Summary of commonality:
- The interfaces (physical ports, sub-interfaces, and dialer ports) of each area [home, campus, site] going out to the external network [ISP] are not put into OSPF;
- The interfaces (physical interfaces, sub-interfaces, and Virtual-Template interfaces) connected to each area and Server1 [home, campus, site, Server1] in the central backbone network [ISP] can be put into OSPF.
- [Family, Campus] NAT is required to access the external network, the interface connected to the central backbone network [ISP] and [Home, Campus] needs to be silent, and the vlanif virtual gateway interface of the three-layer switch vrrp needs to be silent, as the border does not send hello packets . The order of OSPF and silent instructions does not matter.
- Home users need to use dial-up to connect to the network, so OSPF is not required. The GRE tunnel between Site 3, Site 2, and Site 1 must run OSPF.
Area 1: ISP
Topic requirements:
1. In the ISP area, each router needs to specify a loopback port address. All devices are interconnected using the /30 network segment. The server1 server area has 10 servers, which are divided using the 10.1.1.0/24 network segment. LSW1 is an OLT that connects Home 1, Home 2, and Site 3.
2. Home users need to use dial-up to connect to the network, and properly set the outer VLAN100 tag on LSW1, so that dial-up can reach the MSE router through QINQ. The MSE dynamically issues an IP address to the home router. The network segment of the IP address is 11.1.1.0/24. The home 1 router uses DHCP to assign IP addresses to terminals. Family 2 is interconnected using a static IP address.
3. The campus network contains 20 VLAN users, among which PC4 belongs to VLAN100, PC5 belongs to VLAN200, and LSW3 and LSW4 are Layer 3 switches to realize traffic load sharing. The AR5 and MSE-2 are interconnected through a leased line, and the IP network segment is 12.1.1.0/30. The intranet network segment can be selected by yourself.
4. Parts of sites 1, 2, and 3 are interconnected. Site 3 is connected to ISP's LSW1 with a static IP address of 13.1.1.0/30. Site 2 is connected to the PON network. The PON network uses VLAN 100 to transparently transmit the site 2 link, and the static IP address is 13.1.1.4/30. Site 1 is connected to the ISP using a leased line, with a static IP address of 13.1.1.8/30. Site 123 needs to implement intranet communication. There are 6 departments in total. PC6-PC11 belong to the corresponding departments respectively. The required addresses are as follows: 25, 27, 37, 22, 15, and 7. The internal network uses 192.168.1.0/24 for division. Sites 123 may communicate with each other.
Ideas:
- The number of server1 is 10: 2^4=16, 32-4=28, 10.1.1.0/28
- Other interconnections within the ISP only need 2 addresses, using the /30 network segment. The five Internet segments are: 10.1.1.16/30, 10.1.1.20/30, 10.1.1.24/30, 10.1.1.28/30, 10.1.1.32/30.
- The interconnection between MSE-1 and R4 in site 3 uses 13.1.1.0/30, the interconnection between MSE-2 and campus AR5 uses 12.1.1.0/30, the interconnection between MSE-2 and R5 in site 2 uses 13.1.1.4/30, MSE The interconnection between -2 and R6 in site 1 uses 13.1.1.8/30.
- Loopback port, OSPF, flexible QINQ, PPPOE are used.
