目录
实验要求
1.IP地址的规划
AR1和AR4之间GE0/0/1接口的网段为11.1.1.0/24
AR1和AR4之间GE0/0/2接口的网段为12.1.1.0/24 AR1和PC1之间的网段为192.168.1.0/24
AR2和AR4之间的网段为13.1.1.0/24 AR2和PC2之间的网段为192.168.2.0/24
AR3和AR4之间的网段为14.1.1.0/24 AR3和PC3之间的网段为192.168.3.0/24
AR5和AR4之间的网段为15.1.1.0/24 AR5和PC4之间的网段为192.168.4.0/24
AR6和AR4之间的网段为16.1.1.0/24 AR6和PC5之间的网段为192.168.5.0/24
AR2的环回地址网段为1.1.1.0/24
AR1-2-3构建的星形结构的MGRE的网段为10.1.1.0/24
AR1-5-6构建的全连网状结构的MGRE的网段为10.2.2.0/24
2.拓扑结构的搭建
3.IP地址的配置
AR1:
[r1]interface g0/0/0
[r1-GigabitEthernet0/0/0]ip address 192.168.1.1 24
[r1-GigabitEthernet0/0/0]interface g0/0/1
[r1-GigabitEthernet0/0/1]ip address 11.1.1.1 24
[r1-GigabitEthernet0/0/1]interface g0/0/2
[r1-GigabitEthernet0/0/2]ip address 12.1.1.1 24
AR2:
[r2]interface g0/0/0
[r2-GigabitEthernet0/0/0]ip address 192.168.2.1 24
[r2-GigabitEthernet0/0/0]interface g0/0/2
[r2-GigabitEthernet0/0/2]ip address 13.1.1.1 24
AR3:
[r3]interface g0/0/0
[r3-GigabitEthernet0/0/0]ip address 192.168.3.1 24
[r3-GigabitEthernet0/0/0]interface g0/0/2
[r3-GigabitEthernet0/0/2]ip address 14.1.1.1 24
AR4:
[ISP]interface g0/0/0
[ISP-GigabitEthernet0/0/0]ip address 12.1.1.2 24
[ISP-GigabitEthernet0/0/0]interface g0/0/1
[ISP-GigabitEthernet0/0/1]ip address 13.1.1.2 24
[ISP-GigabitEthernet0/0/1]interface g0/0/2
[ISP-GigabitEthernet0/0/2]ip address 14.1.1.2 24
[ISP-GigabitEthernet0/0/2]interface g2/0/0
[ISP-GigabitEthernet2/0/0]ip address 11.1.1.2 24
[ISP-GigabitEthernet2/0/0]interface g3/0/0
[ISP-GigabitEthernet3/0/0]ip address 15.1.1.2 24
[ISP-GigabitEthernet3/0/0]interface g4/0/0
[ISP-GigabitEthernet4/0/0]ip address 16.1.1.2 24
[ISP-GigabitEthernet4/0/0]q
[ISP]interface LoopBack 0
[ISP-LoopBack0]ip address 1.1.1.1 24
AR5:
[r5]interface g0/0/0
[r5-GigabitEthernet0/0/0]ip address 192.168.4.1 24
[r5-GigabitEthernet0/0/0]interface g0/0/2
[r5-GigabitEthernet0/0/2]ip address 15.1.1.1 24
AR6:
[r6]interface g0/0/0
[r6-GigabitEthernet0/0/0]ip address 192.168.5.1 24
[r6-GigabitEthernet0/0/0]interface g0/0/2
[r6-GigabitEthernet0/0/2]ip address 16.1.1.1 24
4.实现私有网络和公有网络的互通
AR1:
[r1]ip route-static 0.0.0.0 0 11.1.1.2
[r1]ip route-static 0.0.0.0 0 12.1.1.2
[r1]acl 2000
[r1-acl-basic-2000]rule 1 permit source any
[r1-acl-basic-2000]q
[r1]interface g0/0/2
[r1-GigabitEthernet0/0/2]nat outbound 2000
[r1-GigabitEthernet0/0/2]q
[r1]interface g0/0/1
[r1-GigabitEthernet0/0/1]nat outbound 2000
[r1-GigabitEthernet0/0/1]q
AR2:
[r2]ip route-static 0.0.0.0 0 13.1.1.2
[r2]acl 2000
[r2-acl-basic-2000]rule 1 permit source any
[r2-acl-basic-2000]q
[r2]interface g0/0/2
[r2-GigabitEthernet0/0/2]nat outbound 2000
[r2-GigabitEthernet0/0/2]
AR3:
[r3]ip route-static 0.0.0.0 0 14.1.1.2
[r3]acl 2000
[r3-acl-basic-2000]rule 1 permit source any
[r3-acl-basic-2000]q
[r3]interface g0/0/2
[r3-GigabitEthernet0/0/2]nat outbound 2000
[r3-GigabitEthernet0/0/2]
AR5:
[r5]ip route-static 0.0.0.0 0 15.1.1.2
[r5]acl 2000
[r5-acl-basic-2000]rule 1 permit source any
[r5-acl-basic-2000]q
[r5]interface g0/0/2
[r5-GigabitEthernet0/0/2]nat outbound 2000
[r5-GigabitEthernet0/0/2]
AR6:
[r6]ip route-static 0.0.0.0 0 16.1.1.2
[r6]acl 2000
