第四天作业

最新推荐文章于 2024-01-22 19:58:14 发布

原创最新推荐文章于 2024-01-22 19:58:14 发布 · 148 阅读

CC 4.0 BY-SA版权

该配置示例展示了如何通过OSPF协议和GRE隧道结合NHRP，在私有IP地址范围内实现网络设备间的通信。R1、R2、R3、R4和R6之间的私有IP段通过OSPF区域配置实现全互联，R7作为ISP仅允许IP通信。R4和R6能访问R7的环回接口，R1通过公共IP连接到R6。此外，R3配置了ACL和NAT服务，允许192.168.0.0/16网段访问其公网接口，并提供了SSH服务。

在这里插入图片描述
1、R7为ISP，只能配IP
2、红色为私有IP范围
3、OSPF的区域为紫色

使用OSPF将使用所以私有网段，实现全通

配置各路由的IP及ospf
R1:

[Huawei]int t0/0/0
[Huawei-Tunnel0/0/0]ip ad 10.1.1.1 24
[Huawei-Tunnel0/0/0]tunnel-protocol gre p2mp 
[Huawei-Tunnel0/0/0]source 17.1.1.1
[Huawei-Tunnel0/0/0]nhrp entry multicast dynamic 
[Huawei-Tunnel0/0/0]nhrp network-id 100
[Huawei-Tunnel0/0/0]nhrp entry 10.1.1.2 27.1.1.1
[Huawei-Tunnel0/0/0]nhrp entry 10.1.1.3 37.1.1.1 register 
[Huawei-Tunnel0/0/0]nhrp entry 10.1.1.3 37.1.1.1 register 
[Huawei]ospf 1 router-id 1.1.1.1
[Huawei-ospf-1]area 0
[Huawei-ospf-1-area-0.0.0.0]network 192.168.1.1 0.0.0.0
[Huawei-ospf-1-area-0.0.0.0]network 10.1.1.1 0.0.0.0
[Huawei]int t0/0/0
[Huawei-Tunnel0/0/0]ospf network-type broadcast

R2:

[Huawei]int t0/0/0
[Huawei-Tunnel0/0/0]ip ad 10.1.1.2 24
[Huawei-Tunnel0/0/0]tunnel-protocol gre p2mp 
[Huawei-Tunnel0/0/0]source 27.1.1.1
[Huawei-Tunnel0/0/0]nhrp entry multicast dynamic 
[Huawei-Tunnel0/0/0]nhrp network-id 100
[Huawei-Tunnel0/0/0]nhrp entry 10.1.1.1 17.1.1.1
[Huawei-Tunnel0/0/0]nhrp entry 10.1.1.1 17.1.1.1 register 
[Huawei-Tunnel0/0/0]nhrp entry 10.1.1.3 37.1.1.1 register 
[Huawei]ospf 1 router-id 2.2.2.2
[Huawei-ospf-1]area 0
[Huawei-ospf-1-area-0.0.0.0]network 10.1.1.2 0.0.0.0
[Huawei-ospf-1-area-0.0.0.0]network 192.168.2.1 0.0.0.0
[Huawei-Tunnel0/0/0]ospf network-type broadcast

R3:

[Huawei]int t0/0/0
[Huawei-Tunnel0/0/0]ip ad 10.1.1.3 24
[Huawei-Tunnel0/0/0]tunnel-protocol gre p2mp 	
[Huawei-Tunnel0/0/0]source 37.1.1.1
[Huawei-Tunnel0/0/0]nhrp entry multicast dynamic 
[Huawei-Tunnel0/0/0]nhrp network-id 100
[Huawei-Tunnel0/0/0]nhrp entry 10.1.1.1 17.1.1.1 register 
[Huawei-Tunnel0/0/0]nhrp entry 10.1.1.2 27.1.1.1 register 
[Huawei]ospf 1 router-id 3.3.3.3
[Huawei-ospf-1]area 0
[Huawei-ospf-1-area-0.0.0.0]network 10.1.1.3 0.0.0.0
[Huawei-ospf-1-area-0.0.0.0]q
[Huawei-ospf-1]area 1
[Huawei-ospf-1-area-0.0.0.1]network 192.168.3.1 0.0.0.0
[Huawei-ospf-1-area-0.0.0.1]network 192.168.0.1 0.0.0.0
[Huawei-Tunnel0/0/0]ospf network-type broadcast

R4:

[Huawei]ospf 1 router-id 4.4.4.4
[Huawei-ospf-1]area 1
[Huawei-ospf-1-area-0.0.0.1]network 192.168.0.0 0.0.255.255
[Huawei-ospf-1-area-0.0.0.1]q

R5:

[Huawei]ospf 2
[Huawei-ospf-2]area 2
[Huawei-ospf-2-area-0.0.0.2]network 192.168.0.9 0.0.0.0
[Huawei-ospf-1-area-0.0.0.2]network 192.168.0.9 0.0.0.0
[Huawei-ospf-2-area-0.0.0.2]q
[Huawei-ospf-2]q
[Huawei]os	
[Huawei]ospf 1	
[Huawei]ospf 1
[Huawei-ospf-1]ar	
[Huawei-ospf-1]arp-ping
[Huawei-ospf-1]im	
[Huawei-ospf-1]import-route oa	
[Huawei-ospf-1]import-route os	
[Huawei-ospf-1]import-route ospf 2
[Huawei-ospf-1]q
[Huawei]os	
[Huawei]ospf 2
[Huawei-ospf-2]im	
[Huawei-ospf-2]import-route os	
[Huawei-ospf-2]import-route ospf 1

R6:

[Huawei]ospf 1 router-id 6.6.6.6
[Huawei-ospf-1]area 2
[Huawei-ospf-1-area-0.0.0.2]network 192.168.0.0 0.0.255.255

R4-6可以正常访问R7环回

只需在R4-6的OSPF中配置default-route-advertise

R1tenet R3公有ip，实际登录到R6

R3:


[Huawei]acl 2000
[Huawei-acl-basic-2000]rule  permit source 192.168.0.0 0.0.255.255
[Huawei-acl-basic-2000]q
[Huawei]int g0/0/0
[Huawei-GigabitEthernet0/0/0]na outbound  2000
[Huawei-GigabitEthernet0/0/0]nat server  protocol tcp global current-interface 23 inside 192.168.6.1 23
Are you sure to continue?[Y/N]:y
[Huawei-GigabitEthernet0/0/0]

R6:

[Huawei-aaa]local-user haha privilege level 15 password cipher 123456
Info: Add a new user.
[Huawei-aaa]local-user haha service-type telnet
[Huawei-aaa]q
[Huawei]user-interface vty  0 4
[Huawei-ui-vty0-4]authentication-mode aaa
[Huawei-ui-vty0-4]