要求:
1、r5为isp,只能进行ip地址的配置,其所有ip地址均为共有ip地址
2、r1和r5使用ppp的PAP认证,r5为主认证方
r2和r5之间使用ppp的chap认证,r5为主认证方
r3和r5之间使用HDLC封装
3、r1 r2 r3构建一个MGRE环境,r1为中心站点,r1 r4间为点到点的gre
4、整个私有网络基于rip全网可达
5、所有pc设置私有ip为源ip,可以访问r5环回
做法:
首先分别给路由器及隧道写上ip,如图
个人习惯,r1 r2 r3 r4处接口地址为x.x.x.1 r5处地址为x.x.x.2
现在,给各个路由器配地址:
r1:
Huawei]sys r1
[r1]int g 0/0/0
[r1-GigabitEthernet0/0/0]ip address 192.168.1.1 24
[r1-GigabitEthernet0/0/0]Q
[r1]int s 4/0/0
[r1-Serial4/0/0]ip address 15.0.0.1 24
r2:
[Huawei]sys r2
[r2]int g0/0/0
[r2-GigabitEthernet0/0/0]ip address 192.168.2.1 24
[r2-GigabitEthernet0/0/0]q
[r2]int s 4/0/0
[r2-Serial4/0/0]ip address 25.0.0.1 24
r3:
[Huawei]sys r3
[r3]int g0/0/0
[r3-GigabitEthernet0/0/0]ip address 192.168.3.1 24
[r3-GigabitEthernet0/0/0]q
[r3]int s 4/0/0
[r3-Serial4/0/0]ip address 35.0.0.1 24
r4:
[Huawei]sys r4
[r4]int g0/0/0
[r4-GigabitEthernet0/0/0]ip address 192.168.4.1 24
[r4-GigabitEthernet0/0/0]q
[r4] int g 0/0/1
[r4-GigabitEthernet0/0/1]ip address 45.0.0.1 24
r5:
[Huawei]sys r5
[r5]int g0/0/0
[r5-GigabitEthernet0/0/0]ip address 45.0.0.2 24
[r5-GigabitEthernet0/0/0]q
[r5]int s 4/0/0
[r5-Serial4/0/0]ip address 15.0.0.2 24
[r5-Serial4/0/0]q
[r5]int s 4/0/1
[r5-Serial4/0/1]ip address 25.0.0.2 24
[r5-Serial4/0/1]q
[r5]int s 3/0/0
[r5-Serial3/0/0]ip address 35.0.0.2 24
[r5-LoopBack0]ip add
[r5-LoopBack0]ip address 5.5.5.5 24
随后,配置缺省路由指向公网
r1:
[r1]ip route-static 0.0.0.0 0 15.0.0.2
r2:
[r2]ip route-static 0.0.0.0 0 25.0.0.2
r3:
[r3]ip route-static 0.0.0.0 0 35.0.0.2
r4:
[r4]ip route-static 0.0.0.0 0 45.0.0.2
随后,开启r1 和 r5之间的 ppp的pap 协议
r1:
[r1]int s 4/0/0
[r1-Serial4/0/0]ppp pap local-user huawei1 password cipher 123456
r5:
[r5]aaa
[r5-aaa]local-user huawei1 password cipher 123456
Info: Add a new user.
[r5-aaa]local-user huawei1 service-type ppp
[r5-aaa]int s 4/0/0
[r5-Serial4/0/0]ppp authentication-mode pap
随后,开启r2 和 r5之间的ppp 的chap协议
r2:
[r2]int s 4/0/0
[r2-Serial4/0/0]ppp chap user huawei2
[r2-Serial4/0/0]ppp chap password cipher 1234567
r5:
[r5]aaa
[r5-aaa]local-user huawei2 password cipher 1234567
Info: Add a new user.
