Cisco router 和 Linux GRE鏈接

試驗TOP：

Liunx系統

一、檢查是否加載ip_gre模塊
lsmod|grep ip_gre

如沒有，請加載ip_gre

insmod/lib/modules/2.6.18-194.3.1.el5/kernel/net/ipv4/ip_gre.ko

2．新增tunnel, 命名爲tunnel0

[root@localhost ~]# ip tunnel add tunnel0 mode gre remote192.168.1.1 local 172.16.1.254 ttl 255

3．激活新增tunnel0,

[root@localhost ~]# ip link set tunnel0 up mtu 1500

4．添加tunnel0 IP.

[root@localhost ~]# ip addr add 10.100.2.2/30 peer 10.100.2.1/30dev tunnel0

5．添加從tunnel0 走的路由

[root@localhost ~]# ip route add 10.10.34.0/24 dev tunnel0

6．驗證

[root@localhost ~]# ip addr show

1: lo: <LOOPBACK,UP,LOWER_UP> mtu16436 qdisc noqueue

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet127.0.0.1/8 scope host lo

inet10.0.0.254/32 scope global lo

inet6::1/128 scope host

valid_lft forever preferred_lft forever

2: eth1:<BROADCAST,MULTICAST,UP,LOWER_UP> mtu1500 qdisc pfifo_fast qlen 1000

link/ether 00:d0:b7:2e:8f:21 brd ff:ff:ff:ff:ff:ff

inet192.168.0.1/24 brd 192.168.0.255 scope global eth1

inet6fe80::2d0:b7ff:fe2e:8f21/64 scope link

valid_lft forever preferred_lft forever

3: eth0:<BROADCAST,MULTICAST,UP,LOWER_UP> mtu1500 qdisc pfifo_fast qlen 1000

link/ether 00:17:31:09:6e:ec brd ff:ff:ff:ff:ff:ff

inet172.16.1.254/24 brd 172.16.1.255 scope global eth0

inet6fe80::217:31ff:fe09:6eec/64 scope link

valid_lft forever preferred_lft forever

4: sit0: <NOARP> mtu 1480 qdiscnoop

link/sit0.0.0.0 brd 0.0.0.0

5: virbr0:<BROADCAST,MULTICAST,UP,LOWER_UP> mtu1500 qdisc noqueue

link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff

inet192.168.122.1/24 brd 192.168.122.255 scope global virbr0

inet6fe80::200:ff:fe00:0/64 scope link

valid_lft forever preferred_lft forever

6: tunl0: <NOARP> mtu 1480 qdiscnoop

link/ipip0.0.0.0 brd 0.0.0.0

7: gre0: <NOARP> mtu 1476 qdiscnoop

link/gre0.0.0.0 brd 0.0.0.0

8: tunnel0@NONE:<POINTOPOINT,NOARP,UP,LOWER_UP> mtu1500 qdisc noqueue

link/gre172.16.1.254 peer 192.168.1.1

inet 10.100.2.2 peer 10.100.2.1/30 scope global tunnel0

[root@localhost ~]# ip link show

1: lo: <LOOPBACK,UP,LOWER_UP> mtu16436 qdisc noqueue

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

2: eth1:<BROADCAST,MULTICAST,UP,LOWER_UP> mtu1500 qdisc pfifo_fast qlen 1000

link/ether 00:d0:b7:2e:8f:21 brd ff:ff:ff:ff:ff:ff

3: eth0:<BROADCAST,MULTICAST,UP,LOWER_UP> mtu1500 qdisc pfifo_fast qlen 1000

link/ether 00:17:31:09:6e:ec brd ff:ff:ff:ff:ff:ff

4: sit0: <NOARP> mtu 1480 qdiscnoop

link/sit0.0.0.0 brd 0.0.0.0

5: virbr0:<BROADCAST,MULTICAST,UP,LOWER_UP> mtu1500 qdisc noqueue

link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff

6: tunl0: <NOARP> mtu 1480 qdiscnoop

