HCIP--静态路由综合实验

最新推荐文章于 2024-08-16 21:49:01 发布

zhang.504

最新推荐文章于 2024-08-16 21:49:01 发布

阅读量931

点赞数 10

文章标签：服务器运维网络

本文链接：https://blog.csdn.net/weixin_65476290/article/details/139748896

版权

RIP图：

1.R2为ISP，其上只能配置IP地址

2.R1-R2之间为HDLC封装

3.R2-R3之间为PPP封装，pap认证，R2为主认证方

4.R2-R4之间为PPP封装，chap认证，R2为主认证方

5.R1、R2、R3构建MGRE环境，仅R1IP地址固定

6.内网使用RIP获职路由，所有Pc可以互相访问，并且可访问R2的环回

R1：

[Huawei]sysname r1	
[r1]interface s4/0/0
[r1-Serial4/0/0]inter	
[r1-Serial4/0/0]ip address 12.1.1.1 24
[r1-Serial4/0/0]q
[r1]interface g0/0/0
[r1-GigabitEthernet0/0/0]ip address 192.168.1.1 24
Jun 18 2024 13:24:15-08:00 r1 %%01IFNET/4/LINK_STATE(l)[4]:The line protocol PPP
 IPCP on the interface Serial4/0/0 has entered the UP state. 
[r1]ip route-static 0.0.0.0 0 12.1.1.2
	
[r1]interface s4/0/0
[r1-Serial4/0/0]link-protocol hdlc
Warning: The encapsulation protocol of the link will be changed. Continue? [Y/N]:y


[r1]interface Tunnel 0/0/0
[r1-Tunnel0/0/0]ip address 192.168.4.1 24	
[r1-Tunnel0/0/0]tunnel-protocol gre p2mp 
[r1-Tunnel0/0/0]source 12.1.1.1 
Jun 18 2024 14:00:16-08:00 r1 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP 
on the interface Tunnel0/0/0 has entered the UP state. 	
[r1-Tunnel0/0/0]nhrp entry multicast dynamic 	
[r1-Tunnel0/0/0]nhrp network-id 100
[r1-Tunnel0/0/0]

<r1>display nhrp peer all 
------------------------------------------------------------------------------- 
Protocol-addr   Mask  NBMA-addr       NextHop-addr    Type         Flag         
------------------------------------------------------------------------------- 
192.168.4.2     32    23.1.1.1        192.168.4.2     dynamic      route tunnel 
------------------------------------------------------------------------------- 
Tunnel interface: Tunnel0/0/0
Created time    : 00:25:31
Expire time     : 01:34:29
------------------------------------------------------------------------------- 
Protocol-addr   Mask  NBMA-addr       NextHop-addr    Type         Flag         
------------------------------------------------------------------------------- 
192.168.4.3     32    24.1.1.1        192.168.4.3     dynamic      route tunnel 
------------------------------------------------------------------------------- 
Tunnel interface: Tunnel0/0/0
Created time    : 00:24:57
Expire time     : 01:35:03

Number of nhrp peers: 2

[r1]rip
[r1-rip-1]ver 2
[r1-rip-1]network 192.168.4.0
[r1-rip-1]network 192.168.1.0

PC1上网

[r1]acl 2000	
[r1-acl-basic-2000]rule permit source 192.168.1.0 0.0.0.255

[r1]interface s4/0/0
[r1-Serial4/0/0]nat outbound 2000
[r1-Serial4/0/0]q
[r1]ping 2.2.2.2
  PING 2.2.2.2: 56  data bytes, press CTRL_C to break
    Reply from 2.2.2.2: bytes=56 Sequence=1 ttl=255 time=20 ms
    Reply from 2.2.2.2: bytes=56 Sequence=2 ttl=255 time=20 ms
    Reply from 2.2.2.2: bytes=56 Sequence=3 ttl=255 time=20 ms
    Reply from 2.2.2.2: bytes=56 Sequence=4 ttl=255 time=20 ms
    Reply from 2.2.2.2: bytes=56 Sequence=5 ttl=255 time=40 ms

