GRE OSPF VLAN实验

GRE VPN实验

通过GRE建立VPN隧道实现A区域和B区域互通。本文未涉及NAT地址转换

GRE_VPN

路由配置

A区域

AR1

1
2
3
4
5
6
7
8
9
sysname AR1
#
interface GigabitEthernet0/0/1
 ip address 23.1.1.1 255.255.255.252 
#
interface GigabitEthernet0/0/2
 ip address 192.168.100.2 255.255.255.252 
#
ip route-static 0.0.0.0 0.0.0.0 23.1.1.2

B区域

AR6

1
2
3
4
5
6
7
8
9
sysname AR6
#
interface GigabitEthernet0/0/1
 ip address 192.168.200.2 255.255.255.252 
#
interface GigabitEthernet0/0/2
 ip address 23.5.5.2 255.255.255.252 
#
ip route-static 0.0.0.0 0.0.0.0 23.5.5.1

运营商区域

AR2

1
2
3
4
5
6
7
sysname AR2
#
interface GigabitEthernet0/0/1
 ip address 23.2.2.1 255.255.255.252 
#
interface GigabitEthernet0/0/2
 ip address 23.1.1.2 255.255.255.252

AR3

1
2
3
4
5
6
7
sysname AR3
#
interface GigabitEthernet0/0/1
 ip address 23.3.3.1 255.255.255.252 
#
interface GigabitEthernet0/0/2
 ip address 23.2.2.2 255.255.255.252

AR5

1
2
3
4
5
6
7
sysname AR5
#
interface GigabitEthernet0/0/1
 ip address 23.5.5.1 255.255.255.252 
#
interface GigabitEthernet0/0/2
 ip address 23.3.3.2 255.255.255.252

VLAN

A区域

SW1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
sysname SW1
#
vlan batch 10 20 100
#
interface Vlanif10
 ip address 192.168.10.1 255.255.255.0
#
interface Vlanif20
 ip address 192.168.20.1 255.255.255.0
#
interface Vlanif100
 ip address 192.168.100.1 255.255.255.252
#
interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk pvid vlan 100
 port trunk allow-pass vlan 10 20 100
#
interface GigabitEthernet0/0/2
 port link-type trunk
 port trunk allow-pass vlan 10 20
#
interface GigabitEthernet0/0/3
 port link-type trunk
 port trunk allow-pass vlan 10 20

SW2

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
sysname SW2
#
vlan batch 10 20
#
interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 10 20
#
interface GigabitEthernet0/0/10
 port link-type access
 port default vlan 10
#
interface GigabitEthernet0/0/20
 port link-type access
 port default vlan 20

SW3

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
sysname SW3
#
vlan batch 10 20
#
interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 10 20
#
interface GigabitEthernet0/0/10
 port link-type access
 port default vlan 10
#
interface GigabitEthernet0/0/20
 port link-type access
 port default vlan 20

B区域

SW5

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
sysname SW5
#
vlan batch 50 60 200
#
interface Vlanif50
 ip address 192.168.50.1 255.255.255.0
 dhcp select global
#
interface Vlanif60
 ip address 192.168.60.1 255.255.255.0
 dhcp select global
#
interface Vlanif200
 ip address 192.168.200.1 255.255.255.252
#
interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk pvid vlan 200
 port trunk allow-pass vlan 50 60 200
#
interface GigabitEthernet0/0/2
 port link-type trunk
 port trunk allow-pass vlan 50 60
#
interface GigabitEthernet0/0/3
 port link-type trunk
 port trunk allow-pass vlan 50 60

SW6

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
sysname SW6
#
vlan batch 50 60
#
interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 50 60
#
interface GigabitEthernet0/0/10
 port link-type access
 port default vlan 50
#
interface GigabitEthernet0/0/20
 port link-type access
 port default vlan 60

SW7

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
sysname SW7
#
vlan batch 50 60
#
interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 50 60
#
interface GigabitEthernet0/0/10
 port link-type access
 port default vlan 50
#
interface GigabitEthernet0/0/20
 port link-type access
 port default vlan 60

DHCP

DHCP服务启在SW1

创建地址池

A区域
1
2
3
4
5
6
7
8
9
10
11
dhcp enable 
#
ip pool vlan10
 gateway-list 192.168.10.1
 network 192.168.10.0 mask 255.255.255.0
 dns-list 192.168.10.1
#
ip pool vlan20
 gateway-list 192.168.20.1
 network 192.168.20.0 mask 255.255.255.0
 dns-list 192.168.20.1
B区域
1
2
3
4
5
6
7
8
9
10
11
dhcp enable
#
ip pool vlan50
 gateway-list 192.168.50.1
 network 192.168.50.0 mask 255.255.255.0
 dns-list 192.168.50.1
#
ip pool vlan60
 gateway-list 192.168.60.1
 network 192.168.60.0 mask 255.255.255.0
 dns-list 192.168.60.1

