控制列表加NAT转换(华为)
实验环境:真机
实验器材:三台路由器,一台windows虚拟机(桥接)
R1配置:
[r1]inter e0
[r1-Ethernet0]ip address 192.168.1.254 24
[r1-Ethernet0]loopback
Ethernet0 running on loopback mode
[r1-Ethernet0]in
%22:02:31: Interface Ethernet0 is UP
%22:02:31: tLine protocol ip on the interface Ethernet0 is UP
Incomplete command
[r1-Ethernet0]inter s0
[r1-Serial0]ip address 192.168.4.1 24
R2配置:
[r2]inter e0
[r2-Ethernet0]ip address 192.168.3.254 24
[r2-Ethernet0]
%22:03:14: Line protocol ip on the interface Ethernet0 is UP
[r2-Ethernet0]inter s0
[r2-Serial0]ip address 192.168.4.2 24
[r2-Serial0]
%22:03:34: Line protocol ip on the interface Serial0 is UP
[r2-Serial0]shut
% Interface Serial0 is shut down
[r2-Serial0]
%22:03:39: Interface Serial0 is DOWN
%22:03:39: Line protocol ip on the interface Serial0 is DOWN
[r2-Serial0]undo shut
[r2-Serial0]inter s1
[r2-Serial1]ip address 192.168.5.2 24
[r2-Serial1]
%22:04:16: Line protocol ip on the interface Serial1 is UP
[r2-Serial1]shut
% Interface Serial1 is shut down
[r2-Serial1]
%22:04:23: Interface Serial1 is DOWN
[r2-Serial1]undo shut
R3配置:
[r3]inter e0
[r3-Ethernet0]ip address 192.168.2.254 24
[r3-Ethernet0]loopback
Ethernet0 running on loopback mode
[r3-Ethernet0]
%01:08:52: Interface Ethernet0 is UP
%01:08:52: Line protocol ip on the interface Ethernet0 is UP
[r3-Ethernet0]inter s0
[r3-Serial0]ip address 192.168.5.1 24
[r3-Serial0]
%01:09:16: Line protocol ip on the interface Serial0 is UP
[r3-Serial0]shut
% Interface Serial0 is down
[r3-Serial0]
%01:09:19: Interface Serial0 is DOWN
[r3-Serial0]undo shut
R2上做静态路由:
[r2]ip route 192.168.1.0 24 192.168.4.1
[r2]ip route 192.168.2.0 24 192.168.5.1
[r2]ping 192.168.1.254
Reply from 192.168.1.254: bytes=56 Sequence=0 ttl=255 time = 25 ms
Reply from 192.168.1.254: bytes=56 Sequence=1 ttl=255 time = 25 ms
Reply from 192.168.1.254: bytes=56 Sequence=2 ttl=255 time = 25 ms
Reply from 192.168.1.254: bytes=56 Sequence=3 ttl=255 time = 25 ms
Reply from 192.168.1.254: bytes=56 Sequence=4 ttl=255 time = 25 ms
--- 192.168.1.254 ping statistics ---
5 packets transmitted
5 packets received
0.00% packet loss
round-trip min/avg/max = 25/25/25 ms
[r2]ping 192.168.2.254
Reply from 192.168.2.254: bytes=56 Sequence=0 ttl=255 time = 26 ms
Reply from 192.168.2.254: bytes=56 Sequence=1 ttl=255 time = 26 ms
Reply from 192.168.2.254: bytes=56 Sequence=2 ttl=255 time = 26 ms
Reply from 192.168.2.254: bytes=56 Sequence=3 ttl=255 time = 26 ms
Reply from 192.168.2.254: bytes=56 Sequence=4 ttl=255 time = 26 ms
--- 192.168.2.254 ping statistics ---
5 packets transmitted
5 packets received
0.00% packet loss
round-trip min/avg/max = 26/26/26 ms
r2上做访问列表:
[r2]acl 2000
[r2-acl-2000]rule permit source 192.168.3.0
Rule has been added to normal packet-filtering rules
[r2-acl-2000]acl 2001
[r2-acl-2001]rule permit source 192.168.3.0
Rule has been added to normal packet-filtering rules
