一、拓扑图:
二、配置及说明:
1、配置三台路由器的IP地址。并且在R1和R3配置默认路由,确保广域网链路能够通信:
|
R1(config-line)#int s1/1
R1(config-if)#no sh
R1(config-if)#ip add 202.101.172.37 255.255.255.252
R1(config-if)#int lo0
R1(config-if)#ip add 172.16.1.1 255.255.255.0
R1(config-if)#ip add 172.16.2.1 255.255.255.0 se
R1(config-if)#exit
R1(config)#ip route 0.0.0.0 0.0.0.0 202.101.172.38 (配置一条默认路由)
R3(config-line)#int s1/0
R3(config-if)#no sh
R3(config-if)#ip add 218.108.248.202 255.255.255.252
R3(config-if)#int lo0
R3(config-if)#ip add 192.168.1.1 255.255.255.0
R3(config-if)#ip add 192.168.2.1 255.255.255.0 se
R3(config-if)#exit
R3(config)#ip route 0.0.0.0 0.0.0.0 218.108.248.201
|
2、配置完之后,在R1 能够ping 通R3的WAN口:
|
R1(config)#do ping 218.108.248.202
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 218.108.248.202, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/27/64 ms
|
3、由于R2中没有到达私有网络的路由,在R1或R3都不能ping 通各自的回环接口IP:
|
R1(config)#do ping 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
U.U.U
Success rate is 0 percent (0/5)
R1(config)#
|
4、满足条件之后,下面分别在R1和R3上通过GRE隧道技术把路由打通:
|
R1(config)#interface tunnel 0 (启用GRE隧道)
R1(config-if)#ip add 10.1.1.1 255.255.255.0 (为隧道配置IP地址)
R1(config-if)#tunnel source serial1/1(配置隧道的本地源端口)
R1(config-if)#tunnel destination 218.108.248.202 (配置隧道的目标出口,目的IP的可达性,是通过之前配置的本地默认路由保证的)
R3(config)#int tunnel 0
R3(config-if)#ip add 10.1.1.2 255.255.255.0
R3(config-if)#tunnel source 218.108.248.202 (也可以指定隧道本地源IP)
R3(config-if)#tunnel destination 202.101.172.37
|
5、R3配置完之后,马上就出来提示信息:
|
R3(config-if)#
*Mar 1 01:06:52.095: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to up
|
6、在R1上查看一下隧道接口信息:
|
R1#sh interfaces tunnel0
Tunnel0 is up, line protocol is up (状态为UP)
Hardware is Tunnel (基于隧道的接口)
Internet address is 10.1.1.1/24
MTU 1514 bytes, BW 9 Kbit, DLY 500000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation TUNNEL, loopback not set (在原始的数据包上再封装了一个GRE报头)
Keepalive not set
Tunnel source 202.101.172.37 (Serial1/1), destination 218.108.248.202
Tunnel protocol/transport GRE/IP (隧道协议为GRE)
Key disabled, sequencing disabled
Checksumming of packets disabled
Tunnel TTL 255
………………
|
7、查看一下R1的路由表:
|
R1#sh ip route
…………
Gateway of last resort is 202.101.172.38 to network 0.0.0.0
202.101.172.0/30 is subnetted, 1 subnets
C 202.101.172.36 is directly connected, Serial1/1
172.16.0.0/24 is subnetted, 2 subnets
C 172.16.1.0 is directly connected, Loopback0
C 172.16.2.0 is directly connected, Loopback0
10.0.0.0/24 is subnetted, 1 subnets
C 10.1.1.0 is directly connected, Tunnel0 (显示隧道接口为直连路由)
S* 0.0.0.0/0 [1/0] via 202.101.172.38 (之前配置的默认路由)
|
8、在R1上能够ping 通隧道地址:
|
R1#ping 10.1.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/34/68 ms
R1#
|
9、为了使R1和R3的loopback 地址能够通信,我们在R1和R3分别配置静态路由,下一跳指向隧道接口:
|
R1(config)#ip route 192.168.0.0 255.255.0.0 tunnel 0 (下一跳可以指定隧道接口)
R3(config)#ip route 172.16.0.0 255.255.0.0 10.1.1.1 (也可以指定隧道接口对端的IP)
|
10、在R1或R3再次ping ,检查是否能ping 通对方私有网络回环接口IP地址:
|
R1(config)#do ping 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/38/108 ms
R1(config)#do ping 192.168.2.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/36/84 ms
R1(config)#
|
11、当然我们还可以查看一下tunnl 0的统计数据:
|
R1#sh interface tunnel 0 stats
Tunnel0
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 30 3720 30 3720
Route cache 0 0 0 0
Total 30 3720 30 3720
|
注意:在配置隧道的时候一定要注意隧道的本地源端口和隧道的目的端口的路由可达性。
本文转自wxs-163 51CTO博客,原文链接:http://blog.51cto.com/supercisco/293313
扫一扫
1513
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
