华为高级路由交换认证（华为认证-GRE协议实验讲解）

华为高级路由交换认证（华为认证-GRE协议实验讲解）<SZ_VPN>ping 101.1.1.1 PING 101.1.1.1: 56 data bytes press CTRL_C to break Reply from 101.1.1.1: bytes=56 Sequence=1 ttl=254 time=30 ms Reply from 101.1.1.1: bytes=56 Sequence=2 ttl=254 time=20 ms Reply from 101.1.1.1: bytes=56 Sequence=3 ttl=254 time=40 ms Reply from 101.1.1.1: bytes=56 Sequence=4 ttl=254 time=20 ms Reply from 101.1.1.1: bytes=56 Sequence=5 ttl=254 time=30 ms --- 101.1.1.

GRE的配置

GRE的配置思路如下：

第一步：基本配置

SZ_VPN路由器的配置

# sysname SZ_VPN # interface GigabitEthernet0/0/0 ip address 202.1.1.1 255.255.255.0 # interface GigabitEthernet0/0/1 ip address 192.168.1.254 255.255.255.0 # ip route-static 0.0.0.0 0.0.0.0 202.1.1.254 #

BJ_VPN路由器的配置

# sysname BJ_VPN # interface GigabitEthernet0/0/0 ip address 101.1.1.1 255.255.255.0 # interface GigabitEthernet0/0/1 ip address 192.168.2.254 255.255.255.0 # ip route-static 0.0.0.0 0.0.0.0 101.1.1.254 #

internet的配置

# interface GigabitEthernet0/0/0 ip address 202.1.1.254 255.255.255.0 # interface GigabitEthernet0/0/1 ip address 101.1.1.254 255.255.255.0 #

检查如下：

检查SZ_VPN和PC1的通信

<SZ_VPN>ping 192.168.1.1 PING 192.168.1.1: 56 data bytes press CTRL_C to break Reply from 192.168.1.1: bytes=56 Sequence=1 ttl=128 time=40 ms Reply from 192.168.1.1: bytes=56 Sequence=2 ttl=128 time=60 ms Reply from 192.168.1.1: bytes=56 Sequence=3 ttl=128 time=40 ms Reply from 192.168.1.1: bytes=56 Sequence=4 ttl=128 time=60 ms Reply from 192.168.1.1: bytes=56 Sequence=5 ttl=128 time=50 ms --- 192.168.1.1 ping statistics --- 5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 40/50/60 ms

检查BJ_VPN和PC2的通信

<SZ_VPN>ping 192.168.1.1 PING 192.168.1.1: 56 data bytes press CTRL_C to break Reply from 192.168.1.1: bytes=56 Sequence=1 ttl=128 time=40 ms Reply from 192.168.1.1: bytes=56 Sequence=2 ttl=128 time=60 ms Reply from 192.168.1.1: bytes=56 Sequence=3 ttl=128 time=40 ms Reply from 192.168.1.1: bytes=56 Sequence=4 ttl=128 time=60 ms Reply from 192.168.1.1: bytes=56 Sequence=5 ttl=128 time=50 ms --- 192.168.1.1 ping statistics --- 5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 40/50/60 ms

检查SZ_VPN和BJ_VPN的通信

<SZ_VPN>ping 101.1.1.1 PING 101.1.1.1: 56 data bytes press CTRL_C to break Reply from 101.1.1.1: bytes=56 Sequence=1 ttl=254 time=30 ms Reply from 101.1.1.1: bytes=56 Sequence=2 ttl=254 time=20 ms Reply from 101.1.1.1: bytes=56 Sequence=3 ttl=254 time=40 ms Reply from 101.1.1.1: bytes=56 Sequence=4 ttl=254 time=20 ms Reply from 101.1.1.1: bytes=56 Sequence=5 ttl=254 time=30 ms --- 101.1.1.1 ping statistics --- 5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 20/28/40 ms

检查PC1和PC2的通信

PC>ping 192.168.2.2 Ping 192.168.2.2: 32 data bytes Press Ctrl_C to break Request timeout! Request timeout! Request timeout! Request timeout! Request timeout! --- 192.168.2.2 ping statistics --- 5 packet(s) transmitted 0 packet(s) received 100.00% packet loss第二步：分别在SZ_VPN和BJ_VPN启动Tunnel接口

SZ_VPN的配置

# interface Tunnel0/0/1 ip address 123.1.1.1 255.255.255.0 tunnel-protocol gre source 202.1.1.1 destination 101.1.1.1 #

BJ_VPN的配置

# interface Tunnel0/0/1 ip address 123.1.1.2 255.255.255.0 tunnel-protocol gre source 101.1.1.1 destination 202.1.1.1 #第三步：配置引流路由

SZ_VPN的配置

# ip route-static 192.168.2.0 255.255.255.0 Tunnel0/0/1 #

BJ_VPN的配置

# ip route-static 192.168.1.0 255.255.255.0 Tunnel0/0/1 #第四步：检查GRE隧道是否成功

SZ_VPN的检查

<SZ_VPN>display interface Tunnel 0/0/1 Tunnel0/0/1 current state : UP Line protocol current state : UP Last line protocol up time : 2020-02-25 17:50:10 UTC-08:00 Description:HUAWEI AR Series Tunnel0/0/1 Interface Route Port The Maximum Transmit Unit is 1500 Internet Address is 123.1.1.1/24 Encapsulation is TUNNEL loopback not set Tunnel source 202.1.1.1 (GigabitEthernet0/0/0) destination 101.1.1.1 Tunnel protocol/transport GRE/IP key disabled keepalive disabled Checksumming of packets disabled Current system time: 2020-02-25 20:19:16-08:00 300 seconds input rate 0 bits/sec 0 packets/sec 300 seconds output rate 0 bits/sec 0 packets/sec 0 seconds input rate 0 bits/sec 0 packets/sec 0 seconds output rate 0 bits/sec 0 packets/sec 0 packets input 0 bytes 0 input error 0 packets output 0 bytes 0 output error Input bandwidth utilization : -- Output bandwidth utilization : -- <SZ_VPN>

BJ_VPN的检查

<BJ_VPN>display interface Tunnel 0/0/1 Tunnel0/0/1 current state : UP Line protocol current state : UP Last line protocol up time : 2020-02-25 17:50:53 UTC-08:00 Description:HUAWEI AR Series Tunnel0/0/1 Interface Route Port The Maximum Transmit Unit is 1500 Internet Address is 123.1.1.2/24 Encapsulation is TUNNEL loopback not set Tunnel source 101.1.1.1 (GigabitEthernet0/0/0) destination 202.1.1.1 Tunnel protocol/transport GRE/IP key disabled keepalive disabled Checksumming of packets disabled Current system time: 2020-02-25 20:21:08-08:00 300 seconds input rate 0 bits/sec 0 packets/sec 300 seconds output rate 0 bits/sec 0 packets/sec 0 seconds input rate 0 bits/sec 0 packets/sec 0 seconds output rate 0 bits/sec 0 packets/sec 0 packets input 0 bytes 0 input error 0 packets output 0 bytes 0 output error Input bandwidth utilization : -- Output bandwidth utilization : -- <BJ_VPN>