MGRE综合实验

最新推荐文章于 2024-07-19 11:55:53 发布

OoGalxy

最新推荐文章于 2024-07-19 11:55:53 发布

阅读量201

点赞数 2

文章标签：网络协议后端网络

本文链接：https://blog.csdn.net/weixin_53428697/article/details/124064434

版权

注：要求中有串行协议所以用到串口连接，所以需要加串口

要求：

1、R5为ISP，只能进行IP地址配置；其所有地址均配有公有IP地址

2、R1和R5之间使用PPP的PAP认证，R5为主认证方；

R2与R5之间使用PPP的CHAP认证，R5为主认证方；

R3与R5之间使用HDLC封装

3、R1/R2/R3构建一个MGRE环境，R1为中心站点；R1、R4间为点到点的GRE。

4、整个私有网络基于RIP全网可达

5、所有PC设置私有IP为源IP，可以访问R5环回

配置

IP配置 :

【R1】
[r1]int s4/0/0
[r1-Serial4/0/0]ip address 15.0.0.1 24
[r1-Serial4/0/0]int g0/0/0
[r1-GigabitEthernet0/0/0]ip address 192.168.1.1 24

【R2】
[r2]int S4/0/0
[r2-Serial4/0/0]ip address 25.0.0.1 24
[r2-Serial4/0/0]int g0/0/0
[r2-GigabitEthernet0/0/0]ip address 192.168.2.2 24

【R3】
[r3]int s4/0/0
[r3-Serial4/0/0]ip address 35.0.0.1 24
[r3-Serial4/0/0]int g0/0/0	
[r3-GigabitEthernet0/0/0]ip address 192.168.3.3 24

【R4】
[r4]int g0/0/0
[r4-GigabitEthernet0/0/0]ip address 45.0.0.1 24
[r4-GigabitEthernet0/0/0]int g0/0/1
[r4-GigabitEthernet0/0/1]ip address 192.168.4.4 24

【R5】
[r5]int s3/0/0
[r5-Serial3/0/0]ip address 15.0.0.2 24
[r5-Serial3/0/0]int s3/0/1
[r5-Serial3/0/1]ip address 25.0.0.2 24
[r5-Serial3/0/1]int s4/0/0
[r5-Serial4/0/0]ip address 35.0.0.2 24
[r5-Serial4/0/0]int g0/0/0
[r5-GigabitEthernet0/0/0]ip address 45.0.0.2 24
[r5]int l0
[r5-LoopBack0]ip address 5.5.5.5 24

路由：

【缺省配置】
[r1]ip route-static 0.0.0.0 0 15.0.0.2

[r2]ip route-static 0.0.0.0 0 25.0.0.2

[r3]ip route-static 0.0.0.0 0 35.0.0.2

[r4]ip route-static 0.0.0.0 0 45.0.0.2

认证：

【华为默认认证为ppp】

【R1和R5之间pap认证】
【认证方】
[r5]aaa
[r5-aaa]local-user admin password cipher 123456
[r5-aaa]local-user admin service-type ppp

[r5-aaa]int s3/0/0
[r5-Serial3/0/0]ppp authentication-mode  pap

【被认证方】
[r1]int s4/0/0
[r1-Serial4/0/0]ppp pap local-user admin password cipher 123456

【验证】
[r1-Serial4/0/0]shutdown
[r1-Serial4/0/0]undo shutdown
[r1-Serial4/0/0]ping 15.0.0.2
  PING 15.0.0.2: 56  data bytes, press CTRL_C to break
    Reply from 15.0.0.2: bytes=56 Sequence=1 ttl=255 time=140 ms
    Reply from 15.0.0.2: bytes=56 Sequence=2 ttl=255 time=20 ms
    Reply from 15.0.0.2: bytes=56 Sequence=3 ttl=255 time=30 ms
    Reply from 15.0.0.2: bytes=56 Sequence=4 ttl=255 time=30 ms
    Reply from 15.0.0.2: bytes=56 Sequence=5 ttl=255 time=20 ms

【R2和R5之间chap认证】
【主认证】
[r5]int s3/0/1
[r5-Serial3/0/1]ppp authentication-mode chap

【被认证】
[r2]int s4/0/0
[r2-Serial4/0/0]ppp chap ?
  password  Specify user password 【注意这里提示后面跟两行】
  user      Specify user name 
[r2-Serial4/0/0]ppp chap user admin
[r2-Serial4/0/0]ppp chap password cipher 123456
【验证同上】

【R3和R5之间使用hdlc封装】
[r3]int s4/0/0
[r3-Serial4/0/0]link-protocol ?
  fr    Select FR as line protocol
  hdlc  Enable HDLC protocol
  lapb  LAPB(X.25 level 2 protocol)
  ppp   Point-to-Point protocol 
  sdlc  SDLC(Synchronous Data Line Control) protocol 
  x25   X.25 protocol
[r3-Serial4/0/0]link-protocol hdlc
Warning: The encapsulation protocol of the link will be changed. Continue? [Y/N]
:y
【验证R3这边的口封装协议】
[r3]display interface Serial4/0/0
Serial4/0/0 current state : UP
Line protocol current state : DOWN
Description:HUAWEI, AR Series, Serial4/0/0 Interface
Route Port,The Maximum Transmit Unit is 1500, Hold timer is 10(sec)
Internet Address is 35.0.0.1/24
Link layer protocol is nonstandard HDLC    【在这】
Last physical up time   : 2022-04-09 19:02:44 UTC-08:00
Last physical down time : 2022-04-09 19:02:43 UTC-08:00
Current system time: 2022-04-09 19:12:22-08:00
Physical layer is synchronous, Virtualbaudrate is 64000 bps
Interface is DTE, Cable type is V11, Clock mode is TC
Last 300 seconds input rate 5 bytes/sec 40 bits/sec 0 packets/sec
Last 300 seconds output rate 2 bytes/sec 16 bits/sec 0 packets/sec

