18
GRE技术的讲解---第二篇(可跟做)-栗子老师的博客
source link: https://blog.51cto.com/13817711/2473900
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
GRE网络中的路由协议部署方案
考虑点:
第一:两个站点设备上面用哪个接口建立OSPF邻居关系呢?
第二:OSPF的hello报文是组播传递 224.0.0.5 这个组播地址不能跨跳 即TTL为1
思路:
直接用tunnel接口之间建立OSPF关系
在SZ_***的G0/0/0接口抓包所示:
第一步:删除SZ***和BJ***设备的静态引流路由
**SZ_*的配置
#
undo ip route-static 192.168.2.0 255.255.255.0 Tunnel0/0/1
#**BJ_*的配置
#
undo ip route-static 192.168.1.0 255.255.255.0 Tunnel0/0/1
#第二步:在SZ***和BJ***设备上配置OSPF动态引流路由
**SZ_*的配置
#
ospf 1 router-id 1.1.1.1
area 0.0.0.0
network 123.1.1.1 0.0.0.0
network 192.168.1.0 0.0.0.255
#**BJ_*的配置
#
ospf 1 router-id 2.2.2.2
area 0.0.0.0
network 123.1.1.2 0.0.0.0
network 192.168.2.0 0.0.0.255
#第三步:检查如下
**SZ_*设备的检查
<SZ_***>display ip routing-table protocol ospf
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Public routing table : OSPF
Destinations : 1 Routes : 1
OSPF routing table status : <Active>
Destinations : 1 Routes : 1
Destination/Mask Proto Pre Cost Flags NextHop Interface
192.168.2.0/24 OSPF 10 1563 D 123.1.1.2 Tunnel0/0/1
OSPF routing table status : <Inactive>
Destinations : 0 Routes : 0**BJ_*设备的检查
[BJ_***]display ip routing-table protocol ospf
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Public routing table : OSPF
Destinations : 1 Routes : 1
OSPF routing table status : <Active>
Destinations : 1 Routes : 1
Destination/Mask Proto Pre Cost Flags NextHop Interface
192.168.1.0/24 OSPF 10 1563 D 123.1.1.1 Tunnel0/0/1
OSPF routing table status : <Inactive>
Destinations : 0 Routes : 0<SZ_***>display ospf interface Tunnel0/0/1
OSPF Process 1 with Router ID 1.1.1.1
Interfaces
Interface: 123.1.1.1 (Tunnel0/0/1) --> 123.1.1.2
Cost: 1562 State: P-2-P Type: P2P MTU: 1500
Timers: Hello 10 , Dead 40 , Poll 120 , Retransmit 5 , Transmit Delay 1PC1可以访问到PC2
PC>ping 192.168.2.2
Ping 192.168.2.2: 32 data bytes, Press Ctrl_C to break
Request timeout!
From 192.168.2.2: bytes=32 seq=2 ttl=126 time=94 ms
From 192.168.2.2: bytes=32 seq=3 ttl=126 time=94 ms
From 192.168.2.2: bytes=32 seq=4 ttl=126 time=78 ms
From 192.168.2.2: bytes=32 seq=5 ttl=126 time=156 ms
--- 192.168.2.2 ping statistics ---
5 packet(s) transmitted
4 packet(s) received
20.00% packet loss
round-trip min/avg/max = 0/105/156 msPC1追踪PC2
PC>tracert 192.168.2.2
traceroute to 192.168.2.2, 8 hops max
(ICMP), press Ctrl+C to stop
1 192.168.1.254 31 ms 47 ms 47 ms
2 123.1.1.2 62 ms 47 ms 47 ms
3 192.168.2.2 78 ms 94 ms 62 ms
PC>**在BJ_*设备上面宣告101.1.1.1路由到OSPF进程当中
#
ospf 1 router-id 2.2.2.2
area 0.0.0.0
network 101.1.1.1 0.0.0.0
network 123.1.1.2 0.0.0.0
network 192.168.2.0 0.0.0.255
#SZ***和BJ*设备里面的OSPF邻居状态机会出现down和full的现象出现
思考请问为什么会出现这种现象?*
1、SZ_会学到101.1.1.1的OSPF路由 当SZ***往外发送hello报文的时候 会进行GRE的封装 而GRE的封装的DIP地址是101.1.1.1的IP地址 而由于SZ到达101.1.1.1的下一跳是tunnel0/0/1接口 是我自己本身 无法发送出去 那等待dead时间到期后 SZ_和BJ***的OSPF状态机会down
2、down了之后 SZ就没有101.1.1.1的路由 SZ_会10s往外发送hello报文 关系就会建立起来FULL
PC>ping 192.168.2.2 -t
Ping 192.168.2.2: 32 data bytes, Press Ctrl_C to break
Request timeout!
