第四天作业

第四天作业

设备配置

r1

[Huawei]sysname r1
[r1]interface g0/0/0
[r1-GigabitEthernet0/0/0]ip add 192.168.1.1 24
[r1-GigabitEthernet0/0/0]q
[r1]interface s4/0/0
[r1-Serial4/0/0]ip add 12.1.1.1 24

r2

[Huawei]sysname r2
[r2]interface s4/0/0
[r2-Serial4/0/0]ip add 12.1.1.2 24
[r2-Serial4/0/0]q
[r2]interface s4/0/1
[r2-Serial4/0/1]ip add 23.1.1.1 24
[r2]int s3/0/0
[r2-Serial3/0/0]ip add 24.1.1.1 24

r3

[Huawei]sysname r3
[r3]int s4/0/0
[r3-Serial4/0/0]ip add 23.1.1.2 24
[r3-Serial4/0/0]q
[r3]int g0/0/1
[r3-GigabitEthernet0/0/1]ip add 192.168.2.1 24 
[r3-GigabitEthernet0/0/1]q

r4

[Huawei]sysname r4
[r4]int s4/0/0
[r4-Serial4/0/0]ip add 24.1.1.2 24
[r4-Serial4/0/0]q
[r4]int g0/0/1
[r4-GigabitEthernet0/0/1]q

r1 r2间hdlc封装

r1

[r1]int s4/0/0
[r1-Serial4/0/0]link-protocol hdlc 
Warning: The encapsulation protocol of the link will be changed. Continue? [Y/N]
:y

r2

[r2]int s4/0/0
[r2-Serial4/0/0]link-protocol hdlc 
Warning: The encapsulation protocol of the link will be changed. Continue? [Y/N]
:y

R2-R3之间为ppp封装，pap认证，R2为主认证方

r2

[r2]interface s4/0/1
[r2-Serial4/0/1]link-protocol p	
[r2-Serial4/0/1]link-protocol ppp 
[r2]aaa
[r2-aaa]local-user huawei password cipher huawei
Info: Add a new user.
[r2-aaa]local-user huawei service-type ppp
[r2-aaa]q
[r2]int s4/0/1
[r2-Serial4/0/1]ppp authentication-mode pap 

r3

[r3]int s4/0/0
[r3-Serial4/0/0]link-protocol ppp	
[r3-Serial4/0/0]ppp pap local-user huawei password cipher huawei

R2-R4之间为PPp封装，chap认证，R2为主认证方

r2

[r2]int s3/0/0
[r2-Serial3/0/0]link-protocol ppp
[r2-Serial3/0/0]q
[r2]aaa
[r2-aaa]local-user huawei password cipher huawei
[r2-aaa]local-user huawei service-type ppp
[r2-aaa]q
[r2]int s3/0/0	
[r2-Serial3/0/0]ppp authentication-mode chap 

r4

[r4]int s4/0/0
[r4-Serial4/0/0]link-protocol ppp
[r4-Serial4/0/0]ppp chap user huawei
[r4-Serial4/0/0]ppp chap password cipher huawei

R1、R3、R4构建MGRE环境，仅R1地址固定

r1

[r1]int Tunnel 0/0/0
[r1-Tunnel0/0/0]ip add 10.1.1.1 24
[r1-Tunnel0/0/0]tunnel-protocol gre p2mp 
[r1-Tunnel0/0/0]source 12.1.1.1
[r1-Tunnel0/0/0]nhrp entry multicast dynamic 
[r1-Tunnel0/0/0]nhrp network-id 100

r3

[r2]int Tunnel 0/0/0
[r2-Tunnel0/0/0]ip add 10.1.1.2 24
[r2-Tunnel0/0/0]tunnel-protocol gre p2mp 
[r2-Tunnel0/0/0]source 12.1.1.2
[r2-Tunnel0/0/0]nhrp network-id 100
[r2-Tunnel0/0/0]nhrp entry 10.1.1.1 12.1.1.1 register 

r4

[r4]int t 0/0/0
[r4-Tunnel0/0/0]ip add 10.1.1.4 24
[r4-Tunnel0/0/0]tunnel-protocol gre p2mp 
[r4-Tunnel0/0/0]source 24.1.1.2
[r4-Tunnel0/0/0]nhrp network-id 100
[r4-Tunnel0/0/0]nhrp entry 10.1.1.1 12.1.1.1 register

内网使用RIP获取路由，所有pc可以互相访问，并且可访问R2的环回。

r1

[r1]ip route-static 0.0.0.0 0 12.1.1.2
[r1]acl 2000
[r1-acl-basic-2000]rule 5 permit source any 
[r1-acl-basic-2000]q
[r1]int s4/0/0
[r1-Serial4/0/0]nat outbound 2000
[r1-Serial4/0/0]q
[r1]rip 1
[r1-rip-1]version 2
[r1-rip-1]network 10.0.0.0
[r1-rip-1]network 192.168.1.0

r3

[r3]ip route-static 0.0.0.0 0 23.1.1.1
[r3]acl 2000
[r3-acl-basic-2000]rule 5 permit source any 
[r3-acl-basic-2000]q
[r3]int s4/0/0
[r3-Serial4/0/0]nat outbound 2000
[r3]rip 1
[r3-rip-1]version 2
[r3-rip-1]network 10.0.0.0	
[r3-rip-1]network 192.168.2.0

r4

[r4]ip route-static 0.0.0.0 0 24.1.1.1
[r4]acl 2000
[r4-acl-basic-2000]rule 5 permit source any 
[r4-acl-basic-2000]q
[r4]int s4/0/0
[r4-Serial4/0/0]nat outbound 2000
[r4]rip 1
[r4-rip-1]version 2
[r4-rip-1]network 192.168.3.0
[r4-rip-1]network 10.0.0.0

测试

PC>ipconfig

Link local IPv6 address...........: fe80::5689:98ff:fe47:2d5f
IPv6 address......................: :: / 128
IPv6 gateway......................: ::
IPv4 address......................: 192.168.1.2
Subnet mask.......................: 255.255.255.0
Gateway...........................: 192.168.1.1
Physical address..................: 54-89-98-47-2D-5F
DNS server........................:

PC>ping 192.168.2.1

Ping 192.168.2.1: 32 data bytes, Press Ctrl_C to break
From 192.168.2.1: bytes=32 seq=1 ttl=254 time=32 ms
From 192.168.2.1: bytes=32 seq=2 ttl=254 time=31 ms
From 192.168.2.1: bytes=32 seq=3 ttl=254 time=31 ms
From 192.168.2.1: bytes=32 seq=4 ttl=254 time=31 ms
From 192.168.2.1: bytes=32 seq=5 ttl=254 time=32 ms

--- 192.168.2.1 ping statistics ---
  5 packet(s) transmitted
  5 packet(s) received
  0.00% packet loss
  round-trip min/avg/max = 31/31/32 ms

PC>ping 192.168.3.1

Ping 192.168.3.1: 32 data bytes, Press Ctrl_C to break
From 192.168.3.1: bytes=32 seq=1 ttl=254 time=32 ms
From 192.168.3.1: bytes=32 seq=2 ttl=254 time=15 ms
From 192.168.3.1: bytes=32 seq=3 ttl=254 time=16 ms
From 192.168.3.1: bytes=32 seq=4 ttl=254 time=31 ms
From 192.168.3.1: bytes=32 seq=5 ttl=254 time=15 ms

--- 192.168.3.1 ping statistics ---
  5 packet(s) transmitted
  5 packet(s) received
  0.00% packet loss
  round-trip min/avg/max = 15/21/32 ms