Input: 1042 packets, 33792 bytes
  Broadcast:              0,  Multicast:              0
  Errors:                 0,  Runts:                  0
  Giants:                 0,  CRC:                    0

  Alignments:             0,  Overruns:               0
  Dribbles:               0,  Aborts:                 0
  No Buffers:             0,  Frame Error:            0

Output: 1025 packets, 12902 bytes


【R5】
[r5]int s4/0/0

[r5-Serial4/0/0]link-protocol hdlc
Warning: The encapsulation protocol of the link will be changed. Continue? [Y/N]
:y
【验证】
[r5-Serial4/0/0]ping 35.0.0.1
  PING 35.0.0.1: 56  data bytes, press CTRL_C to break
    Reply from 35.0.0.1: bytes=56 Sequence=1 ttl=255 time=250 ms
    Reply from 35.0.0.1: bytes=56 Sequence=2 ttl=255 time=50 ms
    Reply from 35.0.0.1: bytes=56 Sequence=3 ttl=255 time=40 ms
    Reply from 35.0.0.1: bytes=56 Sequence=4 ttl=255 time=30 ms
    Reply from 35.0.0.1: bytes=56 Sequence=5 ttl=255 time=50 ms

3、R1/R2/R3构建一个MGRE环境，R1为中心站点；

[r1]int t0/0/0
[r1-Tunnel0/0/0]ip address 192.168.5.1 24
[r1-Tunnel0/0/0]tunnel-protocol gre p2mp 【选择封装类型】
[r1-Tunnel0/0/0]source 15.0.0.1【中心ip】
[r1-Tunnel0/0/0]nhrp network-id 100	
[r1-Tunnel0/0/0]nhrp entry multicast dynamic 【伪广播】

[r2]int t0/0/0
[r2-Tunnel0/0/0]ip address 192.168.5.2 24
[r2-Tunnel0/0/0]tunnel-protocol gre p2mp 
[r2-Tunnel0/0/0]source s4/0/0
[r2-Tunnel0/0/0]nhrp network-id 100
[r2-Tunnel0/0/0]nhrp entry 192.168.5.1 15.0.0.1 register

[r3]int t0/0/0
[r3-Tunnel0/0/0]ip address 192.168.5.3 24
[r3-Tunnel0/0/0]tunnel-protocol gre p2mp 
[r3-Tunnel0/0/0]source s4/0/0
[r3-Tunnel0/0/0]nhrp network-id 100
[r3-Tunnel0/0/0]nhrp entry 192.168.5.1 15.0.0.1 register

【验证】
[r1]display nhrp peer all
------------------------------------------------------------------------------- 
Protocol-addr   Mask  NBMA-addr       NextHop-addr    Type         Flag         
------------------------------------------------------------------------------- 
192.168.5.2     32    25.0.0.1        192.168.5.2     dynamic      route tunnel 
------------------------------------------------------------------------------- 
Tunnel interface: Tunnel0/0/0
Created time    : 00:22:42
Expire time     : 01:37:18
------------------------------------------------------------------------------- 
Protocol-addr   Mask  NBMA-addr       NextHop-addr    Type         Flag         
------------------------------------------------------------------------------- 
192.168.5.3     32    35.0.0.1        192.168.5.3     dynamic      route tunnel 
------------------------------------------------------------------------------- 
Tunnel interface: Tunnel0/0/0
Created time    : 00:01:16
Expire time     : 01:58:44

Number of nhrp peers: 2

R1、R4间为点到点的GRE。

[r1]int t0/0/1
[r1-Tunnel0/0/1]ip address 192.168.6.1 24
[r1-Tunnel0/0/1]tunnel-protocol gre 
[r1-Tunnel0/0/1]source 15.0.0.1
[r1-Tunnel0/0/1]description 45.0.0.1

[r4]int t0/0/0
[r4-Tunnel0/0/0]ip address 192.168.6.2 24
[r4-Tunnel0/0/0]tunnel-protocol gre 
[r4-Tunnel0/0/0]source 45.0.0.1
[r4-Tunnel0/0/0]description 15.0.0.1

【复习】：现在还通不了，要写条静态，目标IP写刚刚配好的虚的就行

4、整个私有网络基于RIP全网可达

【全宣告即可】
[r1]rip
[r1-rip-1]v 2
[r1-rip-1]network 192.168.1.0
[r1-rip-1]network 192.168.5.0
[r1-rip-1]network 192.168.6.0

【要注意rip的水平分割,这里关掉】
[r1-tunnel0/0/0]undo rip split-horizon

5、所有PC设置私有IP为源IP，可以访问R5环回

[r1]acl 2000
[r1-acl-basic-2000]rule permit source 192.168.1.0 0.0.0.255
[r1-acl-basic-2000]q
[r1]int s4/0/0
[r1-Serial4/0/0]nat outbound 2000

OoGalxy

关注

2
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
MGRE综合实验

注：要求中有串行协议所以用到串口连接，所以需要加串口要求：1、R5为ISP，只能进行IP地址配置；其所有地址均配有公有IP地址2、R1和R5之间使用PPP的PAP认证，R5为主认证方；R2与R5之间使用PPP的CHAP认证，R5为主认证方；R3与R5之间使用HDLC封装3、R1/R2/R3构建一个MGRE环境，R1为中心站点；R1、R4间为点到点的GRE。4、整个私有网络基于RIP全网可达5、所有PC设置私有IP为源IP，可以访问R5...
复制链接

扫一扫