GRE tunnel ×××
GRE隧道傳遞數據包的過程分爲3步:
1.接收原始IP數據包看成乘客協議,原始IP數據包包頭的IP地址爲私有IP地址。
2.將原始IP數據包封裝進GRE協議,GRE協議稱爲封裝協議(Encapsulation Protocol),封裝的包頭IP地址爲虛擬直連鏈路兩端的IP地址。
3.將整個GRE數據包看成數據,在外層封裝公網IP包頭,也就是隧道的起源和終點,從而路由到隧道終點。
實驗配置
R1
en
conf t
line con 0
no exec-t
exit
host R1
int f0/0
no sh
ip add 192.168.1.1 255.255.255.0
end
====================R2============================
en
conf t
line con 0
no exec-t
exit
host R2
int f0/0
no sh
ip add 192.168.1.2 255.255.255.0
int f0/1
no sh
ip add 23.23.23.2 255.255.255.0
exit
ip route 0.0.0.0 0.0.0.0 23.23.23.3
interface Tunnel2
no sh
ip address 1.1.1.2 255.255.255.0
tunnel source 23.23.23.2
tunnel destination 34.34.34.4
exit
en
conf t
line con 0
no exec-t
exit
host R1
int f0/0
no sh
ip add 192.168.1.1 255.255.255.0
end
====================R2============================
en
conf t
line con 0
no exec-t
exit
host R2
int f0/0
no sh
ip add 192.168.1.2 255.255.255.0
int f0/1
no sh
ip add 23.23.23.2 255.255.255.0
exit
ip route 0.0.0.0 0.0.0.0 23.23.23.3
interface Tunnel2
no sh
ip address 1.1.1.2 255.255.255.0
tunnel source 23.23.23.2
tunnel destination 34.34.34.4
exit
ip route 192.168.2.0 255.255.255.0 tunnel2
建立GRE隧道的路由器雙方將去往對方私有網段的數據包引入GRE隧道中傳輸
NAT配置
access-list 100 permit ip 192.168.1.0 0.0.0.255 any
ip nat inside source list 100 interface FastEthernet0/0 overload
interface FastEthernet0/0
ip nat outside
interface FastEthernet1/0
ip nat inside
=====================Internet==========================
en
conf t
line con 0
no exec-t
exit
host Internet
int f0/0
no sh
ip add 23.23.23.3 255.255.255.0
int f0/1
no sh
ip add 34.34.34.3 255.255.255.0
access-list 100 permit ip 192.168.1.0 0.0.0.255 any
ip nat inside source list 100 interface FastEthernet0/0 overload
interface FastEthernet0/0
ip nat outside
interface FastEthernet1/0
ip nat inside
=====================Internet==========================
en
conf t
line con 0
no exec-t
exit
host Internet
int f0/0
no sh
ip add 23.23.23.3 255.255.255.0
int f0/1
no sh
ip add 34.34.34.3 255.255.255.0
======================R4================================
en
conf t
line con 0
no exec-t
exit
host R4
int f0/0
no sh
ip add 34.34.34.4 255.255.255.0
int f0/1
no sh
ip add 192.168.2.4 255.255.255.0
exit
ip route 0.0.0.0 0.0.0.0 34.34.34.3
interface Tunnel4
no sh
ip address 1.1.1.4 255.255.255.0
tunnel source 34.34.34.4
tunnel destination 23.23.23.2
exit
ip route 192.168.1.0 255.255.255.0 Tunnel4
en
conf t
line con 0
no exec-t
exit
host R4
int f0/0
no sh
ip add 34.34.34.4 255.255.255.0
int f0/1
no sh
ip add 192.168.2.4 255.255.255.0
exit
ip route 0.0.0.0 0.0.0.0 34.34.34.3
interface Tunnel4
no sh
ip address 1.1.1.4 255.255.255.0
tunnel source 34.34.34.4
tunnel destination 23.23.23.2
exit
ip route 192.168.1.0 255.255.255.0 Tunnel4
建立GRE隧道的路由器雙方將去往對方私有網段的數據包引入GRE隧道中傳輸
NAT配置
access-list 100 permit ip 192.168.2.0 0.0.0.255 any
ip nat inside source list 100 interface FastEthernet0/0 overload
interface FastEthernet0/0
ip nat outside
interface FastEthernet1/0
ip nat inside
=========================R5==============================
en
conf t