[r2-acl-2001]inter s0
[r2-Serial0]nat outbound 2000 interface
[r2-Serial0]inter s1
[r2-Serial1]nat outbound 2001 interface
本地虚拟机测试:
[r2]dis ip rout
Routing Tables:
Destination/Mask Proto Pref Metric Nexthop Interface
127.0.0.0/8 Direct 0 0 127.0.0.1 LoopBack0
127.0.0.1/32 Direct 0 0 127.0.0.1 LoopBack0
192.168.1.0/24 Static 60 0 192.168.4.1 Serial0
192.168.2.0/24 Static 60 0 192.168.5.1 Serial1
192.168.3.0/24 Direct 0 0 192.168.3.254 Ethernet0
192.168.3.254/32 Direct 0 0 127.0.0.1 LoopBack0
192.168.4.0/24 Direct 0 0 192.168.4.1 Serial0
192.168.4.1/32 Direct 0 0 192.168.4.1 Serial0
192.168.4.2/32 Direct 0 0 127.0.0.1 LoopBack0
192.168.5.0/24 Direct 0 0 192.168.5.1 Serial1
192.168.5.1/32 Direct 0 0 192.168.5.1 Serial1
192.168.5.2/32 Direct 0 0 127.0.0.1 LoopBack0
[r2]ping 192.168.2.254
Reply from 192.168.2.254: bytes=56 Sequence=0 ttl=255 time = 25 ms
Reply from 192.168.2.254: bytes=56 Sequence=1 ttl=255 time = 25 ms
Reply from 192.168.2.254: bytes=56 Sequence=2 ttl=255 time = 25 ms
Reply from 192.168.2.254: bytes=56 Sequence=3 ttl=255 time = 25 ms
Reply from 192.168.2.254: bytes=56 Sequence=4 ttl=255 time = 25 ms
--- 192.168.2.254 ping statistics ---
5 packets transmitted
5 packets received
0.00% packet loss
round-trip min/avg/max = 25/25/25 ms
[r2]ping 192.168.1.254
Reply from 192.168.1.254: bytes=56 Sequence=0 ttl=255 time = 25 ms
Reply from 192.168.1.254: bytes=56 Sequence=1 ttl=255 time = 25 ms
Reply from 192.168.1.254: bytes=56 Sequence=2 ttl=255 time = 25 ms
Reply from 192.168.1.254: bytes=56 Sequence=3 ttl=255 time = 25 ms
Reply from 192.168.1.254: bytes=56 Sequence=4 ttl=255 time = 25 ms
--- 192.168.1.254 ping statistics ---
5 packets transmitted
5 packets received
0.00% packet loss
round-trip min/avg/max = 25/25/25 ms
[r1]dis ip rout
Routing Tables:
Destination/Mask Proto Pref Metric Nexthop Interface
127.0.0.0/8 Direct 0 0 127.0.0.1 LoopBack0
127.0.0.1/32 Direct 0 0 127.0.0.1 LoopBack0
192.168.1.0/24 Direct 0 0 192.168.1.254 Ethernet0
192.168.1.254/32 Direct 0 0 127.0.0.1 LoopBack0
192.168.4.0/24 Direct 0 0 192.168.4.2 Serial0
192.168.4.1/32 Direct 0 0 127.0.0.1 LoopBack0
192.168.4.2/32 Direct 0 0 192.168.4.2 Serial0
[r1]ping 192.168.3.254
Request time out
Request time out
Request time out
Request time out
Request time out
--- 192.168.3.254 ping statistics ---
5 packets transmitted
0 packets received
100.00% packet loss
[r3]dis ip rout
Routing Tables:
Destination/Mask Proto Pref Metric Nexthop Interface
127.0.0.0/8 Direct 0 0 127.0.0.1 LoopBack0
127.0.0.1/32 Direct 0 0 127.0.0.1 LoopBack0
192.168.2.0/24 Direct 0 0 192.168.2.254 Ethernet0
192.168.2.254/32 Direct 0 0 127.0.0.1 LoopBack0
192.168.5.0/24 Direct 0 0 192.168.5.2 Serial0
192.168.5.1/32 Direct 0 0 127.0.0.1 LoopBack0
192.168.5.2/32 Direct 0 0 192.168.5.2 Serial0
[r3]ping 192.168.3.254
Request time out
Request time out
Request time out
Request time out
