今天的实验内容为多层MGRE的实验操作
实验拓扑如下
实验要求:R4、R5为公网网段;以R1为中心站点;R2和R3为分支站点;R2,R3向R1注册;R6、R7为分支站点,R2为R6、R7的中心站点,R3为R8、R9的中心站点;R8、R9为分支站点。R10为用户,通过在R9上配置NAT去公网上进行上网行为。
配置如下:
R1
interface GigabitEthernet0/0/0
ip address 10.1.14.1 255.255.255.0
interface LoopBack0
ip address 1.1.1.1 255.255.255.0
#
interface Tunnel0/0/0
ip address 192.168.1.1 255.255.255.0
tunnel-protocol gre p2mp
source GigabitEthernet0/0/0
ospf network-type p2mp
nhrp redirect
nhrp entry multicast dynamic
nhrp network-id 1
#
ospf 1
area 0.0.0.0
network 1.1.1.1 0.0.0.0
network 192.168.1.1 0.0.0.0
#
ip route-static 0.0.0.0 0.0.0.0 10.1.14.2
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
R2
interface GigabitEthernet0/0/0
ip address 10.1.24.1 255.255.255.0
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
ip address 2.2.2.2 255.255.255.0
#
interface Tunnel0/0/0
ip address 192.168.1.2 255.255.255.0
tunnel-protocol gre p2mp
source GigabitEthernet0/0/0
ospf network-type p2mp
ospf dr-priority 0
nhrp redirect
nhrp shortcut
nhrp entry multicast dynamic
nhrp network-id 1
nhrp entry 192.168.1.1 10.1.14.1 register
#
ospf 1
area 0.0.0.0
network 2.2.2.2 0.0.0.0
network 192.168.1.2 0.0.0.0
#
ip route-static 0.0.0.0 0.0.0.0 10.1.24.2
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
R3
#
interface GigabitEthernet0/0/0
ip address 10.1.34.1 255.255.255.0
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
ip address 3.3.3.3 255.255.255.0
#
interface Tunnel0/0/0
ip address 192.168.1.3 255.255.255.0
tunnel-protocol gre p2mp
source GigabitEthernet0/0/0
ospf network-type p2mp
ospf dr-priority 0
nhrp redirect
nhrp shortcut
nhrp entry multicast dynamic
nhrp network-id 1
nhrp entry 192.168.1.1 10.1.14.1 register
#
ospf 1
area 0.0.0.0
network 3.3.3.3 0.0.0.0
network 192.168.1.3 0.0.0.0
#
ip route-static 0.0.0.0 0.0.0.0 10.1.34.2
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
R4
#
interface GigabitEthernet0/0/0
ip address 10.1.14.2 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 10.1.24.2 255.255.255.0
#
interface GigabitEthernet0/0/2
ip address 10.1.34.2 255.255.255.0
#
interface GigabitEthernet4/0/0
ip address 10.1.45.1 255.255.255.0
#
interface GigabitEthernet4/0/1
#
interface GigabitEthernet4/0/2
#
interface GigabitEthernet4/0/3
#
interface NULL0
#
interface LoopBack0
ip address 4.4.4.4 255.255.255.0
#
ospf 1
area 0.0.0.0
network 0.0.0.0 255.255.255.255
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
R5
#
interface GigabitEthernet0/0/0
ip address 10.1.45.2 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 10.1.56.2 255.255.255.0
#
interface GigabitEthernet0/0/2
ip address 10.1.57.2 255.255.255.0
#
interface GigabitEthernet4/0/0
ip address 10.1.58.2 255.255.255.0
#
interface GigabitEthernet4/0/1
ip address 10.1.59.2 255.255.255.0
#
interface GigabitEthernet4/0/2
#
interface GigabitEthernet4/0/3
#
interface NULL0
#
interface LoopBack0
ip address 5.5.5.5 255.255.255.0
#
ospf 1
area 0.0.0.0
network 0.0.0.0 255.255.255.255
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
R6
#
interface GigabitEthernet0/0/0
ip address 10.1.56.1 255.255.255.0
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
ip address 6.6.6.6 255.255.255.0
#
interface LoopBack9
#
interface Tunnel0/0/0
ip address 192.168.1.6 255.255.255.0
tunnel-protocol gre p2mp
source GigabitEthernet0/0/0
ospf network-type p2mp
nhrp shortcut
nhrp network-id 1
nhrp entry 192.168.1.2 10.1.24.1 register
#
ospf 1
area 0.0.0.0
network 6.6.6.6 0.0.0.0
network 192.168.1.6 0.0.0.0
#
ip route-static 0.0.0.0 0.0.0.0 10.1.56.2
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
R7
#
interface GigabitEthernet0/0/0
ip address 10.1.57.1 255.255.255.0
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
ip address 7.7.7.7 255.255.255.0
#
interface Tunnel0/0/0
ip address 192.168.1.7 255.255.255.0
tunnel-protocol gre p2mp
source GigabitEthernet0/0/0
ospf network-type p2mp
nhrp shortcut
nhrp network-id 1
nhrp entry 192.168.1.2 10.1.24.1 register
#
ospf 1
area 0.0.0.0
network 7.7.7.7 0.0.0.0
network 192.168.1.7 0.0.0.0
#
ip route-static 0.0.0.0 0.0.0.0 10.1.57.2
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
R8
#
interface GigabitEthernet0/0/0
ip address 10.1.58.1 255.255.255.0
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
ip address 8.8.8.8 255.255.255.0
#
interface Tunnel0/0/0
ip address 192.168.1.8 255.255.255.0
tunnel-protocol gre p2mp
source GigabitEthernet0/0/0
ospf network-type p2mp
nhrp shortcut
nhrp network-id 1
nhrp entry 192.168.1.3 10.1.34.1 register
#
ospf 1
area 0.0.0.0
network 8.8.8.8 0.0.0.0
network 192.168.1.8 0.0.0.0
#
ip route-static 0.0.0.0 0.0.0.0 10.1.58.2
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
R9
#
acl number 2000
rule 5 permit
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
firewall zone Local
priority 15
#
interface GigabitEthernet0/0/0
ip address 10.1.59.1 255.255.255.0
nat outbound 2000
#
interface GigabitEthernet0/0/1
ip address 172.168.1.2 255.255.255.0
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
ip address 9.9.9.9 255.255.255.0
#
interface Tunnel0/0/0
ip address 192.168.1.9 255.255.255.0
tunnel-protocol gre p2mp
source GigabitEthernet0/0/0
ospf network-type p2mp
nhrp shortcut
nhrp network-id 1
nhrp entry 192.168.1.3 10.1.34.1 register
#
ospf 1
area 0.0.0.0
network 9.9.9.9 0.0.0.0
network 192.168.1.9 0.0.0.0
#
ip route-static 0.0.0.0 0.0.0.0 10.1.59.2
ip route-static 172.0.0.0 255.0.0.0 172.168.1.1
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
R10
#
interface GigabitEthernet0/0/0
ip address 172.168.1.1 255.255.255.0
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
interface LoopBack0
ip address 172.168.2.1 255.255.255.0
#
interface Tunnel0/0/0
ip address 192.168.1.10 255.255.255.0
tunnel-protocol gre p2mp
source GigabitEthernet0/0/0
ospf network-type p2mp
nhrp shortcut
nhrp network-id 1
nhrp entry 192.168.1.3 10.1.34.1 register
#
ospf 1
area 0.0.0.0
network 172.168.2.1 0.0.0.0
network 192.168.1.10 0.0.0.0
#
ip route-static 0.0.0.0 0.0.0.0 172.168.1.2
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
以上为本次实验的所有命令