Request timeout!
Request timeout!
Request timeout!
Request timeout!
Request timeout!
Request timeout!
Request timeout!
Request timeout!
Request timeout!
Request timeout!
Request timeout!
Request timeout!
Request timeout!
Request timeout!
Request timeout!
GRE多站点之间的组网
思路:在总部建立两个tunnel接口 分别为tunnel0/0/1和tunnel0/0/2接口 用这两个tunnel接口分别和北京和广州部分进行互联
第一步:基本配置
**SZ_*路由器的配置
#
sysname SZ_***
#
interface GigabitEthernet0/0/0
ip address 202.1.1.1 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 192.168.1.254 255.255.255.0
#
ip route-static 0.0.0.0 0.0.0.0 202.1.1.254
#**BJ_*路由器的配置
#
sysname BJ_***
#
interface GigabitEthernet0/0/0
ip address 101.1.1.1 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 192.168.2.254 255.255.255.0
#
ip route-static 0.0.0.0 0.0.0.0 101.1.1.254
#**GZ_*路由器的配置
#
sysname GZ_***
#
interface GigabitEthernet0/0/0
ip address 60.1.1.1 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 192.168.3.254 255.255.255.0
#
ip route-static 0.0.0.0 0.0.0.0 60.1.1.254
#internet的配置
#
interface GigabitEthernet0/0/0
ip address 202.1.1.254 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 101.1.1.254 255.255.255.0
#
interface GigabitEthernet0/0/2
ip address 60.1.1.254 255.255.255.0
#检查如下:
**检查SZ_*和PC1的通信
<SZ_***>ping 192.168.1.1
PING 192.168.1.1: 56 data bytes, press CTRL_C to break
Reply from 192.168.1.1: bytes=56 Sequence=1 ttl=128 time=40 ms
Reply from 192.168.1.1: bytes=56 Sequence=2 ttl=128 time=60 ms
Reply from 192.168.1.1: bytes=56 Sequence=3 ttl=128 time=40 ms
Reply from 192.168.1.1: bytes=56 Sequence=4 ttl=128 time=60 ms
Reply from 192.168.1.1: bytes=56 Sequence=5 ttl=128 time=50 ms
--- 192.168.1.1 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 40/50/60 ms**检查BJ_*和PC2的通信
<SZ_***>ping 192.168.2.2
PING 192.168.1.1: 56 data bytes, press CTRL_C to break
Reply from 192.168.2.2: bytes=56 Sequence=1 ttl=128 time=40 ms
Reply from 192.168.2.2: bytes=56 Sequence=2 ttl=128 time=60 ms
Reply from 192.168.2.2: bytes=56 Sequence=3 ttl=128 time=40 ms
Reply from 192.168.2.2: bytes=56 Sequence=4 ttl=128 time=60 ms
Reply from 192.168.2.2: bytes=56 Sequence=5 ttl=128 time=50 ms
--- 192.168.2.2 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 40/50/60 ms**检查GZ_*和PC3的通信
<SZ_***>ping 192.168.3.3
PING 192.168.1.1: 56 data bytes, press CTRL_C to break
Reply from 192.168.3.3: bytes=56 Sequence=1 ttl=128 time=40 ms
Reply from 192.168.3.3: bytes=56 Sequence=2 ttl=128 time=60 ms