CR1
#
sysname CR1
#
undo info-center enable
#
interface LoopBack0
ip address 1.1.1.1 255.255.255.255
#
interface GigabitEthernet0/0/0
ip address 10.1.1.17 255.255.255.252
#
interface GigabitEthernet0/0/1
ip address 10.1.1.21 255.255.255.252
#
interface GigabitEthernet0/0/2
ip address 10.1.1.25 255.255.255.252
#
interface GigabitEthernet0/0/3
ip address 10.1.1.1 255.255.255.240
#
ospf 1 router-id 1.1.1.1
area 0.0.0.0
network 1.1.1.1 0.0.0.0
network 10.1.1.17 0.0.0.0
network 10.1.1.21 0.0.0.0
network 10.1.1.25 0.0.0.0
network 10.1.1.1 0.0.0.0
#
#该接口不再发送hello报文,定义到Server1的OSPF边界
ospf 1
silent-interface GigabitEthernet 0/0/3
#
CR2
#
sysname CR2
#
undo info-center enable
#
interface LoopBack0
ip address 2.2.2.2 255.255.255.255
#
interface GigabitEthernet0/0/0
ip address 10.1.1.18 255.255.255.252
#
interface GigabitEthernet0/0/1
ip address 10.1.1.29 255.255.255.252
#
interface GigabitEthernet0/0/2
ip address 10.1.1.33 255.255.255.252
#
ospf 1 router-id 2.2.2.2
area 0.0.0.0
network 2.2.2.2 0.0.0.0
network 10.1.1.18 0.0.0.0
network 10.1.1.29 0.0.0.0
network 10.1.1.33 0.0.0.0
#
MSE-1
#
sysname MSE-1
#
undo info-center enable
#
interface LoopBack0
ip address 3.3.3.3 255.255.255.255
#
interface GigabitEthernet0/0/0
ip address 10.1.1.22 255.255.255.252
#
interface GigabitEthernet0/0/1
ip address 10.1.1.30 255.255.255.252
#
#以下4步是为家庭用户拨号入网的PPPOE-SERVER配置
#家庭用户的拨号使用灵活的QINQ方式到达MSE路由器
#
interface Virtual-Template1
ip address 11.1.1.1 255.255.255.0
ppp authentication-mode chap
remote address pool pppoe
#
ip pool pppoe
network 11.1.1.0 mask 255.255.255.0
#
aaa
local-user 123 password cipher password
local-user 123 service-type ppp
local-user 456 password cipher password
local-user 456 service-type ppp
#
interface GigabitEthernet0/0/2.100
pppoe-server bind Virtual-Template 1
qinq termination pe-vid 100 ce-vid 41
arp broadcast enable
#
#以下1步是与站点3的连接,子接口与trunk接口的方式
#
interface GigabitEthernet0/0/2.200
dot1q termination vid 200
ip address 13.1.1.1 255.255.255.252
arp broadcast enable
#
ospf 1 router-id 3.3.3.3
area 0.0.0.0
network 3.3.3.3 0.0.0.0
network 10.1.1.22 0.0.0.0
network 10.1.1.30 0.0.0.0
network 11.1.1.1 0.0.0.0
network 13.1.1.1 0.0.0.0
#
#该接口不再发送hello报文,定义到家庭区域OSPF的边界
ospf 1
silent-interface Virtual-Template1
#
MSE-2
#
sysname MSE-2
#
undo info-center enable
#
interface LoopBack0
ip address 4.4.4.4 255.255.255.255
#
interface GigabitEthernet0/0/0
ip address 10.1.1.26 255.255.255.252
#
interface GigabitEthernet0/0/1
ip address 10.1.1.34 255.255.255.252
#
#与园区网的互联
#
interface GigabitEthernet0/0/2
ip address 12.1.1.1 255.255.255.252
#
#与PON-站点2的互联
##MSE-2的物理口对LSW7的access接口
interface GigabitEthernet2/0/0
ip address 13.1.1.5 255.255.255.252
#
#与站点1的互联
#
interface GigabitEthernet3/0/0
ip address 13.1.1.9 255.255.255.252
#
interface GigabitEthernet4/0/0
#
interface NULL0
#
ospf 1 router-id 4.4.4.4
area 0.0.0.0
network 4.4.4.4 0.0.0.0
network 10.1.1.26 0.0.0.0
network 10.1.1.34 0.0.0.0
network 12.1.1.1 0.0.0.0
network 13.1.1.5 0.0.0.0
network 13.1.1.9 0.0.0.0
#
#该接口不再发送hello报文,定义到园区OSPF的边界
ospf 1
silent-interface GigabitEthernet 0/0/2
#
LSW1
#
sysname SW1
#
undo info-center enable
#
vlan batch 100 200
#
#与MSE-1的连接,子接口与trunk接口的方式
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 100 200
#
#灵活的qinq
#以下2步是家庭用户的拨号使用QINQ的方式到达MSE路由器
#
interface GigabitEthernet0/0/2
qinq vlan-translation enable
port vlan-stacking vlan 41 stack-vlan 100
port hybrid untagged vlan 100
#
interface GigabitEthernet0/0/3
qinq vlan-translation enable
port hybrid untagged vlan 100
port vlan-stacking vlan 41 stack-vlan 100
#
#与站点3的连接,物理口与access接口的方式
#
interface GigabitEthernet0/0/4
port link-type access
port default vlan 200
#
Server1
Network segment: 10.1.1.0/28
Can connect to CR1-g0/0/3: 10.1.1.1
Zone 2: Family Zone
Topic requirements:
2. Home users need to use dial-up to connect to the network, and properly set the outer VLAN100 tag on LSW1, so that dial-up can reach the MSE router through QINQ. The MSE dynamically issues an IP address to the home router. The network segment of the IP address is 11.1.1.0/24. The home 1 router uses DHCP to assign IP addresses to terminals. Family 2 is interconnected using a static IP address.
