GRE隧道实验
GRE实验
说明:我们模拟内外网环境,实现内网和内网间通过GRE隧道来实现通讯.
R0:
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#int fa0/1
Router(config-if)#no shu
Router(config-if)#no shutdown
Router(config-if)#
%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up
Router(config-if)#ip add 100.100.100.2 255.255.255.0
Router(config-if)#int fa0/0
Router(config-if)#no shu
Router(config-if)#no shutdown
Router(config-if)#
%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up
Router(config-if)#ip add 200.200.200.2 255.255.255.0
Router(config-if)# \\R0基本配置,因为模拟它为外网,只需要定义两个端口IP.
R1:
Router>en
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#int fa0/1
Router(config-if)#no shu
Router(config-if)#no shutdown
Router(config-if)#
%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up
Router(config-if)#ip add 100.100.100.1 255.255.255.0
Router(config-if)#int fa0/0
Router(config-if)#no shu
Router(config-if)#no shutdown
Router(config-if)#
%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up
Router(config-if)#ip add 192.168.1.1 255.255.255.0
Router(config-if)#exi
Router(config)#ip ro
Router(config)#ip route 0.0.0.0 0.0.0.0 100.100.100.2
Router(config)# \\R1基本配置,定义两个端口,设置默认下一跳为 100.100.100.2
R3:
Router>en
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#int fa0/0
Router(config-if)#no shu
Router(config-if)#no shutdown
Router(config-if)#
%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
Router(config-if)#ip add 192.168.1.2 255.255.255.0
Router(config-if)#exi
Router(config)#ip ro
Router(config)#ip route 0.0.0.0 0.0.0.0 192.168.1.1
Router(config)# \\R3基本配置,定义端口,设置默认下一跳为 192.168.1.1
R2:
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#int fa0/0
Router(config-if)#no shu
Router(config-if)#no shutdown
Router(config-if)#
%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
Router(config-if)#ip add 200.200.200.1 255.255.255.0
Router(config-if)#int fa0/1
Router(config-if)#no shu
Router(config-if)#no shutdown
Router(config-if)#
%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up
Router(config-if)#ip add 10.10.10.1 255.255.255.0
Router(config-if)#exi
Router(config)#ip ro
Router(config)#ip route 0.0.0.0 0.0.0.0 200.200.200.2
Router(config)# \\R2基本配置,定义两个端口,设置默认下一跳为 200.200.200.2
R4:
Router>en
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#int fa0/1
Router(config-if)#no shu
Router(config-if)#no shutdown
Router(config-if)#
%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up
Router(config-if)#ip add 10.10.10.2 255.255.255.0
Router(config-if)#exi
Router(config)#ip rou
Router(config)#ip route 0.0.0.0 0.0.0.0 10.10.10.1
Router(config)# \\R4基本配置,定义端口,设置默认下一跳为 10.10.10.1
测试连通性:
R3:
Router#ping 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 0/0/0 ms
Router#ping 100.100.100.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 100.100.100.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/0/0 ms
Router#ping 100.100.100.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 100.100.100.2, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
Router# \\只能PING通默认下一跳
R1:
Router#ping 100.100.100.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 100.100.100.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/0/1 ms
Router#ping 192.168.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/1/6 ms
Router#ping 200.200.200.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 200.200.200.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/0/1 ms
Router#ping 200.200.200.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 200.200.200.1, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 0/0/0 ms
Router#ping 10.10.10.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.10.1, timeout is 2 seconds:
U.U.U
Success rate is 0 percent (0/5)
Router#\\可以ping 通RO R2 R3
R2:
Router#
%SYS-5-CONFIG_I: Configured from console by console
Router#ping 100.100.100.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 100.100.100.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/0/1 ms
Router#ping 100.100.100.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 100.100.100.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/0/1 ms
Router# \\可以PING通 R0 R1 R4
R4:
Router#ping 200.200.200.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 200.200.200.1, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 0/0/0 ms
Router#ping 200.200.200.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 200.200.200.2, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5) \\可以PING通默认下一跳
R0:
Router>ping 100.100.100.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 100.100.100.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/0/1 ms
Router>ping 200.200.200.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 200.200.200.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/0/1 ms
Router>ping 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
Router>ping 10.10.10.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.10.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
Router>
\\可以PING通 R1的fa0/1 R2的fa0/0,到这一步,通过ping测试,我们已经模拟出了内外网环境,
R0 R1的fa0/1 R2的fa0/0,就是模拟的外网环境. R3和R1的fa0/0是个内网环境,R4和R2的fa0/1
是个内网环境.
Router#
建立通道:
R1:
Router(config)#int tunnel 1
Router(config-if)#
%LINK-5-CHANGED: Interface Tunnel1, changed state to up
Router(config-if)#ip add 1.1.1.1 255.255.255.0
Router(config-if)#tn
Router(config-if)#tun
Router(config-if)#tunnel so
Router(config-if)#tunnel source fa0/1 \\注意PT的因素,源地址只能定义为端口
Router(config-if)#tun
Router(config-if)#tunnel de
Router(config-if)#tunnel destination 200.200.200.1
Router(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel1, changed state to up
R2:
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#int tun
Router(config)#int tunnel 2
Router(config-if)#
%LINK-5-CHANGED: Interface Tunnel2, changed state to up
Router(config-if)#ip add 1.1.1.2 255.255.255.0
Router(config-if)#tun
Router(config-if)#tunnel so
Router(config-if)#tunnel source fa0/0
Router(config-if)#tun
Router(config-if)#tunnel de
Router(config-if)#tunnel destination 100.100.100.1
Router(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel2, changed state to up
测试通道连通:
R2:
Router#ping 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/0/1 ms
R1:
Router#ping 1.1.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/0/1 ms
\\此步测试说明通道已经建立并且实现了连通
测试R3是否可以和R2,R4通讯?
Router>
Router>ping 100.100.100.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 100.100.100.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/0/1 ms
Router>ping 200.200.200.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 200.200.200.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
Router>ping 10.10.10.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.10.2, timeout is 2 seconds:
.....
Router#
\\再未使用通道前R3无法和R2 R4连通
定义感兴趣流量
R1:
Router(config)#ip route 0.0.0.0 0.0.0.0 1.1.1.2 \\注意必须写默认这一条.
Router(config)#ip route 192.168.1.0 255.255.255.0 1.1.1.2
R2:
Router(config)#ip route 0.0.0.0 0.0.0.0 1.1.1.1
Router(config)#ip route 10.10.10.0 255.255.255.0 1.1.1.1
测试再测试R3,R4连通性
R3:
Router>
Router>ping 10.10.10.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.10.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/3/14 ms
Router>
Router>tra
Router>traceroute 10.10.10.2
Type escape sequence to abort.
Tracing the route to 10.10.10.2
1 192.168.1.1 1 msec 0 msec 0 msec
2 1.1.1.2 0 msec 0 msec 0 msec \\看路由走的通道
3 10.10.10.2 0 msec 0 msec 11 msec
Router>
R4:
Router>ping 192.168.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/0/1 ms
Router>traceroute 192.168.1.2
Type escape sequence to abort.
Tracing the route to 192.168.1.2
1 10.10.10.1 1 msec 0 msec 0 msec
2 1.1.1.1 0 msec 0 msec 0 msec \\看路由走的通道
3 192.168.1.2 0 msec 1 msec 12 msec
Router>
\\ 到这里我们已经完成了此实验.
转载于:https://blog.51cto.com/goome/1078340