Reply from 192.168.3.3: bytes=56 Sequence=3 ttl=128 time=40 ms
Reply from 192.168.3.3: bytes=56 Sequence=4 ttl=128 time=60 ms
Reply from 192.168.3.3: bytes=56 Sequence=5 ttl=128 time=50 ms
--- 192.168.3.3 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 40/50/60 ms检查SZ***和BJ*的通信**
<SZ_***>ping 101.1.1.1
PING 101.1.1.1: 56 data bytes, press CTRL_C to break
Reply from 101.1.1.1: bytes=56 Sequence=1 ttl=254 time=30 ms
Reply from 101.1.1.1: bytes=56 Sequence=2 ttl=254 time=20 ms
Reply from 101.1.1.1: bytes=56 Sequence=3 ttl=254 time=40 ms
Reply from 101.1.1.1: bytes=56 Sequence=4 ttl=254 time=20 ms
Reply from 101.1.1.1: bytes=56 Sequence=5 ttl=254 time=30 ms
--- 101.1.1.1 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 20/28/40 ms检查SZ***GZ*的通信**
<SZ_***>ping 60.1.1.1
PING 60.1.1.1: 56 data bytes, press CTRL_C to break
Reply from 60.1.1.1: bytes=56 Sequence=1 ttl=254 time=30 ms
Reply from 60.1.1.1: bytes=56 Sequence=2 ttl=254 time=30 ms
Reply from 60.1.1.1: bytes=56 Sequence=3 ttl=254 time=20 ms
Reply from 60.1.1.1: bytes=56 Sequence=4 ttl=254 time=20 ms
Reply from 60.1.1.1: bytes=56 Sequence=5 ttl=254 time=30 ms
--- 60.1.1.1 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 20/26/30 ms检查BJ***和GZ*的通信**
<BJ_***>ping 60.1.1.1
PING 60.1.1.1: 56 data bytes, press CTRL_C to break
Reply from 60.1.1.1: bytes=56 Sequence=1 ttl=254 time=20 ms
Reply from 60.1.1.1: bytes=56 Sequence=2 ttl=254 time=20 ms
Reply from 60.1.1.1: bytes=56 Sequence=3 ttl=254 time=10 ms
Reply from 60.1.1.1: bytes=56 Sequence=4 ttl=254 time=30 ms
Reply from 60.1.1.1: bytes=56 Sequence=5 ttl=254 time=30 ms
--- 60.1.1.1 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 10/22/30 ms检查PC1和PC2的通信
PC>ping 192.168.2.2
Ping 192.168.2.2: 32 data bytes, Press Ctrl_C to break
Request timeout!
Request timeout!
Request timeout!
Request timeout!
Request timeout!
--- 192.168.2.2 ping statistics ---
5 packet(s) transmitted
0 packet(s) received
100.00% packet loss检查PC1和PC3的通信
PC>ping 192.168.3.3
Ping 192.168.3.3: 32 data bytes, Press Ctrl_C to break
Request timeout!
Request timeout!
Request timeout!
Request timeout!
Request timeout!
--- 192.168.3.3 ping statistics ---
5 packet(s) transmitted
0 packet(s) received
100.00% packet loss检查PC2和PC3的通信
PC>ping 192.168.3.3
Ping 192.168.3.3: 32 data bytes, Press Ctrl_C to break
Request timeout!
Request timeout!
Request timeout!
Request timeout!
Request timeout!
