0216网络应用
原创
©著作权归作者所有:来自51CTO博客作者810105851的原创作品,请联系作者获取转载授权,否则将追究法律责任
拓扑图:
配置效果:
r1#sh ip rou R1-R2,R3_ipsec vpn效果,重发布RIP效果
10.0.0.0/8 is variably subnetted, 14
subnets, 4 masks
O
IA 10.0.8.0/24 [110/65] via 10.0.0.18,
00:17:50, Serial0/0
O
E1 10.0.9.0/24 [110/264] via
10.0.0.19, 00:17:40, Serial0/0
O
E1 10.0.0.12/30 [110/264] via
10.0.0.19, 00:17:40, Serial0/0
O 10.0.2.0/24 [110/2] via 10.0.0.6,
00:17:50, FastEthernet1/0
O 10.0.3.0/24 [110/2] via 10.0.0.6,
00:17:50, FastEthernet1/0
O 10.0.0.0/30 [110/3] via 10.0.0.6,
00:17:50, FastEthernet1/0
O 10.0.1.0/24 [110/2] via 10.0.0.6,
00:17:50, FastEthernet1/0
O
IA 10.0.7.0/24 [110/65] via 10.0.0.18,
00:17:50, Serial0/0
O 10.0.4.0/24 [110/2] via 10.0.0.6,
00:17:50, FastEthernet1/0
C 10.0.0.4/30 is directly connected,
FastEthernet1/0
O 10.0.5.0/24 [110/3] via 10.0.0.6,
00:17:50, FastEthernet1/0
O 10.0.0.18/32 [110/64] via 10.0.0.18,
00:18:00, Serial0/0
O 10.0.0.19/32 [110/64] via 10.0.0.19,
00:18:01, Serial0/0
C 10.0.0.16/29 is directly connected,
Serial0/0
O*E2
0.0.0.0/0 [110/1] via 10.0.0.6, 00:17:41, FastEthernet1/0
r1#sh
cry is sa
dst src state conn-id slot
10.0.0.17 10.0.0.19 QM_IDLE 1
0
10.0.0.17 10.0.0.18 QM_IDLE 2 0
r1#sh
ip os ne
Neighbor
ID Pri State Dead Time Address Interface
5.5.5.5 0
FULL/ - - 10.0.0.18 OSPF_VL1 ---->一定要配置虚链路!如果没有配置R3还是可以学到area0的路由的,但R1学习不到R3的area20的路由!
2.2.2.2 1
FULL/DR 00:00:34 10.0.0.6 FastEthernet1/0
5.5.5.5 0
FULL/ - 00:01:49 10.0.0.18 Serial0/0
4.4.4.4 0
FULL/ - 00:01:33 10.0.0.19 Serial0/0
r1#
r1#
r2#sh ip rou R1-R2_ipsec vpn 效果
10.0.0.0/8 is variably subnetted, 14
subnets, 4 masks
O
IA 10.0.8.0/24 [110/129] via
10.0.0.17, 00:18:22, Serial0/0
R 10.0.9.0/24 [120/1] via 10.0.0.14,
00:00:26, FastEthernet2/0
C 10.0.0.12/30 is directly connected,
FastEthernet2/0
O
IA 10.0.2.0/24 [110/66] via 10.0.0.17,
00:18:22, Serial0/0
O
IA 10.0.3.0/24 [110/66] via 10.0.0.17,
00:18:22, Serial0/0
O
IA 10.0.0.0/30 [110/67] via 10.0.0.17,
00:18:22, Serial0/0
O
IA 10.0.1.0/24 [110/66] via 10.0.0.17,
00:18:22, Serial0/0
O
IA 10.0.7.0/24 [110/129] via
10.0.0.17, 00:18:22, Serial0/0
O
IA 10.0.4.0/24 [110/66] via 10.0.0.17,
00:18:22, Serial0/0
O
IA 10.0.0.4/30 [110/65] via 10.0.0.17,
00:18:22, Serial0/0
O
IA 10.0.5.0/24 [110/67] via 10.0.0.17,
00:18:22, Serial0/0
O 10.0.0.18/32 [110/128] via 10.0.0.17,
00:18:22, Serial0/0
C 10.0.0.16/29 is directly connected,
Serial0/0
O 10.0.0.17/32 [110/64] via 10.0.0.17,
00:18:22, Serial0/0
C 192.168.1.0/24 is directly connected,
FastEthernet1/0
O*E2
0.0.0.0/0 [110/1] via 10.0.0.17, 00:18:12, Serial0/0
r2#sh
cry is sa
dst src state conn-id slot
10.0.0.17 10.0.0.19 QM_IDLE 1 0
r2#sh
ip os ne
Neighbor
ID Pri State Dead Time Address Interface
3.3.3.3 0
FULL/ - 00:01:32 10.0.0.17 Serial0/0
r2#
r2#
r3#sh ip rou R1-R3_ipsec vpn效果, OSPF虚链路效果 ---->一定要配置!
