网络实验-GRE
实验目的
了解隧道协议GRE配置
实验拓扑
路由器之间配置OSPF, 在两端路由器配置GRE, 实现两端PC互通。
配置内容
只列出左侧的配置,右侧配置类似。
- OSPF路由
#
interface GigabitEthernet0/0/0ip address 192.168.55.254 255.255.255.0 # 应用策略路由traffic-policy p1 inbound
#
interface GigabitEthernet0/0/1ip address 10.10.10.10 255.255.255.0
# OSPF只通告外网接口,否则策略路由不起作用
ospf 1 router-id 1.1.1.1 area 0.0.0.0 network 10.10.10.0 0.0.0.255
- GRE隧道配置:
interface Tunnel0/0/0ip address 10.0.0.1 255.255.255.0 tunnel-protocol gresource 10.10.10.10destination 30.30.30.40
- 策略路由配置
#
acl number 3000 rule 10 permit ip source 192.168.55.0 0.0.0.255 destination 192.168.8.0 0.0.0.2
55
#
traffic classifier c1 operator orif-match acl 3000
#
traffic behavior b1redirect ip-nexthop 10.0.0.2
#
traffic policy p1classifier c1 behavior b1
效果为将匹配源为内网网段和目的为对端内网网段的报文,在AR1上路由的过程修改下一跳为10.0.0.2。参考路由表走tunnel 0/0/0。
<R1>display ip routing-table
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: PublicDestinations : 15 Routes : 15 Destination/Mask Proto Pre Cost Flags NextHop Interface10.0.0.0/24 Direct 0 0 D 10.0.0.1 Tunnel0/0/010.0.0.1/32 Direct 0 0 D 127.0.0.1 Tunnel0/0/010.0.0.255/32 Direct 0 0 D 127.0.0.1 Tunnel0/0/010.10.10.0/24 Direct 0 0 D 10.10.10.10 GigabitEthernet
0/0/110.10.10.10/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/110.10.10.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/120.20.20.0/24 OSPF 10 2 D 10.10.10.20 GigabitEthernet
0/0/130.30.30.0/24 OSPF 10 3 D 10.10.10.20 GigabitEthernet
0/0/1127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
127.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0192.168.55.0/24 Direct 0 0 D 192.168.55.254 GigabitEthernet
0/0/0192.168.55.254/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0192.168.55.255/32 Direct 0 0 D 127.0.0.1 GigabitEthernet
0/0/0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
抓包验证
开启抓包后,ping测试。
上面的两个框就是封装后的报文源目的IP和封装前的报文源目的IP。