--- 192.168.3.3 ping statistics ---
5 packet(s) transmitted
0 packet(s) received
100.00% packet loss第二步:分别在SZ***和BJ***启动TUNNEL接口
**SZ_*的配置
#
interface Tunnel0/0/1
ip address 123.1.1.1 255.255.255.0
tunnel-protocol gre
source 202.1.1.1
destination 101.1.1.1
#
interface Tunnel0/0/2
ip address 124.1.1.1 255.255.255.0
tunnel-protocol gre
source 202.1.1.1
destination 60.1.1.1
#**BJ_*的配置
#
interface Tunnel0/0/1
ip address 123.1.1.2 255.255.255.0
tunnel-protocol gre
source 101.1.1.1
destination 202.1.1.1
#**GZ_*的配置
#
interface Tunnel0/0/1
ip address 124.1.1.3 255.255.255.0
tunnel-protocol gre
source 60.1.1.1
destination 202.1.1.1
#第三步:配置引流路由
**SZ_*的配置
#
ip route-static 192.168.2.0 255.255.255.0 Tunnel0/0/1
ip route-static 192.168.3.0 255.255.255.0 Tunnel0/0/2
#**BJ_*的配置
#
ip route-static 192.168.1.0 255.255.255.0 Tunnel0/0/1
#**GZ_*的配置
#
ip route-static 192.168.1.0 255.255.255.0 Tunnel0/0/1
#第四步:检查GRE隧道是否成功
**SZ_*的检查
<SZ_***>display interface Tunnel 0/0/1
Tunnel0/0/1 current state : UP
Line protocol current state : UP
Last line protocol up time : 2020-02-25 17:50:10 UTC-08:00
Description:HUAWEI, AR Series, Tunnel0/0/1 Interface
Route Port,The Maximum Transmit Unit is 1500
Internet Address is 123.1.1.1/24
Encapsulation is TUNNEL, loopback not set
Tunnel source 202.1.1.1 (GigabitEthernet0/0/0), destination 101.1.1.1
Tunnel protocol/transport GRE/IP, key disabled
keepalive disabled
Checksumming of packets disabled
Current system time: 2020-02-25 20:19:16-08:00
300 seconds input rate 0 bits/sec, 0 packets/sec
300 seconds output rate 0 bits/sec, 0 packets/sec
0 seconds input rate 0 bits/sec, 0 packets/sec
0 seconds output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes
0 input error
0 packets output, 0 bytes
0 output error
Input bandwidth utilization : --
Output bandwidth utilization : --
<SZ_***>第二个tunnel接口的详细信息
<SZ_***>display interface Tunnel 0/0/2
Tunnel0/0/2 current state : UP
Line protocol current state : UP
Last line protocol up time : 2020-02-25 23:10:15 UTC-08:00
Description:HUAWEI, AR Series, Tunnel0/0/2 Interface
Route Port,The Maximum Transmit Unit is 1500
Internet Address is 124.1.1.1/24
Encapsulation is TUNNEL, loopback not set
Tunnel source 202.1.1.1 (GigabitEthernet0/0/0), destination 60.1.1.1
Tunnel protocol/transport GRE/IP, key disabled
keepalive disabled
Checksumming of packets disabled
Current system time: 2020-02-25 23:29:12-08:00
300 seconds input rate 0 bits/sec, 0 packets/sec
300 seconds output rate 0 bits/sec, 0 packets/sec
0 seconds input rate 0 bits/sec, 0 packets/sec
0 seconds output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes
0 input error
0 packets output, 0 bytes
0 output error
Input bandwidth utilization : --
Output bandwidth utilization : --**BJ_*的检查
<BJ_***>display interface Tunnel 0/0/1
Tunnel0/0/1 current state : UP
Line protocol current state : UP
Last line protocol up time : 2020-02-25 17:50:53 UTC-08:00
Description:HUAWEI, AR Series, Tunnel0/0/1 Interface
Route Port,The Maximum Transmit Unit is 1500
Internet Address is 123.1.1.2/24
Encapsulation is TUNNEL, loopback not set
Tunnel source 101.1.1.1 (GigabitEthernet0/0/0), destination 202.1.1.1
Tunnel protocol/transport GRE/IP, key disabled