10.0.0.0/8 is variably subnetted, 14
subnets, 4 masks
C 10.0.8.0/24 is directly connected,
FastEthernet1/0.80
O
E1 10.0.9.0/24 [110/328] via
10.0.0.17, 00:18:38, Serial0/0
O
E1 10.0.0.12/30 [110/328] via
10.0.0.17, 00:18:38, Serial0/0
O 10.0.2.0/24 [110/66] via 10.0.0.17,
00:18:38, Serial0/0
O 10.0.3.0/24 [110/66] via 10.0.0.17,
00:18:38, Serial0/0
O 10.0.0.0/30 [110/67] via 10.0.0.17,
00:18:38, Serial0/0
O 10.0.1.0/24 [110/66] via 10.0.0.17,
00:18:38, Serial0/0
C 10.0.7.0/24 is directly connected,
FastEthernet1/0.70
O 10.0.4.0/24 [110/66] via 10.0.0.17,
00:18:38, Serial0/0
O 10.0.0.4/30 [110/65] via 10.0.0.17,
00:18:38, Serial0/0
O 10.0.5.0/24 [110/67] via 10.0.0.17,
00:18:38, Serial0/0
O 10.0.0.19/32 [110/128] via 10.0.0.17,
00:18:48, Serial0/0
C 10.0.0.16/29 is directly connected, Serial0/0
O 10.0.0.17/32 [110/64] via 10.0.0.17,
00:18:48, Serial0/0
O*E2
0.0.0.0/0 [110/1] via 10.0.0.17, 00:18:38, Serial0/0
r3#sh
cry is sa
dst src state conn-id slot
10.0.0.17 10.0.0.18 QM_IDLE 1
0
r3#sh
ip os ne
Neighbor
ID Pri State Dead Time Address Interface
3.3.3.3 0
FULL/ - - 10.0.0.17 OSPF_VL1 ---->虚链路一定要配置!!!
3.3.3.3 0
FULL/ - 00:01:53 10.0.0.17 Serial0/0
r3#
r9#sh ip rou
重发布OSPF效果:
10.0.0.0/8 is variably subnetted, 14
subnets, 4 masks
R 10.0.8.0/24 [120/2] via 10.0.0.13,
00:00:06, FastEthernet0/0
C 10.0.9.0/24 is directly connected,
Vlan90
C 10.0.0.12/30 is directly connected, FastEthernet0/0
R 10.0.2.0/24 [120/2] via 10.0.0.13,
00:00:06, FastEthernet0/0
R 10.0.3.0/24 [120/2] via 10.0.0.13,
00:00:06, FastEthernet0/0
R 10.0.0.0/30 [120/2] via 10.0.0.13,
00:00:06, FastEthernet0/0
R 10.0.1.0/24 [120/2] via 10.0.0.13,
00:00:06, FastEthernet0/0
R 10.0.7.0/24 [120/2] via 10.0.0.13,
00:00:06, FastEthernet0/0
R 10.0.4.0/24 [120/2] via 10.0.0.13,
00:00:06, FastEthernet0/0
R 10.0.0.4/30 [120/2] via 10.0.0.13,
00:00:06, FastEthernet0/0
R 10.0.5.0/24 [120/2] via 10.0.0.13,
00:00:06, FastEthernet0/0
R 10.0.0.18/32 [120/2] via 10.0.0.13,
00:00:06, FastEthernet0/0
R 10.0.0.16/29 [120/1] via 10.0.0.13,
00:00:07, FastEthernet0/0
R 10.0.0.17/32 [120/2] via 10.0.0.13,
00:00:07, FastEthernet0/0
R* 0.0.0.0/0 [120/2] via 10.0.0.13, 00:00:07,
FastEthernet0/0
r9#
VPC测试:
上图是R1到R2,R3的ipsec vpn连通效果。
上图是广州分部到外网的NAT效果。
上图是总部到外网的NAT效果。
下面是分部时间ACL的测试:
测试后,上面的顺序反了,是这样:
ti
work
per
weekda 9:00 to 18:00
r2(config)#acc 130 per udp an an
//RIP所有的消息都是被封装在UDP数据报里面的,源和目的端口都设置为520
r2(config)#acc
130 per ip an 10.0.0.0 0.255.255.255
r2(config)#acc
130 per ip 10.0.9.0 0.0.0.255 an ti work
int f2/0
ip
acce 130 in
下面是总部的时间ACL测试:
配置参数:
ti
work
r5(config)#acc
130 per os an an //使R5可以学习到OSPF的路由
r5(config)#acc
130 per ip 10.0.1.0 0.0.0.255 an ti work
r5(config)#acc
130 per ip 10.0.2.0 0.0.0.255 an ti work
r5(config)#acc
130 per ip 10.0.3.0 0.0.0.255 an ti work
r5(config)#acc
130 per ip 10.0.4.0 0.0.0.255 an ti work
r5(config)#acc
130 per ip 10.0.7.0 0.0.0.255 an ti work
r5(config)#acc
130 per ip 10.0.8.0 0.0.0.255 an ti work
r5(config)#acc
130 per ip 10.0.5.0 0.0.0.255 an //允许服务器网络,用于发布到公网
int
f1/0
ip
acce 130 in
下面是总部的PPTP测试:
上一篇:0216_帧中继_ipsec
下一篇:卡通
提问和评论都可以,用心的回复会被更多人看到
评论
发布评论
相关文章
-
批量登陆网络设备读取信息
重复的工作变成标准化流程,标准流程自动化;本文以ensp模拟器为环境,介绍使用python对网络设备进行批量自动化获取设备信息操作,读者可自行修改命令实现自动化配置下发;
python 网络自动化运维 批量登陆网络设备 批量获取配置 -
ResNet50网络
自从ResNet在2015年被提出,在ImageNet比赛classification任务上获得第一名,因为它“简单与实用”并存,之后很多方法都建立在ResN
网络 tensorflow 人工智能 2d 测试数据