应用地址池

A区域
1
2
3
4
5
6
#
interface Vlanif10
 dhcp select global
#
interface Vlanif20
 dhcp select global
B区域
1
2
3
4
5
6
#
interface Vlanif50
 dhcp select global
#
interface Vlanif60
 dhcp select global

GRE

AR1

1
2
3
4
5
interface Tunnel0/0/1
 ip address 192.168.150.1 255.255.255.252 
 tunnel-protocol gre
 source 23.1.1.1
 destination 23.5.5.2

AR6

1
2
3
4
5
interface Tunnel0/0/1
 ip address 192.168.150.2 255.255.255.252 
 tunnel-protocol gre
 source 23.5.5.2
 destination 23.1.1.1

OSPF

A区域

AR1

1
2
3
4
ospf 1 
 area 0.0.0.1 
  network 192.168.100.2 0.0.0.0 
  network 192.168.150.1 0.0.0.0

SW1

1
2
3
4
5
ospf 1
 area 0.0.0.1
  network 192.168.10.0 0.0.0.255
  network 192.168.20.0 0.0.0.255
  network 192.168.100.1 0.0.0.0

B区域

1
2
3
4
ospf 1 
 area 0.0.0.1 
  network 192.168.150.2 0.0.0.0 
  network 192.168.200.2 0.0.0.0
1
2
3
4
5
ospf 1
 area 0.0.0.1
  network 192.168.60.0 0.0.0.255
  network 192.168.50.0 0.0.0.255
  network 192.168.200.1 0.0.0.0

运营商区域

AR2

1
2
3
ospf 23 router-id 23.23.23.1 
 area 0.0.0.23 
  network 0.0.0.0 255.255.255.255

AR3

1
2
3
ospf 23 router-id 23.23.23.2 
 area 0.0.0.23 
  network 0.0.0.0 255.255.255.255

AR5

1
2
3
ospf 23 router-id 23.23.23.3 
 area 0.0.0.23 
  network 0.0.0.0 255.255.255.255

验证连通性

PC1到PC5

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
PC>ping 192.168.50.254

Ping 192.168.50.254: 32 data bytes, Press Ctrl_C to break
Request timeout!
From 192.168.50.254: bytes=32 seq=2 ttl=124 time=141 ms
From 192.168.50.254: bytes=32 seq=3 ttl=124 time=140 ms
From 192.168.50.254: bytes=32 seq=4 ttl=124 time=109 ms
From 192.168.50.254: bytes=32 seq=5 ttl=124 time=125 ms

--- 192.168.50.254 ping statistics ---
  5 packet(s) transmitted
  4 packet(s) received
  20.00% packet loss
  round-trip min/avg/max = 0/128/141 ms

PC>tracert 192.168.50.254

traceroute to 192.168.50.254, 8 hops max
(ICMP), press Ctrl+C to stop
 1  192.168.10.1   31 ms  47 ms  63 ms
 2  192.168.100.2   62 ms  47 ms  78 ms
 3  192.168.150.2   78 ms  110 ms  93 ms
 4  192.168.200.1   94 ms  94 ms  78 ms
 5  192.168.50.254   156 ms  125 ms  157 ms

完整配置

A区域

AR1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
sysname AR1
#
interface GigabitEthernet0/0/1
 ip address 23.1.1.1 255.255.255.252 
#
interface GigabitEthernet0/0/2
 ip address 192.168.100.2 255.255.255.252 
#
interface Tunnel0/0/1
 ip address 192.168.150.1 255.255.255.252 
 tunnel-protocol gre
 source 23.1.1.1
 destination 23.5.5.2
#
ospf 1 
 area 0.0.0.1 
  network 192.168.100.2 0.0.0.0 
  network 192.168.150.1 0.0.0.0 
#
ip route-static 0.0.0.0 0.0.0.0 23.1.1.2

SW1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
sysname SW1
#
undo info-center enable
#
vlan batch 10 20 100
#
ip pool vlan10
 gateway-list 192.168.10.1
 network 192.168.10.0 mask 255.255.255.0
 dns-list 192.168.10.1
#
ip pool vlan20
 gateway-list 192.168.20.1
 network 192.168.20.0 mask 255.255.255.0
 dns-list 192.168.20.1
#
dhcp enable
#
interface Vlanif10
 ip address 192.168.10.1 255.255.255.0
 dhcp select global
#
interface Vlanif20
 ip address 192.168.20.1 255.255.255.0
 dhcp select global
#
interface Vlanif100
 ip address 192.168.100.1 255.255.255.252
#
interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk pvid vlan 100
 port trunk allow-pass vlan 10 20 100
#
interface GigabitEthernet0/0/2
 port link-type trunk
 port trunk allow-pass vlan 10 20
#
interface GigabitEthernet0/0/3
 port link-type trunk
 port trunk allow-pass vlan 10 20
#
ospf 1
 area 0.0.0.1
  network 192.168.10.0 0.0.0.255
  network 192.168.20.0 0.0.0.255
  network 192.168.100.1 0.0.0.0