keepalive disabled
Checksumming of packets disabled
Current system time: 2020-02-25 20:21:08-08:00
300 seconds input rate 0 bits/sec, 0 packets/sec
300 seconds output rate 0 bits/sec, 0 packets/sec
0 seconds input rate 0 bits/sec, 0 packets/sec
0 seconds output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes
0 input error
0 packets output, 0 bytes
0 output error
Input bandwidth utilization : --
Output bandwidth utilization : --
<BJ_***>**GZ_*的检查
<ZG_***>display interface Tunnel 0/0/1
Tunnel0/0/1 current state : UP
Line protocol current state : UP
Last line protocol up time : 2020-02-25 23:03:02 UTC-08:00
Description:HUAWEI, AR Series, Tunnel0/0/1 Interface
Route Port,The Maximum Transmit Unit is 1500
Internet Address is 124.1.1.3/24
Encapsulation is TUNNEL, loopback not set
Tunnel source 60.1.1.1 (GigabitEthernet0/0/0), destination 202.1.1.1
Tunnel protocol/transport GRE/IP, key disabled
keepalive disabled
Checksumming of packets disabled
Current system time: 2020-02-25 23:30:27-08:00
300 seconds input rate 0 bits/sec, 0 packets/sec
300 seconds output rate 0 bits/sec, 0 packets/sec
0 seconds input rate 0 bits/sec, 0 packets/sec
0 seconds output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes
0 input error
0 packets output, 0 bytes
0 output error
Input bandwidth utilization : --
Output bandwidth utilization : --
<ZG_***>第五步:实现北京和广州分部互通
**BJ_*的配置
#
ip route-static 192.168.3.0 255.255.255.0 Tunnel0/0/1
#**GZ_*的配置
#
ip route-static 192.168.3.0 255.255.255.0 Tunnel0/0/1
#测试PC2和PC3的连通性
PC>ping 192.168.3.3
Ping 192.168.3.3: 32 data bytes, Press Ctrl_C to break
Request timeout!
From 192.168.3.3: bytes=32 seq=2 ttl=125 time=78 ms
From 192.168.3.3: bytes=32 seq=3 ttl=125 time=109 ms
From 192.168.3.3: bytes=32 seq=4 ttl=125 time=94 ms
From 192.168.3.3: bytes=32 seq=5 ttl=125 time=78 ms
--- 192.168.3.3 ping statistics ---
5 packet(s) transmitted
4 packet(s) received
20.00% packet loss
round-trip min/avg/max = 0/89/109 ms
PC>第六步:在BJ-和GZ-起一个TUNNEL接口
删除如下引流路由
在BJ_***删除
ip route-static 192.168.3.0 255.255.255.0 Tunnel0/0/1在GZ_***删除
ip route-static 192.168.2.0 255.255.255.0 Tunnel0/0/1在BJ***和GZ创建tunnel0/0/2接口
在BJ_创建
#
interface Tunnel0/0/2
ip address 125.1.1.2 255.255.255.0
tunnel-protocol gre
source 101.1.1.1
destination 60.1.1.1
#
ip route-static 192.168.3.0 255.255.255.0 Tunnel0/0/2在GZ_***创建
#
interface Tunnel0/0/2
ip address 125.1.1.3 255.255.255.0
tunnel-protocol gre
source 60.1.1.1
destination 101.1.1.1
#
ip route-static 192.168.2.0 255.255.255.0 Tunnel0/0/2检查如下
[BJ_***]display interface Tunnel 0/0/2
Tunnel0/0/2 current state : UP
Line protocol current state : UP
Last line protocol up time : 2020-02-26 00:40:33 UTC-08:00
Description:HUAWEI, AR Series, Tunnel0/0/2 Interface
Route Port,The Maximum Transmit Unit is 1500
Internet Address is 125.1.1.2/24
Encapsulation is TUNNEL, loopback not set
Tunnel source 101.1.1.1 (GigabitEthernet0/0/0), destination 60.1.1.1
Tunnel protocol/transport GRE/IP, key disabled
keepalive disabled
Checksumming of packets disabled
Current system time: 2020-02-26 00:53:56-08:00
300 seconds input rate 0 bits/sec, 0 packets/sec
300 seconds output rate 0 bits/sec, 0 packets/sec
0 seconds input rate 0 bits/sec, 0 packets/sec