  --- 2.2.2.2 ping statistics ---
    5 packet(s) transmitted
    5 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 20/24/40 ms

【3】GRE -- 通用路由封装 --- 标准简单的VPN技术；属于虚拟的点到点网络类型
VPN：虚拟专用网络 --- 通过虚拟手段，将两个独立网络，穿越中间一个公共网络进行互联，模拟出点到点专线的效果；

[r1]interface Tunnel 0/0/0 创建隧道接口

[r1-Tunnel0/0/0]ip address 192.168.3.1 24 配置ip

[r1-Tunnel0/0/0]tunnel-protocol gre 定义该接口转发流量时需要GRE封装

GRE实则在源IPV4报头前方再封装一个IPV4报头，必须定义封装报头的中源目ip地址

[r1-Tunnel0/0/0]source 12.1.1.1

[r1-Tunnel0/0/0]destination 23.1.1.2

NBMA：NBMA--非广播型多路访问
【1】MGRE --- 多点GRE GRE的一种扩展配置；归类于虚拟的NBMA网络

所有节点存在同一个MA网段；且为中心到站点结构；该结构中，默认仅中心站点需要固定公有ip地址；分支站点地址可变化；--- 大大降低的管理难度，资源占有量，成本；

NHRP：下一跳路径发现协议；存在服务端和客户端；服务端需要固定公有ip地址，客户端ip地址可变；客户端在本地公有ip变化后，主动向服务端进行注册；服务端生成MAP，

MAP中记录客户端的公有ip与tunnel接口的ip地址对应关系；若其他客户端需要访问另一个客户端，可以到服务端下载该MAP；

中心站点配置
[r1]interface Tunnel 0/0/0 创建隧道接口

[r1-Tunnel0/0/0]ip address 192.168.4.1 24 隧道接口ip地址

[r1-Tunnel0/0/0]tunnel-protocol gre p2mp 定义该隧道为多点gre隧道

[r1-Tunnel0/0/0]source 14.1.1.1 该隧道加封装的报头源ip地址

通过NHRP协议来获取加封装的目标ip地址

[r1-Tunnel0/0/0]nhrp entry multicast dynamic 本地成为NHRP服务端

[r1-Tunnel0/0/0]nhrp network-id 100 NHRP的工作编号，该网段所有设备必须在同一id

分支站点：
[r2]interface Tunnel 0/0/0

[r2-Tunnel0/0/0]ip address 192.168.4.2 24

[r2-Tunnel0/0/0]tunnel-protocol gre p2mp

加封装的源ip地址，为本地的隧道实际通过接口的ip地址，填写接口编号，而不是接口ip，原因在于该接口ip地址可变

[r2-Tunnel0/0/0]source GigabitEthernet 0/0/0

加封装的目标ip地址，需要到NHRP中心站点获取

[r2-Tunnel0/0/0]nhrp entry 192.168.4.1 14.1.1.1 register

[r2-Tunnel0/0/0]nhrp network-id 100

R2:

[Huawei]sysname r2
[r2]interface LoopBack 0	
[r2-LoopBack0]ip address 2.2.2.2 24
[r2-LoopBack0]q
[r2]interface s3/0/0
[r2-Serial3/0/0]ip address 12.1.1.2 24
Jun 18 2024 13:24:14-08:00 r2 %%01IFNET/4/LINK_STATE(l)[13]:The line protocol PP
P IPCP on the interface Serial3/0/0 has entered the UP state. 
[r2-Serial3/0/0]q
[r2]interface s4/0/0
[r2-Serial4/0/0]ip address 23.1.1.2 24
[r2-Serial4/0/0]q
[r2]interface s3/0/1
[r2-Serial3/0/1]ip address 24.1.1.2 24

[r2]sysname isp	  ----HDLC封装
[isp]interface s3/0/0
[isp-Serial3/0/0]link-protocol hdlc
Warning: The encapsulation protocol of the link will be changed. Continue? [Y/N]:y

[isp]interface s4/0/0	----PPP封装，pap认证
[isp-Serial4/0/0]ppp pap local-user a password cipher 123
[isp-Serial4/0/0]q