link/ipip0.0.0.0 brd 0.0.0.0

7: gre0: <NOARP> mtu 1476 qdiscnoop

link/gre0.0.0.0 brd 0.0.0.0

8: tunnel0@NONE:<POINTOPOINT,NOARP,UP,LOWER_UP> mtu1500 qdisc noqueue

link/gre172.16.1.254 peer 192.168.1.1

[root@localhost ~]# ip link show

1: lo: <LOOPBACK,UP,LOWER_UP> mtu16436 qdisc noqueue

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

2: eth1:<BROADCAST,MULTICAST,UP,LOWER_UP> mtu1500 qdisc pfifo_fast qlen 1000

link/ether 00:d0:b7:2e:8f:21 brd ff:ff:ff:ff:ff:ff

3: eth0:<BROADCAST,MULTICAST,UP,LOWER_UP> mtu1500 qdisc pfifo_fast qlen 1000

link/ether 00:17:31:09:6e:ec brd ff:ff:ff:ff:ff:ff

4: sit0: <NOARP> mtu 1480 qdiscnoop

link/sit0.0.0.0 brd 0.0.0.0

5: virbr0:<BROADCAST,MULTICAST,UP,LOWER_UP> mtu1500 qdisc noqueue

link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff

6: tunl0: <NOARP> mtu 1480 qdiscnoop

link/ipip0.0.0.0 brd 0.0.0.0

7: gre0: <NOARP> mtu 1476 qdiscnoop

link/gre0.0.0.0 brd 0.0.0.0

8: tunnel0@NONE:<POINTOPOINT,NOARP,UP,LOWER_UP> mtu1500 qdisc noqueue

link/gre172.16.1.254 peer 192.168.1.1

[root@localhost ~]# ip tunnel show

sit0: ipv6/ip remote any local any ttl 64 nopmtudisc

tunl0: ip/ip remote any local any ttl inherit nopmtudisc

gre0: gre/ip remote any local any ttl inherit nopmtudisc

tunnel0: gre/ip remote192.168.1.1 local 172.16.1.254 ttl 255

[root@localhost ~]# ip route show

10.10.34.0/24 dev tunnel0 scope link

192.168.0.0/24 dev eth1 protokernel scope link src192.168.0.1

172.16.1.0/24 dev eth0 protokernel scope link src172.16.1.254

192.168.122.0/24 dev virbr0 protokernel scope link src192.168.122.1

[root@localhost ~]# ping 10.10.34.1

PING 10.10.34.1 (10.10.34.1) 56(84) bytes of data.

64 bytes from 10.10.34.1: icmp_seq=1 ttl=255 time=6.31 ms

64 bytes from 10.10.34.1: icmp_seq=2 ttl=255 time=2.47 ms

64 bytes from 10.10.34.1: icmp_seq=3 ttl=255 time=12.4 ms

64 bytes from 10.10.34.1: icmp_seq=4 ttl=255 time=11.6 ms

64 bytes from 10.10.34.1: icmp_seq=5 ttl=255 time=12.5 ms

--- 10.10.34.1 ping statistics ---

5 packets transmitted, 5 received, 0% packet loss, time4002ms

rtt min/avg/max/mdev = 2.477/9.102/12.578/4.045 ms

Cisco

Router-11#sh run int tunnel 1

Building configuration...

Current configuration : 148 bytes

!

interface Tunnel1

ip address 10.100.2.1 255.255.255.252

ip tcp adjust-mss 1400

tunnel source 192.168.1.1

tunnel destination 172.16.1.254

end

ip route 192.168.0.0 255.255.255.0 Tunnel1

Router-11# traceroute 192.168.0.2

Type escape sequence to abort.

Tracing the route to ip-2-0-168-192.xxxx.com (192.168.0.2)

1 10.100.2.2 [AS 65100] 0 msec

ns1.xxxx.com (172.16.1.254) [AS 65100] 0 msec *

可能會遇到MTU問題。須要調整MTU，MSS參數