0 seconds output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes
0 input error
0 packets output, 0 bytes
0 output error
Input bandwidth utilization : --
Output bandwidth utilization : --
[BJ_***]在PC2上面访问PC3
PC>ping 192.168.3.3
Ping 192.168.3.3: 32 data bytes, Press Ctrl_C to break
From 192.168.3.3: bytes=32 seq=1 ttl=125 time=63 ms
From 192.168.3.3: bytes=32 seq=2 ttl=125 time=93 ms
From 192.168.3.3: bytes=32 seq=3 ttl=125 time=63 ms
From 192.168.3.3: bytes=32 seq=4 ttl=125 time=94 ms
From 192.168.3.3: bytes=32 seq=5 ttl=125 time=93 ms
--- 192.168.3.3 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 63/81/94 ms
PC>tracert 192.168.3.3
traceroute to 192.168.3.3, 8 hops max
(ICMP), press Ctrl+C to stop
1 192.168.2.254 47 ms 46 ms 47 ms
2 125.1.1.3 47 ms 63 ms 62 ms
3 192.168.3.3 78 ms 94 ms 78 ms
PC>GRE组网结合NAT讲解
第一步:基本配置
**SZ_*路由器的配置
#
sysname SZ_***
#
interface GigabitEthernet0/0/0
ip address 172.16.12.1 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 192.168.1.254 255.255.255.0
#
ip route-static 0.0.0.0 0.0.0.0 172.16.12.2
#**BJ_*路由器的配置
#
sysname BJ_***
#
interface GigabitEthernet0/0/0
ip address 101.1.1.1 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 192.168.2.254 255.255.255.0
#
ip route-static 0.0.0.0 0.0.0.0 101.1.1.254
#NAT路由器的配置
#
interface GigabitEthernet0/0/0
ip address 172.16.12.2 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 202.1.1.1 255.255.255.0
#
ip route-static 0.0.0.0 0.0.0.0 202.1.1.254
#internet的配置
#
interface GigabitEthernet0/0/0
ip address 202.1.1.254 255.255.255.0
#
interface GigabitEthernet0/0/1
ip address 101.1.1.254 255.255.255.0
#检查如下:
**检查SZ_*和PC1的通信
<SZ_***>ping 192.168.1.1
PING 192.168.1.1: 56 data bytes, press CTRL_C to break
Reply from 192.168.1.1: bytes=56 Sequence=1 ttl=128 time=40 ms
Reply from 192.168.1.1: bytes=56 Sequence=2 ttl=128 time=60 ms
Reply from 192.168.1.1: bytes=56 Sequence=3 ttl=128 time=40 ms
Reply from 192.168.1.1: bytes=56 Sequence=4 ttl=128 time=60 ms
Reply from 192.168.1.1: bytes=56 Sequence=5 ttl=128 time=50 ms
--- 192.168.1.1 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 40/50/60 ms**检查BJ_*和PC2的通信
<SZ_***>ping 192.168.1.1
PING 192.168.1.1: 56 data bytes, press CTRL_C to break
Reply from 192.168.1.1: bytes=56 Sequence=1 ttl=128 time=40 ms
Reply from 192.168.1.1: bytes=56 Sequence=2 ttl=128 time=60 ms
Reply from 192.168.1.1: bytes=56 Sequence=3 ttl=128 time=40 ms
Reply from 192.168.1.1: bytes=56 Sequence=4 ttl=128 time=60 ms
Reply from 192.168.1.1: bytes=56 Sequence=5 ttl=128 time=50 ms
--- 192.168.1.1 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 40/50/60 ms**检查NAT和BJ_*的通信
<SZ_***>ping 101.1.1.1
PING 101.1.1.1: 56 data bytes, press CTRL_C to break
Reply from 101.1.1.1: bytes=56 Sequence=1 ttl=254 time=30 ms
Reply from 101.1.1.1: bytes=56 Sequence=2 ttl=254 time=20 ms
Reply from 101.1.1.1: bytes=56 Sequence=3 ttl=254 time=40 ms
Reply from 101.1.1.1: bytes=56 Sequence=4 ttl=254 time=20 ms
Reply from 101.1.1.1: bytes=56 Sequence=5 ttl=254 time=30 ms
--- 101.1.1.1 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 20/28/40 ms检查PC1和PC2的通信
PC>ping 192.168.2.2
Ping 192.168.2.2: 32 data bytes, Press Ctrl_C to break
Request timeout!
