配置GRE隧道

一、拓扑图:

二、配置及说明:

 

1、配置三台路由器的IP地址。并且在R1和R3配置默认路由,确保广域网链路能够通信:

R1(config-line)#int s1/1

R1(config-if)#no sh

R1(config-if)#ip add 202.101.172.37 255.255.255.252

R1(config-if)#int lo0

R1(config-if)#ip add 172.16.1.1 255.255.255.0

R1(config-if)#ip add 172.16.2.1 255.255.255.0 se

R1(config-if)#exit

R1(config)#ip route 0.0.0.0 0.0.0.0 202.101.172.38 (配置一条默认路由)

 

R3(config-line)#int s1/0

R3(config-if)#no sh

R3(config-if)#ip add 218.108.248.202 255.255.255.252

R3(config-if)#int lo0

R3(config-if)#ip add 192.168.1.1 255.255.255.0

R3(config-if)#ip add 192.168.2.1 255.255.255.0 se

R3(config-if)#exit

R3(config)#ip route 0.0.0.0 0.0.0.0 218.108.248.201

 

2、配置完之后,在R1 能够ping 通R3的WAN口:

R1(config)#do ping 218.108.248.202

 

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 218.108.248.202, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 12/27/64 ms

 

3、由于R2中没有到达私有网络的路由,在R1或R3都不能ping 通各自的回环接口IP:

R1(config)#do ping 192.168.1.1

 

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:

U.U.U

Success rate is 0 percent (0/5)

R1(config)#

 

4、满足条件之后,下面分别在R1和R3上通过GRE隧道技术把路由打通:

R1(config)#interface tunnel 0 (启用GRE隧道)

R1(config-if)#ip add 10.1.1.1 255.255.255.0 (为隧道配置IP地址)

R1(config-if)#tunnel source serial1/1(配置隧道的本地源端口)

R1(config-if)#tunnel destination 218.108.248.202 (配置隧道的目标出口,目的IP的可达性,是通过之前配置的本地默认路由保证的)

 

R3(config)#int tunnel 0

R3(config-if)#ip add 10.1.1.2 255.255.255.0

R3(config-if)#tunnel source  218.108.248.202 (也可以指定隧道本地源IP)

R3(config-if)#tunnel destination 202.101.172.37

 

5、R3配置完之后,马上就出来提示信息:

R3(config-if)#

*Mar  1 01:06:52.095: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0,changed state to up

 

6、在R1上查看一下隧道接口信息:

R1#sh interfaces tunnel0

Tunnel0 is up, line protocol is up  (状态为UP)

  Hardware is Tunnel (基于隧道的接口)

  Internet address is 10.1.1.1/24

  MTU 1514 bytes, BW 9 Kbit, DLY 500000 usec,

     reliability 255/255, txload 1/255, rxload 1/255

  Encapsulation TUNNEL, loopback not set (在原始的数据包上再封装了一个GRE报头)

  Keepalive not set

  Tunnel source 202.101.172.37 (Serial1/1), destination 218.108.248.202

  Tunnel protocol/transport GRE/IP (隧道协议为GRE)

    Key disabled, sequencing disabled

    Checksumming of packets disabled

  Tunnel TTL 255

  ………………

 

7、查看一下R1的路由表:

R1#sh ip route

…………

 

Gateway of last resort is 202.101.172.38 to network 0.0.0.0

 

     202.101.172.0/30 is subnetted, 1 subnets

C       202.101.172.36 is directly connected, Serial1/1

     172.16.0.0/24 is subnetted, 2 subnets

C       172.16.1.0 is directly connected, Loopback0

C       172.16.2.0 is directly connected, Loopback0

     10.0.0.0/24 is subnetted, 1 subnets

C       10.1.1.0 is directly connected, Tunnel0 (显示隧道接口为直连路由)

S*   0.0.0.0/0 [1/0] via 202.101.172.38 (之前配置的默认路由)

 

8、在R1上能够ping 通隧道地址:

R1#ping 10.1.1.2

 

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.1.1.2, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 12/34/68 ms

R1#

 

9、为了使R1和R3的loopback 地址能够通信,我们在R1和R3分别配置静态路由,下一跳指向隧道接口:

R1(config)#ip route 192.168.0.0 255.255.0.0 tunnel 0 (下一跳可以指定隧道接口)

 

R3(config)#ip route 172.16.0.0 255.255.0.0 10.1.1.1  (也可以指定隧道接口对端的IP)

 

 

10、在R1或R3再次ping ,检查是否能ping 通对方私有网络回环接口IP地址:

R1(config)#do ping 192.168.1.1

 

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 8/38/108 ms

R1(config)#do ping 192.168.2.1

 

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 8/36/84 ms

R1(config)#

 

11、当然我们还可以查看一下tunnl 0的统计数据:

R1#sh interface tunnel 0 stats

Tunnel0

          Switching path    Pkts In   Chars In   Pkts Out  Chars Out

               Processor         30       3720         30       3720

             Route cache          0          0          0          0

                   Total         30       3720         30       3720

 

   注意:在配置隧道的时候一定要注意隧道的本地源端口和隧道的目的端口的路由可达性。

文章出处:http://supercisco.blog.51cto.com/672109/293313

你可能感兴趣的:(路由器,IP地址,拓扑图,广域网,三台,GRE隧道配置)