Ideas:
- The two custom home areas both use the private network segment 192.168.1.0/24, and VLAN 41 is used in the area.
- Home 1 uses DHCP, and home area uses PPPOE and NAT.
- PC1 and PC2 use the same network segment. You only need to create an address pool on AR1 and associate the address pool with physical port g0/0/1. No configuration is required on LSW2.
family 1
LSW2
Do not modify.
AR1
#
sysname AR1
#
undo info-center enable
#
#以下3步是DHCP配置
#
dhcp enable
#
ip pool 1
network 192.168.1.0 mask 255.255.255.0
gateway-list 192.168.1.1
#
#物理口对华为默认的Hybrid(特殊的access)
interface GigabitEthernet0/0/1
ip address 192.168.1.1 255.255.255.0
dhcp select global
#
#以下4步是用户拨号PPPOE-CLIENT的配置
#在拨号路由器上面创建拨号接口、定义封装的协议是ppp
#定义客户端发起连接所使用的认证方式为CHAP,并且携带用户名和密码进行认证
#定义IP地址获取的方式为PPP协商获得
#创建自身的拨号名字以及定义拨号组信息
#将dialer接口可以当作NAT的出口和路由的逃出接口
#
interface Dialer1
link-protocol ppp
ppp chap user 123
ppp chap password cipher password
ip address ppp-negotiate
dialer user 321312
dialer bundle 100
nat outbound 2000
#
#关联拨号接口到以太网接口,家庭用户的拨号使用灵活QINQ的方式到达MSE路由器,所以用子接口带上标签
interface GigabitEthernet0/0/0.41
pppoe-client dial-bundle-number 100
dot1q termination vid 41
arp broadcast enable
#
acl number 2000
rule 5 permit source 192.168.1.0 0.0.0.255
#
ip route-static 0.0.0.0 0.0.0.0 Dialer1
#
PC1
The DHCP is successful, and the gateway (AR1-g0/0/1: 192.168.1.1) can be pinged.
PC2
The DHCP is successful, and the gateway (AR1-g0/0/1: 192.168.1.1) can be pinged.
family 2
AR2
#
sysname AR2
#
undo info-center enable
#
interface GigabitEthernet0/0/1
ip address 192.168.1.1 255.255.255.0
#
#以下4步是用户拨号PPPOE-CLIENT的配置
#
interface Dialer1
link-protocol ppp
ppp chap user 456
ppp chap password cipher password
ip address ppp-negotiate
dialer user 321312
dialer bundle 100
nat outbound 2000
#
interface GigabitEthernet0/0/0.41
pppoe-client dial-bundle-number 100
dot1q termination vid 41
arp broadcast enable
#
acl number 2000
rule 5 permit source 192.168.1.0 0.0.0.255
#
ip route-static 0.0.0.0 0.0.0.0 Dialer1
#
PC3
The gateway (AR2-g0/0/1: 192.168.1.1) can be pinged successfully.
Area 3: Campus Network
Topic requirements:
3. The campus network contains 20 VLAN users, among which PC4 belongs to VLAN100, PC5 belongs to VLAN200, and LSW3 and LSW4 are Layer 3 switches to realize traffic load sharing. The AR5 and MSE-2 are interconnected through a leased line, and the IP network segment is 12.1.1.0/30. The intranet network segment can be selected by yourself.
Ideas:
- PC4 and PC5 are customized to use private network segments 192.168.1.0/24 and 192.168.2.0/24 respectively, which are VLAN 100 and VLAN 200 respectively.
- Layer 3 switch LSW3 is connected to AR5 using 35.1.1.0/24, Layer 3 switch LSW4 is connected to AR5 using 45.1.1.0/24, and MSE-2 is connected to campus AR5 using 12.1.1.0/30.
- This area uses gateway redundancy (VRRP), layer 3 switch (vlanif interface), OSPF and dynamic notification of default routes, and NAT.
