
ip address 10.1.1.3 24
tunnel-protocol gre p2mp
source 37.1.1.1
ospf network-type broadcast
nhrp entry multicast dynamic
nhrp network-id 100
nhrp entry 10.1.1.1 17.1.1.1 register
nhrp entry 10.1.1.2 27.1.1.1 register
ospf 1 router-id 3.3.3.3
area 0
network 10.1.1.0 0.0.0.255
area 1
network 192.168.3.0 0.0.0.255
network 192.168.34.0 0.0.0.255
acl number 2000
rule 5 permit source192.168.2.0 0.0.0.255
rule 10 permit source192.168.3.0 0.0.0.255
rule 15 permit source192.168.4.0 0.0.0.255
rule 20 permit source192.168.5.0 0.0.0.255
rule 25 permit source192.168.6.0 0.0.0.255
nat server protocol tcp global current-interface telnet inside 192.168.6.1 telnet
y
nat outbound 2000
R4:
sys R4
int g 0/0/0
ip address 192.168.34.2 24
int g 0/0/1
ip address 192.168.45.1 24
int l0
ip address 192.168.4.1 24
ip route-static 0.0.0.0 0.0.0.0 192.168.34.1
ospf 1 router-id 4.4.4.4
area 1
network 192.168.34.0 0.0.0.255
network 192.168.45.0 0.0.0.255
network 192.168.4.0 0.0.0.255
R5:
sys R5
int g 0/0/0
ip address 192.168.56.1 24
int g 0/0/1
ip address 192.168.45.2 24
int l0
ip address 192.168.5.1 24
ip route-static 0.0.0.0 0.0.0.0 192.168.45.1
ospf 1 router-id 5.5.5.5
import-route ospf 2
area 1
network 192.168.5.0 0.0.0.255
network 192.168.45.0 0.0.0.255
ospf 2 router-id 5.5.5.5
import-route ospf 1
area 2
network 192.168.56.0 0.0.0.255
R6:
sys R6
int g 0/0/0
ip address 192.168.56.2 24
int l0
ip address 192.168.6.1 24
ip route-static 0.0.0.0 0.0.0.0 192.168.56.1
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher 123
local-user admin service-type http
local-user yuhui password cipher 456
local-user yuhui service-type telnet
user-interface vty 0 4
authentication-mode aaa
ospf 1 router-id 6.6.6.6
area 2
network 192.168.56.0 0.0.0.255
network 192.168.6.0 0.0.0.255
实验结果
各路由邻接关系
测试
R2pingR6
R5pingR7
R1TelnetR3(实际登录到R6)
不足之处还请批评指正。