SW2

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
sysname SW2
#
undo info-center enable
#
vlan batch 10 20
#
interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 10 20
#
interface GigabitEthernet0/0/10
 port link-type access
 port default vlan 10
#
interface GigabitEthernet0/0/20
 port link-type access
 port default vlan 20

SW3

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
sysname SW3
#
vlan batch 10 20
#
interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 10 20
#
interface GigabitEthernet0/0/10
 port link-type access
 port default vlan 10
#
interface GigabitEthernet0/0/20
 port link-type access
 port default vlan 20

B区域

AR6

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
sysname AR6
#
interface GigabitEthernet0/0/1
 ip address 192.168.200.2 255.255.255.252 
#
interface GigabitEthernet0/0/2
 ip address 23.5.5.2 255.255.255.252 
#
interface Tunnel0/0/1
 ip address 192.168.150.2 255.255.255.252 
 tunnel-protocol gre
 source 23.5.5.2
 destination 23.1.1.1
#
ospf 1 
 area 0.0.0.1 
  network 192.168.150.2 0.0.0.0 
  network 192.168.200.2 0.0.0.0 
#
ip route-static 0.0.0.0 0.0.0.0 23.5.5.1

SW5

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
sysname SW5
#
vlan batch 50 60 200
#
dhcp enable
#
ip pool vlan50
 gateway-list 192.168.50.1
 network 192.168.50.0 mask 255.255.255.0
 dns-list 192.168.50.1
#
ip pool vlan60
 gateway-list 192.168.60.1
 network 192.168.60.0 mask 255.255.255.0
 dns-list 192.168.60.1
#
interface Vlanif50
 ip address 192.168.50.1 255.255.255.0
 dhcp select global
#
interface Vlanif60
 ip address 192.168.60.1 255.255.255.0
 dhcp select global
#
interface Vlanif200
 ip address 192.168.200.1 255.255.255.252
#
interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk pvid vlan 200
 port trunk allow-pass vlan 50 60 200
#
interface GigabitEthernet0/0/2
 port link-type trunk
 port trunk allow-pass vlan 50 60
#
interface GigabitEthernet0/0/3
 port link-type trunk
 port trunk allow-pass vlan 50 60
#
ospf 1
 area 0.0.0.1
  network 192.168.60.0 0.0.0.255
  network 192.168.50.0 0.0.0.255
  network 192.168.200.1 0.0.0.0

SW6

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
sysname SW6
#
vlan batch 50 60
#
interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 50 60
#
interface GigabitEthernet0/0/10
 port link-type access
 port default vlan 50
#
interface GigabitEthernet0/0/20
 port link-type access
 port default vlan 60

SW7

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
sysname SW7
#
vlan batch 50 60
#
interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 50 60
#
interface GigabitEthernet0/0/10
 port link-type access
 port default vlan 50
#
interface GigabitEthernet0/0/20
 port link-type access
 port default vlan 60

运营商区域

AR2

1
2
3
4
5
6
7
8
9
10
11
sysname AR2
#
interface GigabitEthernet0/0/1
 ip address 23.2.2.1 255.255.255.252 
#
interface GigabitEthernet0/0/2
 ip address 23.1.1.2 255.255.255.252 
#
ospf 23 router-id 23.23.23.1 
 area 0.0.0.23 
  network 0.0.0.0 255.255.255.255

AR3

1
2
3
4
5
6
7
8
9
10
11
sysname AR3
#
interface GigabitEthernet0/0/1
 ip address 23.3.3.1 255.255.255.252 
#
interface GigabitEthernet0/0/2
 ip address 23.2.2.2 255.255.255.252 
#
ospf 23 router-id 23.23.23.2 
 area 0.0.0.23 
  network 0.0.0.0 255.255.255.255

AR5

1
2
3
4
5
6
7
8
9
10
11
sysname AR5
#
interface GigabitEthernet0/0/1
 ip address 23.5.5.1 255.255.255.252 
#
interface GigabitEthernet0/0/2
 ip address 23.3.3.2 255.255.255.252 
#
ospf 23 router-id 23.23.23.3 
 area 0.0.0.23 
  network 0.0.0.0 255.255.255.255
交换路由 > 华为
#交换路由
GRE OSPF VLAN实验
https://kuan.pages.dev/article/d83960bf.html
作者
IKun
发布于
2023年8月23日
许可协议