LSW5
#
sysname SW5
#
undo info-center enable
#
vlan batch 100 200
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 100 200
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 100 200
#
interface GigabitEthernet0/0/3
port link-type access
port default vlan 100
#
interface GigabitEthernet0/0/4
port link-type access
port default vlan 200
#
LSW3
#
sysname SW3
#
undo info-center enable
#
vlan batch 35 100 200
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 100 200
#
#VRRP配置
#PC4的VLAN100优先走左侧的LSW3
interface Vlanif100
ip address 192.168.1.2 255.255.255.0
vrrp vrid 1 virtual-ip 192.168.1.1
vrrp vrid 1 priority 150
#
interface Vlanif200
ip address 192.168.2.2 255.255.255.0
vrrp vrid 2 virtual-ip 192.168.2.1
#
#三层交换机配地址,使用vlan 35与同层路由器物理口互联,与路由器起OSPF动态路由
interface Vlanif35
ip address 35.1.1.3 255.255.255.0
#
interface GigabitEthernet0/0/1
port link-type access
port default vlan 35
#
ospf 1 router-id 3.3.3.3
silent-interface Vlanif100
silent-interface Vlanif200
area 0.0.0.0
network 35.1.1.3 0.0.0.0
network 192.168.1.0 0.0.0.255
network 192.168.2.0 0.0.0.255
#
LSW4
#
sysname SW4
#
undo info-center enable
#
vlan batch 45 100 200
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 100 200
#
#VRRP配置
#
interface Vlanif100
ip address 192.168.1.3 255.255.255.0
vrrp vrid 1 virtual-ip 192.168.1.1
#
#PC5的VLAN200优先走左侧的LSW4
interface Vlanif200
ip address 192.168.2.3 255.255.255.0
vrrp vrid 2 virtual-ip 192.168.2.1
vrrp vrid 2 priority 150
#
#三层交换机配地址,使用vlan 45与同层路由器子接口互联,与路由器起OSPF动态路由
interface Vlanif45
ip address 45.1.1.4 255.255.255.0
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 45
#
ospf 1 router-id 4.4.4.4
area 0.0.0.0
network 45.1.1.4 0.0.0.0
network 192.168.1.0 0.0.0.255
network 192.168.2.0 0.0.0.255
#
view vrrp information
display vrrp interface vlan 100
display vrrp interface vlan 200
AR5
#
sysname AR5
#
undo info-center enable
#
#物理口对LSW3的access接口
interface GigabitEthernet0/0/1
ip address 35.1.1.5 255.255.255.0
#
#字接口对LSW4的trunk接口
interface GigabitEthernet0/0/2.45
dot1q termination vid 45
ip address 45.1.1.5 255.255.255.0
arp broadcast enable
#
acl number 2000
rule permit source any
#
interface GigabitEthernet0/0/0
ip address 12.1.1.2 255.255.255.252
nat outbound 2000
#
ip route-static 0.0.0.0 0.0.0.0 GigabitEthernet0/0/0 12.1.1.1
#
#OSPF动态通告缺省路由,在网关路由器AR5通告进外网路由器MSE-2的缺省路由(内网的其他三层设备都可同步该路由)
#AR5出外网的g0/0/0不放进OSPF中
ospf 1 router-id 5.5.5.5
default-route-advertise
area 0.0.0.0
network 35.1.1.5 0.0.0.0
network 45.1.1.5 0.0.0.0
#
PC4
It can be connected to the virtual gateway.
PC5
It can be connected to the virtual gateway.
Area Four: Site
Topic requirements:
4. Parts of sites 1, 2, and 3 are interconnected. Site 3 is connected to ISP's LSW1 with a static IP address of 13.1.1.0/30. Site 2 is connected to the PON network. The PON network uses VLAN 100 to transparently transmit the site 2 link, and the static IP address is 13.1.1.4/30. Site 1 is connected to the ISP using a leased line, with a static IP address of 13.1.1.8/30. Site 123 needs to implement intranet communication. There are 6 departments in total. PC6-PC11 belong to the corresponding departments respectively. The required addresses are as follows: 25, 27, 37, 22, 15, and 7. The internal network uses 192.168.1.0/24 for division. Sites 123 may communicate with each other.
