说明:所有设备使用思科路由器模拟
R1和R2属于企业内网路由器;
R3属于电信网络;简称线路A;3.3.3.3/32代表电信网络IP
R4属于联通等其他网络;简称线路B;4.4.4.4/32代表联通等其他网络IP
配置目的:使用静态路由实现:访问联通等其他网络的数据走线路B,访问电信的数据走线路A
线路B故障自动变更到线路A,线路A故障自动变更到线路B
使用到的一些技术:静态路由;NAT;SLA等
R1 配置:
en
conf t
hostname R1
enable secret cisco
line vty 0 4
no login
exit
no ip domain-lookup
int lo0
ip add 1.1.1.1 255.255.255.255
exit
int e1/0
ip add 192.168.12.1 255.255.255.0
ip nat inside
no shut
exit
int e1/1
ip add 192.168.13.1 255.255.255.0
ip nat outside
no shut
exit
int e1/2
ip add 192.168.14.1 255.255.255.0
ip nat outside
no shut
exit
router ospf 123 /*定义内网路由协议,让R2可以获得相关路由信息*/
router-id 1.1.1.1
network 192.168.12.1 0.0.0.0 area 0
network 1.1.1.1 0.0.0.0 area 0
default-in ori always
exit
/*定义sla(使用默认参数配置)和track给静态路由条目进行线路检测*/
ip sla 13
icmp-echo 192.168.13.3 source-ip 192.168.13.1
exit
ip sla 14
icmp-echo 192.168.14.4 source-ip 192.168.14.1
exit
track 13 rtr 13 reachability
exit
track 14 rtr 14 reachability
exit
ip route 4.4.4.4 255.255.255.255 192.168.14.4 /*添加联通等网络静态路由*/
ip route 0.0.0.0 0.0.0.0 192.168.13.3 track 13 /*其他默认走电信线路*/
ip route 0.0.0.0 0.0.0.0 192.168.14.4 track 14 14 /*当电信线路故障时走联通等线路*/
/*NAT配置*/
1.定义next-hop地址:
access-list 13 permit host 192.168.13.3
access-list 14 permit host 192.168.14.4
2.定义nat地址转换所需acl:
access-list 130 permit ip host 2.2.2.2 any /*主机地址2.2.2.2模拟内网网段*/
access-list 140 permit ip host 2.2.2.2 any
3.定义route-map所需转换NAT
route-map 13
match ip add 130
match ip next-hop 13
exit
route-map 14
match ip add 140
match ip next-hop 14
exit
4.定义IP NAT
ip nat inside source route-map 13 interface e1/1 over
ip nat inside source route-map 14 interface e1/2 over
到此,R1配置完成;
R2
en
conf t
hostname R2
line vty 0 4
no login
exit
enable secret cisco
int lo0
ip add 2.2.2.2 255.255.255.255
exit
int e1/0
ip add 192.168.12.2 255.255.255.0
no shut
exit
router ospf 123
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.168.12.2 0.0.0.0 area 0
exit
R3
en
conf t
hostname R3
line vty 0 4
no login
exit
enable secret cisco
int lo0
ip add 3.3.3.3 255.255.255.255
exit
int e1/1
ip add 192.168.13.3 255.255.255.0
no shut
exit
int e1/0
ip add 192.168.34.3 255.255.255.0
no shut
exit
/*模拟isp内网*/
router ospf 123
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.168.34.3 0.0.0.0 area 0
exit
R4
en
conf t
hostname R4
line vty 0 4
no login
exit
enable secret cisco
int lo0
ip add 4.4.4.4 255.255.255.255
exit
int e1/2
ip add 192.168.14.4 255.255.255.0
no shut
exit
int e1/0
ip add 192.168.34.4 255.255.255.0
no shut
exit
/*模拟isp内网*/
router ospf 123
router-id 4.4.4.4
network 4.4.4.4 0.0.0.0 area 0
network 192.168.34.4 0.0.0.0 area 0
exit
效果:
达到实验目的:
1.访问电信线路时R1将内网地址NAT为192.168.13.1;访问联通等其他线路时R1将内网地址NAT为192.168.14.1
2.线路故障时,实现线路自动切换;