试验TOP:
Liunx系统
1、检查是否加载ip_gre模块
lsmod|grep ip_gre
如没有,请加载ip_gre
insmod/lib/modules/2.6.18-194.3.1.el5/kernel/net/ipv4/ip_gre.ko
2.新增tunnel, 命名为tunnel0
[root@localhost ~]# ip tunnel add tunnel0 mode gre remote192.168.1.1 local 172.16.1.254 ttl 255
3.激活新增tunnel0,
[root@localhost ~]# ip link set tunnel0 up mtu 1500
4.添加tunnel0 IP.
[root@localhost ~]# ip addr add 10.100.2.2/30 peer 10.100.2.1/30dev tunnel0
5.添加从tunnel0 走的路由
[root@localhost ~]# ip route add 10.10.34.0/24 dev tunnel0
6.验证
[root@localhost ~]# ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet127.0.0.1/8 scope host lo
inet10.0.0.254/32 scope global lo
inet6::1/128 scope host
valid_lft forever preferred_lft forever
2: eth1:<BROADCAST,MULTICAST,UP,LOWER_UP> mtu1500 qdisc pfifo_fast qlen 1000
link/ether 00:d0:b7:2e:8f:21 brd ff:ff:ff:ff:ff:ff
inet192.168.0.1/24 brd 192.168.0.255 scope global eth1
inet6fe80::2d0:b7ff:fe2e:8f21/64 scope link
valid_lft forever preferred_lft forever
3: eth0:<BROADCAST,MULTICAST,UP,LOWER_UP> mtu1500 qdisc pfifo_fast qlen 1000
link/ether 00:17:31:09:6e:ec brd ff:ff:ff:ff:ff:ff
inet172.16.1.254/24 brd 172.16.1.255 scope global eth0
inet6fe80::217:31ff:fe09:6eec/64 scope link
valid_lft forever preferred_lft forever
4: sit0: <NOARP> mtu 1480 qdiscnoop
link/sit0.0.0.0 brd 0.0.0.0
5: virbr0:<BROADCAST,MULTICAST,UP,LOWER_UP> mtu1500 qdisc noqueue
link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
inet192.168.122.1/24 brd 192.168.122.255 scope global virbr0
inet6fe80::200:ff:fe00:0/64 scope link
valid_lft forever preferred_lft forever
6: tunl0: <NOARP> mtu 1480 qdiscnoop
link/ipip0.0.0.0 brd 0.0.0.0
7: gre0: <NOARP> mtu 1476 qdiscnoop
link/gre0.0.0.0 brd 0.0.0.0
8: tunnel0@NONE:<POINTOPOINT,NOARP,UP,LOWER_UP> mtu1500 qdisc noqueue
link/gre172.16.1.254 peer 192.168.1.1
inet 10.100.2.2 peer 10.100.2.1/30 scope global tunnel0
[root@localhost ~]# ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth1:<BROADCAST,MULTICAST,UP,LOWER_UP> mtu1500 qdisc pfifo_fast qlen 1000
link/ether 00:d0:b7:2e:8f:21 brd ff:ff:ff:ff:ff:ff
3: eth0:<BROADCAST,MULTICAST,UP,LOWER_UP> mtu1500 qdisc pfifo_fast qlen 1000
link/ether 00:17:31:09:6e:ec brd ff:ff:ff:ff:ff:ff
4: sit0: <NOARP> mtu 1480 qdiscnoop
link/sit0.0.0.0 brd 0.0.0.0
5: virbr0:<BROADCAST,MULTICAST,UP,LOWER_UP> mtu1500 qdisc noqueue
link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
6: tunl0: <NOARP> mtu 1480 qdiscnoop
link/ipip0.0.0.0 brd 0.0.0.0
7: gre0: <NOARP> mtu 1476 qdiscnoop
link/gre0.0.0.0 brd 0.0.0.0
8: tunnel0@NONE:<POINTOPOINT,NOARP,UP,LOWER_UP> mtu1500 qdisc noqueue
link/gre172.16.1.254 peer 192.168.1.1
[root@localhost ~]# ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth1:<BROADCAST,MULTICAST,UP,LOWER_UP> mtu1500 qdisc pfifo_fast qlen 1000
link/ether 00:d0:b7:2e:8f:21 brd ff:ff:ff:ff:ff:ff
3: eth0:<BROADCAST,MULTICAST,UP,LOWER_UP> mtu1500 qdisc pfifo_fast qlen 1000
link/ether 00:17:31:09:6e:ec brd ff:ff:ff:ff:ff:ff
4: sit0: <NOARP> mtu 1480 qdiscnoop
link/sit0.0.0.0 brd 0.0.0.0
5: virbr0:<BROADCAST,MULTICAST,UP,LOWER_UP> mtu1500 qdisc noqueue
link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
6: tunl0: <NOARP> mtu 1480 qdiscnoop
link/ipip0.0.0.0 brd 0.0.0.0
7: gre0: <NOARP> mtu 1476 qdiscnoop
link/gre0.0.0.0 brd 0.0.0.0
8: tunnel0@NONE:<POINTOPOINT,NOARP,UP,LOWER_UP> mtu1500 qdisc noqueue
link/gre172.16.1.254 peer 192.168.1.1
[root@localhost ~]# ip tunnel show
sit0: ipv6/ip remote any local any ttl 64 nopmtudisc
tunl0: ip/ip remote any local any ttl inherit nopmtudisc
gre0: gre/ip remote any local any ttl inherit nopmtudisc
tunnel0: gre/ip remote192.168.1.1 local 172.16.1.254 ttl 255
[root@localhost ~]# ip route show
10.10.34.0/24 dev tunnel0 scope link
192.168.0.0/24 dev eth1 protokernel scope link src192.168.0.1
172.16.1.0/24 dev eth0 protokernel scope link src172.16.1.254
192.168.122.0/24 dev virbr0 protokernel scope link src192.168.122.1
[root@localhost ~]# ping 10.10.34.1
PING 10.10.34.1 (10.10.34.1) 56(84) bytes of data.
64 bytes from 10.10.34.1: icmp_seq=1 ttl=255 time=6.31 ms
64 bytes from 10.10.34.1: icmp_seq=2 ttl=255 time=2.47 ms
64 bytes from 10.10.34.1: icmp_seq=3 ttl=255 time=12.4 ms
64 bytes from 10.10.34.1: icmp_seq=4 ttl=255 time=11.6 ms
64 bytes from 10.10.34.1: icmp_seq=5 ttl=255 time=12.5 ms
--- 10.10.34.1 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time4002ms
rtt min/avg/max/mdev = 2.477/9.102/12.578/4.045 ms
Cisco
Router-11#sh run int tunnel 1
Building configuration...
Current configuration : 148 bytes
!
interface Tunnel1
ip address 10.100.2.1 255.255.255.252
ip tcp adjust-mss 1400
tunnel source 192.168.1.1
tunnel destination 172.16.1.254
end
ip route 192.168.0.0 255.255.255.0 Tunnel1
Router-11# traceroute 192.168.0.2
Type escape sequence to abort.
Tracing the route to ip-2-0-168-192.xxxx.com (192.168.0.2)
1 10.100.2.2 [AS 65100] 0 msec
ns1.xxxx.com (172.16.1.254) [AS 65100] 0 msec *
可能会遇到MTU问题。需要调整MTU,MSS参数
转载于:https://blog.51cto.com/kalng/1332233
扫一扫
1万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