Ideas:
- According to the number of PC6-PC11, the descending order is: 37, 27, 25, 22, 15, 7. The network uses 192.168.1.0/24 to divide the network segment, and the VLAN can be customized. Right now:
- PC6: 25 sets, 192.168.1.96/27, 255.255.255.224, VLAN10;
- PC7: 27 sets, 192.168.1.64/27, 255.255.255.224, VLAN20;
- PC8: 37 units: 192.168.1.0/26, 255.255.255.192, VLAN30;
- PC9: 22 sets, 192.168.1.128/27, 255.255.255.224, VLAN40;
- PC10: 15 sets, 192.168.1.160/27, 255.255.255.224, VLAN50;
- PC11: 7 sets, 192.168.1.192/28, 255.255.255.240, VLAN60.
- The interconnection between MSE-1 and R4 in site 3 uses 13.1.1.0/30, the interconnection between MSE-2 and R5 in site 2 uses 13.1.1.4/30, and the interconnection between MSE-2 and R6 in site 1 uses 13.1.1.8/30 .
- Site 2 is connected to the PON network. The PON network uses VLAN 100 to transparently transmit the site 2 link, and the static IP address is 13.1.1.4/30.
- Site 123 uses VPN to communicate with each other, and the VPN (GRE tunnel) interconnection continues to be divided on the PC6-PC11 network segment:
- R4-R5:192.168.1.208/30;
- R4-R6:192.168.1.212/30;
- R5-R6:192.168.1.216/30;
- Both subnet masks are: 255.255.255.252.
- This area uses port aggregation, OSPF, VPN (GRE tunnel), and static routing.
site 1
LSW11
#
sysname SW11
#
undo info-center enable
#
vlan batch 40 50
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 40 50
#
interface GigabitEthernet0/0/2
port link-type access
port default vlan 40
#
interface GigabitEthernet0/0/3
port link-type access
port default vlan 50
#
LSW12
#
sysname SW12
#
undo info-center enable
#
vlan batch 60
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 60
#
interface GigabitEthernet0/0/2
port link-type access
port default vlan 60
#
LSW10
#
sysname SW10
#
undo info-center enable
#
vlan batch 40 50 60
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 40 50 60
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 40 50
#
interface GigabitEthernet0/0/3
port link-type trunk
port trunk allow-pass vlan 60
#
R6
#
sysname R6
#
undo info-center enable
#
interface GigabitEthernet0/0/0.40
dot1q termination vid 40
ip address 192.168.1.129 255.255.255.224
arp broadcast enable
#
interface GigabitEthernet0/0/0.50
dot1q termination vid 50
ip address 192.168.1.161 255.255.255.224
arp broadcast enable
#
interface GigabitEthernet0/0/0.60
dot1q termination vid 60
ip address 192.168.1.193 255.255.255.240
arp broadcast enable
#
#和MSE-2的互联
#
interface GigabitEthernet0/0/1
ip address 13.1.1.10 255.255.255.252
#
#以下4步完成与站点3(R4)、站点2(R5)的VPN(GRE隧道)配置
#source和destination为物理口,ip address为GRE逻辑互联口
interface Tunnel0/0/0
tunnel-protocol gre
source 13.1.1.10
destination 13.1.1.2
ip address 192.168.1.214 255.255.255.252
#
interface Tunnel0/0/1
tunnel-protocol gre
source 13.1.1.10
destination 13.1.1.6
ip address 192.168.1.217 255.255.255.252
#
#R6出外网的g0/0/1不放进OSPF中
ospf 1 router-id 6.6.6.6
area 0.0.0.0
network 192.168.1.129 0.0.0.0
network 192.168.1.161 0.0.0.0
network 192.168.1.193 0.0.0.0
network 192.168.1.214 0.0.0.0
network 192.168.1.217 0.0.0.0
#
#目的网段为GRE另一端出站的物理互联网段,下一跳为本端出站的物理互联
ip route-static 13.1.1.0 255.255.255.252 GigabitEthernet0/0/1 13.1.1.9
ip route-static 13.1.1.4 255.255.255.252 GigabitEthernet0/0/1 13.1.1.9