[isp]interface s3/0/1	----ppp封装，chap认证
[isp-Serial3/0/1]ppp chap password cipher 456
[isp-Serial3/0/1]

R3:

[Huawei]sysname r3	
[r3]interface s4/0/0	
[r3-Serial4/0/0]ip address 23.1.1.1 24	
[r3]interface g0/0/1
[r3-GigabitEthernet0/0/1]ip address 192.168.2.1 24
[r3]ip route-static 0.0.0.0 0 23.1.1.2

#ppp封装，R2-R3之间为PPP封装，pap认证，R2为主认证方
[r3]aaa
[r3-aaa]local-user  a password cipher 123
Info: Add a new user.
[r3-aaa]local-user a service-type ppp
[r3-aaa]q
[r3]int s4/0/0
[r3-Serial4/0/0]ppp authentication-mode pap
[r3-Serial4/0/0]

[r3]int Tunnel 0/0/0
[r3-Tunnel0/0/0]ip address 192.168.4.2 24	
[r3-Tunnel0/0/0]tunnel-protocol gre p2mp 
[r3-Tunnel0/0/0]source Serial 4/0/0
Jun 18 2024 14:02:12-08:00 r3 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP 
on the interface Tunnel0/0/0 has entered the UP state. 	
[r3-Tunnel0/0/0]nhrp entry 192.168.4.1 12.1.1.1 register 
[r3-Tunnel0/0/0]nhrp network-id 100
[r3-Tunnel0/0/0]

[r3]rip
[r3-rip-1]version 2	
[r3-rip-1]network 192.168.4.0
[r3-rip-1]network 192.168.2.0

<r3>display nhrp peer all 
------------------------------------------------------------------------------- 
Protocol-addr   Mask  NBMA-addr       NextHop-addr    Type         Flag         
------------------------------------------------------------------------------- 
192.168.4.1     32    12.1.1.1        192.168.4.1     static       hub          
------------------------------------------------------------------------------- 
Tunnel interface: Tunnel0/0/0
Created time    : 00:46:26
Expire time     : --

Number of nhrp peers: 1

R4:

[Huawei]sysname r4
[r4]interface s4/0/0
[r4-Serial4/0/0]ip address 24.1.1.1 24
	
[r4]interface g0/0/1
[r4-GigabitEthernet0/0/1]ip address 192.168.3.1 24

[r4]ip route-static 0.0.0.0 0 24.1.1.2

R2-R4之间为PPP封装，chap认证，R2为主认证方
[r4]aaa
[r4-aaa]local-user  a password  cipher 456
Info: Add a new user.
[r4-aaa]local-user a service-type ppp
[r4-aaa]q
[r4]interface s4/0/0
[r4-Serial4/0/0]ppp authentication-mode chap 

[r4]int Tunnel 0/0/0
[r4-Tunnel0/0/0]ip address 192.168.4.3 24
[r4-Tunnel0/0/0]tunnel-protocol gre p2mp 
[r4-Tunnel0/0/0]source s4/0/0	
[r4-Tunnel0/0/0]nhrp entry 192.168.4.1 12.1.1.1 register 
[r4-Tunnel0/0/0]nhrp network-id 100
[r4-Tunnel0/0/0]

[r4]rip
[r4-rip-1]ver 2	
[r4-rip-1]network 192.168.4.0
[r4-rip-1]network 192.168.3.0

PC1 PING PC3----两个内网相通

zhang.504

关注

10
点赞
踩
19

收藏

觉得还不错? 一键收藏
0
评论
HCIP--静态路由综合实验

存在服务端和客户端；分支站点地址可变化；[r1-Tunnel0/0/0]nhrp network-id 100 NHRP的工作编号，该网段所有设备必须在同一id。加封装的源ip地址，为本地的隧道实际通过接口的ip地址，填写接口编号，而不是接口ip，原因在于该接口ip地址可变。VPN：虚拟专用网络 --- 通过虚拟手段，将两个独立网络，穿越中间一个公共网络进行互联，模拟出点到点专线的效果；[r1-Tunnel0/0/0]tunnel-protocol gre 定义该接口转发流量时需要GRE封装。
复制链接

扫一扫