实验目的:
配置GRE隧道,并在隧道上运行OSPF动态路由实现互通
组网需求:
如图,R1、R2、R3属于VPN骨干网,它们之间运行OSPF。R2和R3之间使用三层隧道协议GRE,实现PC1和PC2互联。PC1和PC2上分别制定R2和R3为自己的缺省网关。Tunnel接口启动动态路由协议OSPF。VPN骨干网上使用OSPF进程1,用户接入部分使用OSPF进程2
配置操作:
R1:
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]un in en
Info: Information center is disabled.
[Huawei]sysname R1
[R1]int gi 0/0/0
[R1-GigabitEthernet0/0/0]ip addr 20.1.1.2 24
[R1-GigabitEthernet0/0/0]int gi 0/0/1
[R1-GigabitEthernet0/0/1]ip addr 30.1.1.1 24
[R1-GigabitEthernet0/0/1]
[R1]ospf 1 router-id 1.1.1.1
[R1-ospf-1]area 0
[R1-ospf-1-area-0.0.0.0]network 20.1.1.0 0.0.0.255
[R1-ospf-1-area-0.0.0.0]network 30.1.1.0 0.0.0.255
[R1-ospf-1-area-0.0.0.0]
[R1-ospf-1-area-0.0.0.0]q
[R1-ospf-1]q
R2:
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]un in en
Info: Information center is disabled.
[Huawei]sysname R2
[R2]int gi 0/0/0
[R2-GigabitEthernet0/0/0]ip addr 20.1.1.1 24 //配置公网出接口
[R2-GigabitEthernet0/0/0]int gi0/0/1
[R2-GigabitEthernet0/0/1]ip addr 10.1.1.2 24 //配置私网出接口
[R2-GigabitEthernet0/0/1]
[R2]ospf 1 router-id 2.2.2.2 //配置公网路由
[R2-ospf-1]area 0
[R2-ospf-1-area-0.0.0.0]network 20.1.1.0 0.0.0.255
[R2-ospf-1-area-0.0.0.0]q
[R2-ospf-1]q
[R2-ospf-2]area 0 //配置私网路由
[R2-ospf-2-area-0.0.0.0]network 10.1.1.0 0.0.0.255
[R2-ospf-2-area-0.0.0.0]network 10.3.1.0 0.0.0.255
[R2]ping 30.1.1.2
PING 30.1.1.2: 56 data bytes, press CTRL_C to break
Reply from 30.1.1.2: bytes=56 Sequence=1 ttl=254 time=40 ms
Reply from 30.1.1.2: bytes=56 Sequence=2 ttl=254 time=30 ms
Reply from 30.1.1.2: bytes=56 Sequence=3 ttl=254 time=40 ms
Reply from 30.1.1.2: bytes=56 Sequence=4 ttl=254 time=30 ms
Reply from 30.1.1.2: bytes=56 Sequence=5 ttl=254 time=30 ms
--- 30.1.1.2 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 30/34/40 ms
[R2]
[R2]int tunnel0/0/1 //配置Tunnel接口,Tunnel的源地址是发出报文的实际接口IP地址,目的地址是接收报文的实际接口的IP地址
[R2-Tunnel0/0/1]ip addr 10.3.1.1 255.255.255.0
[R2-Tunnel0/0/1]tunnel-protocol gre
[R2-Tunnel0/0/1]source 20.1.1.1
[R2-Tunnel0/0/1]destination 30.1.1.2
[R2-Tunnel0/0/1]q
R3:
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]un in en
Info: Information center is disabled.
[Huawei]sysname R3
[R3]int gi 0/0/0
[R3-GigabitEthernet0/0/0]ip addr 30.1.1.2 24
[R3-GigabitEthernet0/0/0]int gi /0/1
^
Error: Unrecognized command found at '^' position.
[R3-GigabitEthernet0/0/0]int gi 0/0/1
[R3-GigabitEthernet0/0/1]ip addr 10.2.1.2 24
[R3-GigabitEthernet0/0/1]
[R3-GigabitEthernet0/0/1]
[R3-GigabitEthernet0/0/1]q
[R3]ospf 1 router-id 3.3.3.3
[R3-ospf-1]area 0
[R3-ospf-1-area-0.0.0.0]network 30.1.1.0 0.0.0.255 //配置公网路由
[R3-ospf-1-area-0.0.0.0]
[R3]ospf 2
[R3-ospf-2]area 0 //配置私网路由
[R3-ospf-2-area-0.0.0.0]network 10.2.1.0 0.0.0.255
[R3-ospf-2-area-0.0.0.0]network 10.3.1.0 0.0.0.255
[R3-ospf-2-area-0.0.0.0]q
<R3>sys
Enter system view, return user view with Ctrl+Z.
[R3]int Tunnel 0/0/1 //配置Tunnel接口,Tunnel的源地址是发出报文的实际接口IP地址,目的地址是接收报文的实际接口的IP地址
[R3-Tunnel0/0/1]ip addr 10.3.1.2 255.255.255.0
[R3-Tunnel0/0/1]tunnel-protocol gre
[R3-Tunnel0/0/1]source 30.1.1.2
[R3-Tunnel0/0/1]destination 20.1.1.1
[R3-Tunnel0/0/1]q
[R3]dis ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 15 Routes : 15
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.1.1.0/24 OSPF 10 3 D 30.1.1.1 GigabitEthernet
0/0/0
10.2.1.0/24 Direct 0 0 D 10.2.1.2 GigabitEthernet
0/0/1
10.2.1.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
10.2.1.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/1
10.3.1.0/24 Direct 0 0 D 10.3.1.2 Tunnel0/0/1
10.3.1.2/32 Direct 0 0 D 127.0.0.1 Tunnel0/0/1
10.3.1.255/32 Direct 0 0 D 127.0.0.1 Tunnel0/0/1
20.1.1.0/24 OSPF 10 2 D 30.1.1.1 GigabitEthernet
0/0/0
30.1.1.0/24 Direct 0 0 D 30.1.1.2 GigabitEthernet
0/0/0
30.1.1.2/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
30.1.1.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0