#
PC9
192.168.1.128/27,255.255.255.224
PC10
192.168.1.160/27,255.255.255.224
PC11
192.168.1.192/28,255.255.255.240
site 2
R5
#
sysname R5
#
undo info-center enable
#
#R5的物理口对LSW8的access接口
interface GigabitEthernet0/0/0
ip address 13.1.1.6 255.255.255.252
#
interface GigabitEthernet0/0/1
ip address 192.168.1.1 255.255.255.192
#
#以下4步完成与站点3(R4)、站点1(R6)的VPN(GRE隧道)配置
#source和destination为物理口,ip address为GRE逻辑互联口
interface Tunnel0/0/0
tunnel-protocol gre
source 13.1.1.6
destination 13.1.1.2
ip address 192.168.1.210 255.255.255.252
#
interface Tunnel0/0/1
tunnel-protocol gre
source 13.1.1.6
destination 13.1.1.10
ip address 192.168.1.218 255.255.255.252
#
#R5出外网的g0/0/0不放进OSPF中
ospf 1 router-id 5.5.5.5
area 0.0.0.0
network 192.168.1.1 0.0.0.0
network 192.168.1.210 0.0.0.0
network 192.168.1.218 0.0.0.0
#
#目的网段为GRE另一端出站的物理互联网段,下一跳为本端出站的物理互联
ip route-static 13.1.1.0 255.255.255.252 GigabitEthernet0/0/0 13.1.1.5
ip route-static 13.1.1.8 255.255.255.252 GigabitEthernet0/0/0 13.1.1.5
#
LSW8
#
sysname SW8
#
undo info-center enable
#
vlan batch 100
#
interface Eth-Trunk1
port link-type trunk
port trunk allow-pass vlan 100
#
interface GigabitEthernet0/0/1
eth-trunk 1
#
interface GigabitEthernet0/0/2
eth-trunk 1
#
#R5的物理口对LSW8的access接口
interface GigabitEthernet0/0/3
port link-type access
port default vlan 100
#
LSW7
#
sysname SW7
#
undo info-center enable
#
vlan batch 100
#
interface Eth-Trunk1
port link-type trunk
port trunk allow-pass vlan 100
#
interface GigabitEthernet0/0/1
eth-trunk 1
#
interface GigabitEthernet0/0/2
eth-trunk 1
#
#MSE-2的物理口对LSW7的access接口
interface GigabitEthernet0/0/3
port link-type access
port default vlan 100
#
PC8
192.168.1.0/26,255.255.255.192
site 3
LSW9
#
sysname SW9
#
undo info-center enable
#
vlan batch 10 20
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10 20
#
interface GigabitEthernet0/0/2
port link-type access
port default vlan 10
#
interface GigabitEthernet0/0/3
port link-type access
port default vlan 20
#
R4
#
sysname R4
#
undo info-center enable
#
#R4的物理口对LSW1的access接口
interface GigabitEthernet0/0/0
ip address 13.1.1.2 255.255.255.252
#
interface GigabitEthernet0/0/1.10
dot1q termination vid 10
ip address 192.168.1.97 255.255.255.224
arp broadcast enable
#
interface GigabitEthernet0/0/1.20
dot1q termination vid 20
ip address 192.168.1.65 255.255.255.224
arp broadcast enable
#
#以下4步完成与站点2(R5)、站点1(R6)的VPN(GRE隧道)配置
#source和destination为物理口,ip address为GRE逻辑互联口
interface Tunnel0/0/0
tunnel-protocol gre
source 13.1.1.2
destination 13.1.1.6
ip address 192.168.1.209 255.255.255.252
#
interface Tunnel0/0/1
tunnel-protocol gre
source 13.1.1.2
destination 13.1.1.10
ip address 192.168.1.213 255.255.255.252
#
#R4出外网的g0/0/0不放进OSPF中
ospf 1 router-id 4.4.4.4
area 0.0.0.0
network 192.168.1.97 0.0.0.0
network 192.168.1.65 0.0.0.0
network 192.168.1.209 0.0.0.0
network 192.168.1.213 0.0.0.0
#
#目的网段为GRE另一端出站的物理互联网段,下一跳为本端出站的物理互联
ip route-static 13.1.1.4 255.255.255.252 GigabitEthernet0/0/0 13.1.1.1
ip route-static 13.1.1.8 255.255.255.252 GigabitEthernet0/0/0 13.1.1.1
#
PC6
192.168.1.96/27,255.255.255.224
PC7
192.168.1.64/27,255.255.255.224
Test that PC9 can communicate with PC8 at site 2 and PC6 at site 3. Realized the intercommunication between 3 sites.