[r5-aaa]local-user huawei2 service-type ppp
[r5-aaa]int s 4/0/1
[r5-Serial4/0/1]ppp authentication-mode chap
随后,r3和 r5之间进行 HDLC封装
r3:
[r3]int s 4/0/0
[r3-Serial4/0/0]link-protocol hdlc
r5:
[r5]int s 3/0/0
[r5-Serial3/0/0]link-protocol hdlc
随后,r1 r2 r3 间构造mgre环境,r1为中心
r1:
[r1]int Tunnel 0/0/0
[r1-Tunnel0/0/0]ip address 192.168.5.1 24
[r1-Tunnel0/0/0]tunnel-protocol gre p2mp
[r1-Tunnel0/0/0]source 15.0.0.1
开启shoutcut模式下的重定向
[r1-Tunnel0/0/0]nhrp redirect
在中心开启伪广播功能
[r1-Tunnel0/0/0]nhrp entry multicast dynamic
r2:
[r2]int Tunnel 0/0/0
[r2-Tunnel0/0/0]ip address 192.168.5.2 24
[r2-Tunnel0/0/0]tunnel-protocol gre p2mp
[r2-Tunnel0/0/0]source Serial 4/0/0
[r2-Tunnel0/0/0]nhrp entry 192.168.5.1 15.0.0.1 register
响应shortcut,重定向
[r2-Tunnel0/0/0]nhrp shortcut
r3:
[r3]int Tunnel 0/0/0
[r3-Tunnel0/0/0]ip address 192.168.5.3 24
[r3-Tunnel0/0/0]tunnel-protocol gre p2mp
[r3-Tunnel0/0/0]source Serial 4/0/0
[r3-Tunnel0/0/0]nhrp entry 192.168.5.1 15.0.0.1 register
相应shortcut,开启重定向
[r3-Tunnel0/0/0]nhrp shortcut
随后,配置r1 r4之间的 GRE
r1:
[r1]int Tunnel 0/0/1
[r1-Tunnel0/0/1]ip address 192.168.6.1 24
[r1-Tunnel0/0/1]tunnel-protocol gre
[r1-Tunnel0/0/1]source 15.0.0.1
[r1-Tunnel0/0/1]destination 45.0.0.1
r4:
[r4]int Tunnel 0/0/1
[r4-Tunnel0/0/1]ip address 192.168.6.4 24
[r4-Tunnel0/0/1]tunnel-protocol gre
[r4-Tunnel0/0/1]source 45.0.0.1
[r4-Tunnel0/0/1]destination 15.0.0.1
随后,配置rip,并在边界做nat
r1:
[r1]rip 1
[r1-rip-1]version 2
[r1-rip-1]network 192.168.1.0
[r1-rip-1]network 192.168.5.0
[r1-rip-1]network 192.168.6.0
[r1-rip-1]q
[r1]int Tunnel 0/0/0
[r1-Tunnel0/0/0]rip summary-address 192.168.0.0 255.255.0.0
[r1]acl 2000
[r1-acl-basic-2000]rule permit source 192.168.1.0 0.0.0.255
[r1-acl-basic-2000]q
[r1]int s 4/0/0
[r1-Serial4/0/0]nat outbound 2000
r2:
[r2]rip 1
[r2-rip-1]version 2
[r2-rip-1]network 192.168.2.0
[r2-rip-1]network 192.168.5.0
[r2]acl 2000
[r2-acl-basic-2000]rule permit source 192.168.2.0 0.0.0.255
[r2-acl-basic-2000]int s 4/0/0
[r2-Serial4/0/0]nat outbound 2000
r3:
[r3]rip 1
[r3-rip-1]version 2
[r3-rip-1]network 192.168.3.0
[r3-rip-1]network 192.168.5.0
[r3]acl 2000
[r3-acl-basic-2000]rule permit source 192.168.3.0 0.0.0.255
[r3]int s 4/0/0
[r3-Serial4/0/0]nat outbound 2000
r4:
[r4]rip 1
[r4-rip-1]version 2
[r4-rip-1]network 192.168.4.0
[r4-rip-1]network 192.168.6.0
[r4-rip-1]q
[r4]acl 2000
[r4-acl-basic-2000]rule permit source 192.168.4.0 0.0.0.255
[r4-acl-basic-2000]q
[r4]int g0/0/1
[r4-GigabitEthernet0/0/1]nat outbound 2000
随后,进行最后的测试:
分别给pc1 pc2 pc3 pc4配置ip地址:
pc1:192.168.1.254
pc2:192.168.2.254
pc3:192.168.3.254
pc4:192.168.4.254
至此,实验完成。
)
CPU/内存/磁盘IO/GPU限制与分配教程)
——区间DP)
)