[r6-acl-basic-2000]rule 1 permit source any
[r6-acl-basic-2000]q
[r6]interface g0/0/2
[r6-GigabitEthernet0/0/2]nat outbound 2000
[r6-GigabitEthernet0/0/2]
测试(以PC1举例):
PC1pingISP的环回
5.构建R1-2-3的星形结构的MGRE网络
AR1为中心站点
[r1]interface Tunnel 0/0/0
[r1-Tunnel0/0/0ip address 10.1.1.1 255.255.255.0
[r1-Tunnel0/0/0tunnel-protocol gre p2mp
[r1-Tunnel0/0/0source 11.1.1.1
[r1-Tunnel0/0/0]nhrp entry multicast dynamic
[r1-Tunnel0/0/0]nhrp network-id 100
AR2和AR3
[r2]interface Tunnel 0/0/0
[r2-Tunnel0/0/0]ip address 10.1.1.2 24
[r2-Tunnel0/0/0]tunnel-protocol gre p2mp
[r2-Tunnel0/0/0]source g0/0/2
[r2-Tunnel0/0/0]nhrp entry 10.1.1.1 11.1.1.1 register
[r2-Tunnel0/0/0]nhrp network-id 100
[r3]interface Tunnel 0/0/0
[r3-Tunnel0/0/0]ip address 10.1.1.3 24
[r3-Tunnel0/0/0]tunnel-protocol gre p2mp
[r3-Tunnel0/0/0]source g0/0/2
[r3-Tunnel0/0/0]nhrp entry 10.1.1.1 11.1.1.1 register
[r3-Tunnel0/0/0]nhrp network-id 100
6.构建R1-5-6的全连网状结构的MGRE网络
AR1和AR5为中心站点
[r1]interface Tunnel 0/0/1
[r1-Tunnel0/0/1]ip address 10.2.2.1 24
[r1-Tunnel0/0/1]tunnel-protocol gre p2mp
[r1-Tunnel0/0/1]source 12.1.1.1
[r1-Tunnel0/0/1]nhrp entry multicast dynamic
[r1-Tunnel0/0/1]nhrp network-id 120
[r1-Tunnel0/0/1]nhrp entry 10.2.2.2 15.1.1.1 register
[r5]interface Tunnel 0/0/1
[r5-Tunnel0/0/1]ip address 10.2.2.2 24
[r5-Tunnel0/0/1]tunnel-protocol gre p2mp
[r5-Tunnel0/0/1]source 15.1.1.1
[r5-Tunnel0/0/1]nhrp entry multicast dynamic
[r5-Tunnel0/0/1]nhrp network-id 120
[r5-Tunnel0/0/1]nhrp entry 10.2.2.1 12.1.1.1 register
AR6
[r6]interface Tunnel 0/0/1
[r6-Tunnel0/0/1]ip address 10.2.2.3 24
[r6-Tunnel0/0/1]tunnel-protocol gre p2mp
[r6-Tunnel0/0/1]source g0/0/2
[r6-Tunnel0/0/1]nhrp entry 10.2.2.1 12.1.1.1 register
[r6-Tunnel0/0/1]nhrp entry 10.2.2.2 15.1.1.1 register
[r6-Tunnel0/0/1]nhrp network-id 120
7.使用OSPF实现私有网络的互通
AR1:
[r1]ospf 1 router-id 1.1.1.1
[r1-ospf-1]area 0
[r1-ospf-1-area-0.0.0.0]network 192.168.1.0 0.0.0.255
[r1-ospf-1-area-0.0.0.0]network 10.1.1.0 0.0.0.255
[r1-ospf-1-area-0.0.0.0]network 10.2.2.0 0.0.0.255
AR2:
[r2]ospf 1 router-id 2.2.2.2
[r2-ospf-1]area 0
[r2-ospf-1-area-0.0.0.0]network 192.168.2.0 0.0.0.255
[r2-ospf-1-area-0.0.0.0]network 10.1.1.0 0.0.0.255
AR3:
[r3]ospf 1 router-id 3.3.3.3
[r3-ospf-1]area 0
[r3-ospf-1-area-0.0.0.0]network 192.168.3.0 0.0.0.255
[r3-ospf-1-area-0.0.0.0]network 10.1.1.0 0.0.0.255
AR5:
[r5]ospf 1 router-id 5.5.5.5
[r5-ospf-1]area 0
[r5-ospf-1-area-0.0.0.0]net
[r5-ospf-1-area-0.0.0.0]network 192.168.4.0 0.0.0.255
[r5-ospf-1-area-0.0.0.0]network 10.2.2.0 0.0.0.255
AR6:
[r6]ospf 1 router-id 6.6.6.6
[r6-ospf-1]area 0
[r6-ospf-1-area-0.0.0.0]network 192.168.5.0 0.0.0.255
[r6-ospf-1-area-0.0.0.0]network 10.2.2.0 0.0.0.255
在R1、R5、R5上更改类型
[r1]interface Tunnel 0/0/1
[r1-Tunnel0/0/1]ospf network-type broadcast
[r5]interface Tunnel 0/0/1
[r5-Tunnel0/0/1]ospf network-type broadcast
[r6]interface Tunnel 0/0/1
[r6-Tunnel0/0/1]ospf network-type broadcast
在R2和R3上取消竞争选举DR和BDR
[r2]interface Tunnel 0/0/0
[r2-Tunnel0/0/0]ospf dr-priority 0
[r3]interface Tunnel 0/0/0
[r3-Tunnel0/0/0]ospf dr-priority 0
8.测试
PC1pingPC2、PC3、PC4、PC5