line con 0
no exec-t
exit
host R5
int f0/0
no sh
ip add 192.168.2.5 255.255.255.0
access-list 100 permit ip 192.168.2.0 0.0.0.255 any
ip nat inside source list 100 interface FastEthernet0/0 overload
interface FastEthernet0/0
ip nat outside
interface FastEthernet1/0
ip nat inside
=========================R5==============================
en
conf t
line con 0
no exec-t
exit
host R5
int f0/0
no sh
ip add 192.168.2.5 255.255.255.0
實驗調試
查看R2當前的隧道接口狀態:
Tunnel2 is up, line protocol is up
Internet address is 1.1.1.2/24
Broadcast address is 255.255.255.255
Address determined by setup command
MTU is 1476 bytes
Helper address is not set
Directed broadcast forwarding is disabled
Outgoing access list is not set
Inbound access list is not set
Proxy ARP is enabled
Local Proxy ARP is disabled
Security level is default
Split horizon is enabled
ICMP redirects are always sent
ICMP unreachables are always sent
ICMP mask replies are never sent
IP fast switching is enabled
IP fast switching on the same interface is disabled
IP Flow switching is disabled
IP CEF switching is enabled
IP CEF Feature Fast switching turbo vector
IP multicast fast switching is enabled
IP multicast distributed fast switching is disabled
IP route-cache flags are Fast, CEF
Router Discovery is disabled
IP output packet accounting is disabled
IP access violation accounting is disabled
TCP/IP header compression is disabled
RTP/IP header compression is disabled
Policy routing is disabled
Network address translation is disabled
BGP Policy Mapping is disabled
WCCP Redirect outbound is disabled
WCCP Redirect inbound is disabled
WCCP Redirect exclude is disabled
Tunnel4 is up, line protocol is up
Internet address is 1.1.1.4/24
Broadcast address is 255.255.255.255
Address determined by setup command
MTU is 1476 bytes
Helper address is not set
Directed broadcast forwarding is disabled
Outgoing access list is not set
Inbound access list is not set
Proxy ARP is enabled
Local Proxy ARP is disabled
Security level is default
Split horizon is enabled
ICMP redirects are always sent
ICMP unreachables are always sent
ICMP mask replies are never sent
IP fast switching is enabled
IP fast switching on the same interface is disabled
IP Flow switching is disabled
IP CEF switching is enabled
IP CEF Feature Fast switching turbo vector
IP multicast fast switching is enabled
IP multicast distributed fast switching is disabled
--More--
Sending 5, 100-byte ICMP Echos to 192.168.2.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 172/202/220 ms
相關文章
- 1. GRE TUNNEL
- 2. GRE tunnel
- 3. Linux GRE Tunnel
- 4. Ip通道(gre tunnel)
- 5. 【轉載】深入理解 GRE tunnel
- 6. 在Ubuntu上創建並測試GRE tunnel
- 7. GRE
- 8. GRE ×××
- 9. openvSwitch tunnel
- 10. Cisco GRE ×××
- 更多相關文章...
- • SVN 簡介 - SVN 教程
- • W3C詞彙和術語表 - 網站建設指南
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
歡迎關注本站公眾號,獲取更多信息
相關文章
- 1. GRE TUNNEL
- 2. GRE tunnel
- 3. Linux GRE Tunnel
- 4. Ip通道(gre tunnel)
- 5. 【轉載】深入理解 GRE tunnel
- 6. 在Ubuntu上創建並測試GRE tunnel
- 7. GRE
- 8. GRE ×××
- 9. openvSwitch tunnel
- 10. Cisco GRE ×××