Request timeout!
Request timeout!
Request timeout!
Request timeout!
--- 192.168.2.2 ping statistics ---
5 packet(s) transmitted
0 packet(s) received
100.00% packet loss第二步:分别在SZ***和BJ***启动TUNNEL接口
**SZ_*的配置
#
interface Tunnel0/0/1
ip address 123.1.1.1 255.255.255.0
tunnel-protocol gre
source 172.16.12.1
destination 101.1.1.1
#**BJ_*的配置
#
interface Tunnel0/0/1
ip address 123.1.1.2 255.255.255.0
tunnel-protocol gre
source 101.1.1.1
destination 202.1.1.1
#NAT设备配置
#
interface GigabitEthernet0/0/1
nat static global 202.1.1.2 inside 172.16.12.1 netmask 255.255.255.255
#第三步:配置引流路由
**SZ_*的配置
#
ip route-static 192.168.2.0 255.255.255.0 Tunnel0/0/1
#**BJ_*的配置
#
ip route-static 192.168.1.0 255.255.255.0 Tunnel0/0/1
#第四步:检查GRE隧道是否成功
**SZ_*的检查
<SZ_***>display interface Tunnel 0/0/1
Tunnel0/0/1 current state : UP
Line protocol current state : UP
Last line protocol up time : 2020-02-26 18:10:00 UTC-08:00
Description:HUAWEI, AR Series, Tunnel0/0/1 Interface
Route Port,The Maximum Transmit Unit is 1500
Internet Address is 123.1.1.1/24
Encapsulation is TUNNEL, loopback not set
Tunnel source 172.16.12.1 (GigabitEthernet0/0/0), destination 101.1.1.1
Tunnel protocol/transport GRE/IP, key disabled
keepalive disabled
Checksumming of packets disabled
Current system time: 2020-02-26 18:23:31-08:00
300 seconds input rate 0 bits/sec, 0 packets/sec
300 seconds output rate 0 bits/sec, 0 packets/sec
0 seconds input rate 0 bits/sec, 0 packets/sec
0 seconds output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes
0 input error
0 packets output, 0 bytes
0 output error
Input bandwidth utilization : --
Output bandwidth utilization : --
<SZ_***>**BJ_*的检查
<BJ_***>display interface Tunnel 0/0/1
Tunnel0/0/1 current state : UP
Line protocol current state : UP
Last line protocol up time : 2020-02-26 18:11:02 UTC-08:00
Description:HUAWEI, AR Series, Tunnel0/0/1 Interface
Route Port,The Maximum Transmit Unit is 1500
Internet Address is 123.1.1.2/24
Encapsulation is TUNNEL, loopback not set
Tunnel source 101.1.1.1 (GigabitEthernet0/0/0), destination 202.1.1.2
Tunnel protocol/transport GRE/IP, key disabled
keepalive disabled
Checksumming of packets disabled
Current system time: 2020-02-26 18:24:07-08:00
300 seconds input rate 0 bits/sec, 0 packets/sec
300 seconds output rate 0 bits/sec, 0 packets/sec
0 seconds input rate 0 bits/sec, 0 packets/sec
0 seconds output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes
0 input error
0 packets output, 0 bytes
0 output error
Input bandwidth utilization : --
Output bandwidth utilization : --
<BJ_***>PC1访问PC2
PC>ping 192.168.2.2
Ping 192.168.2.2: 32 data bytes, Press Ctrl_C to break
From 192.168.2.2: bytes=32 seq=1 ttl=126 time=78 ms
From 192.168.2.2: bytes=32 seq=2 ttl=126 time=94 ms
From 192.168.2.2: bytes=32 seq=3 ttl=126 time=94 ms
From 192.168.2.2: bytes=32 seq=4 ttl=126 time=78 ms
From 192.168.2.2: bytes=32 seq=5 ttl=126 time=109 ms
--- 192.168.2.2 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 78/90/109 ms
PC>Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK