1.实验要求
1、R4为ISP,所连接的所有物理接口为公有网段,任意指定ip即可
R1-2-3构建一个星型结构的MGRE结构,其中R1为中心点,假设R1的公有ip为固定地址
3、R1-5-6 构建另一个全连网状的MGRE网络,其中R1/5均为中心区域;
4、使用osPF实现整个私有网络的互通,同时所有pc可以正常访问R4的环回
二、实验过程
(一)IP地址规划
PC1 网关192.168.1.1/24 地址192.168.1.2/24
PC2 网关192.168.2.1/24 地址192.168.2.2/24
PC3 网关192.168.3.1/24 地址192.168.3.2/24
PC4 网关192.168.4.1/24 地址192.168.4.2/24
PC5 网关192.168.5.1/24 地址192.168.5.2/24
R1 G0/0/2 16.1.1.1/24 G0/0/1 61.1.1.1/24
G0/0/0 192.168.1.1/24
R2 G0/0/2 26.1.1.2/24
G0/0/0 192.168.2.1/24
R3 G0/0/2 36.1.1.3/24
G0/0/0 192.168.3.1/24
R4 G0/0/2 46.1.1.4/24
G0/0/0 192.168.4.1/24
R5 G0/0/2 56.1.1.1/24
G0/0/0 192.168.5.1/24
R6 LoopBack 0 6.6.6.6 24
G0/0/0 16.1.1.5/24
G0/0/1 61.1.1.5/24
G0/0/1 26.1.1.5/24
G0/0/2 36.1.1.5/24
G3/0/0 46.1.1.5/24
G4/0/0 56.1.1.5/24
(二)配置IP地址
R1
[R1-GigabitEthernet0/0/2]ip address 16.1.1.1 24
[R1-GigabitEthernet0/0/0]ip address 192.168.1.1 24
[R1-GigabitEthernet0/0/1]ip address 61.1.1.1 24
R2
[R2-GigabitEthernet0/0/0]ip address 192.168.2.1 24[R2-GigabitEthernet0/0/2]ip address 26.1.1.2 24
R3
[R3-GigabitEthernet0/0/0]ip address 192.168.3.1 24[R3-GigabitEthernet0/0/2]ip address 36.1.1.3 24
R4
[R4-GigabitEthernet0/0/0]ip address 192.168.4.1 24[R4-GigabitEthernet0/0/2]ip address 46.1.1.4 24
R5
[R5-GigabitEthernet0/0/2]ip address 56.1.1.1 24[R5-GigabitEthernet0/0/0]ip address 192.168.5.1 24
R6
[R6-GigabitEthernet2/0/0]ip address 61.1.1.5 24[R6-GigabitEthernet0/0/0]ip address 16.1.1.5 24
[R6-GigabitEthernet0/0/1]ip address 26.1.1.5 24
[R6-GigabitEthernet0/0/2]ip address 36.1.1.5 24
[R6-GigabitEthernet3/0/0]ip address 46.1.1.5 24
[R6-GigabitEthernet4/0/0]ip address 56.1.1.5 24
[R6-LoopBack0]ip address 6.6.6.6 24
PC地址
(三)配置缺省路由
[R1]ip route-static 0.0.0.0 0 16.1.1.5
[R1]ip route-static 0.0.0.0 0 61.1.1.5
[R2]ip route-static 0.0.0.0 0 26.1.1.5
[R3]ip route-static 0.0.0.0 0 36.1.1.5
[R4]ip route-static 0.0.0.0 0 46.1.1.5
[R5]ip route-static 0.0.0.0 0 56.1.1.5
(四)NAT
R1
[R1]acl 2000
[R1-acl-basic-2000]rule 1 permit source any
[R1]interface g0/0/0
[R1-GigabitEthernet0/0/1]nat outbound 2000
R2,R3,R4,R5均如上进行配置
(五)构建MGRE环境
1.R1-4-5
R1
[R1]interface Tunnel 0/0/0
[R1-Tunnel0/0/0]tunnel-protocol gre p2mp
[R1-Tunnel0/0/0]ip address 10.1.1.1 24
[R1-Tunnel0/0/0]source 16.1.1.1
[R1-Tunnel0/0/0]nhrp network-id 100[R1-Tunnel0/0/0]nhrp entry 10.1.1.4 46.1.1.4 register
[R1-Tunnel0/0/0]nhrp entry 10.1.1.5 56.1.1.1 register
R4
[R4]interface Tunnel 0/0/0
[R4-Tunnel0/0/0]tunnel-protocol gre p2mp
[R4-Tunnel0/0/0]ip address 10.1.1.4 24
[R4-Tunnel0/0/0]source 46.1.1.4
[R4-Tunnel0/0/0]nhrp network-id 100[R4-Tunnel0/0/0]nhrp entry 10.1.1.5 56.1.1.1 register
[R4-Tunnel0/0/0]nhrp entry 10.1.1.1 16.1.1.1 register
R5
[R5]interface Tunnel 0/0/0
[R5-Tunnel0/0/0]tunnel-protocol gre p2mp
[R5-Tunnel0/0/0]ip address 10.1.1.5 24
[R5-Tunnel0/0/0]source 56.1.1.5
[R5-Tunnel0/0/0]nhrp network-id 100[R5-Tunnel0/0/0]nhrp entry 10.1.1.1 16.1.1.1 register
[R5-Tunnel0/0/0]nhrp entry 10.1.1.4 46.1.1.4 register
2.R1-2-3
R1
[R1]interface Tunnel 0/0/1
[R1-Tunnel0/0/1]tunnel-protocol gre p2mp
[R1-Tunnel0/0/1]ip address 20.1.1.1 24
[R1-Tunnel0/0/1]source 61.1.1.1
[R1-Tunnel0/0/1]nhrp network-id 101
R2
[R2]interface Tunnel 0/0/1
[R2-Tunnel0/0/1]tunnel-protocol gre p2mp
[R2-Tunnel0/0/1]ip address 20.1.1.2 24
[R2-Tunnel0/0/1]source g0/0/2
[R2-Tunnel0/0/1]nhrp network-id 101
[R2-Tunnel0/0/1]nhrp entry 20.1.1.1 61.1.1.1 register
R3
[R3]interface Tunnel 0/R0/1
[R3-Tunnel0/0/1]tunnel-protocol gre p2mp
[R3-Tunnel0/0/1]ip address 20.1.1.3 24
[R3-Tunnel0/0/1]source g0/0/0
[R3-Tunnel0/0/1]nhrp network-id 101
[R3-Tunnel0/0/1]nhrp entry 20.1.1.1 61.1.1.1 register
测试是否成功:
(六)OSPF配置
R1
[R1]ospf 1 router-id 1.1.1.1
[R2-ospf-1]area 0
[R1-ospf-1-area-0.0.0.0]network 10.1.1.0 0.0.0.255
[R1-ospf-1-area-0.0.0.0]network 192.168.1.0 0.0.0.255
[R1-ospf-1-area-0.0.0.0]network 20.1.1.0 0.0.0.255
R2
[R2]ospf 1 router-id 2.2.2.2
[R2-ospf-1]area 0
[R2-ospf-1-area-0.0.0.0]network 20.1.1.0 0.0.0.255
[R2-ospf-1-area-0.0.0.0]network 192.168.2.0 0.0.0.255
R3
[R3]ospf 1 router-id 3.3.3.3
[R3-ospf-1]area 0
[R3-ospf-1-area-0.0.0.0]network 20.1.1.0 0.0.0.255
[R3-ospf-1-area-0.0.0.0]network 192.168.3.0 0.0.0.255
R4
[R4]ospf 1 router-id 4.4.4.4
[R4-ospf-1]area 0
[R4-ospf-1-area-0.0.0.0]network 10.1.1.0 0.0.0.255
[R4-ospf-1-area-0.0.0.0]network 192.168.4.0 0.0.0.255
R5
[R5]ospf 1 router-id 5.5.5.5
[R5-ospf-1-area-0.0.0.0]network 192.168.5.0 0.0.0.255
[R5-ospf-1-area-0.0.0.0]network 10.1.1.0 0.0.0.255
[R5-ospf-1-area-0.0.0.0]network 192.168.5.0 0.0.0.255
配置完后因为是P2P状态需要修改
[R1-Tunnel0/0/0]ospf network-type broadcast
[R1-Tunnel0/0/1]ospf network-type broadcast
[R2-Tunnel0/0/1]ospf network-type broadcast
[R3-Tunnel0/0/1]ospf network-type broadcast
[R4-Tunnel0/0/0]ospf network-type broadcast
[R5-Tunnel0/0/0]ospf network-type broadcast
继续配置路由发现少了到R4的路由,开启rip伪广播学到R4的地址
[R1-Tunnel0/0/0]nhrp entry multicast dynamic
[R1-Tunnel0/0/1]nhrp entry multicast dynamic
[R4-Tunnel0/0/0]nhrp entry multicast dynamic
[R5-Tunnel0/0/0]nhrp entry multicast dynamic
查看路由之后发现缺少路由,因此将优先值改为0
[R2-Tunnel0/0/1]ospf dr-priority 0
[R3-Tunnel0/0/1]ospf dr-priority 0
测试结果
总结
(1)MGRE为NBMA网络类型,不广播,但是动态路由协议是组播,不广播无法传送,因此需要开启伪广播。
(2)在MGRE环境下运行OSPF默认Tunnel接口默认网络类型为P2P,但是MGRE为多点通用路由,需要将Tunnel接口类型改为broadcast。
(3)在MGRE环境下,分支到站点这种网络结构里面,要考虑清楚DR和BDR之间的关系,不能让DR处于分支,有且只有让DR处于中心站点才能ping通。