MGRE 实验

一.实验拓扑

二.实验要求

1.按照图示配置IP地址

2.配置静态路由协议，搞通公网

3.配置MGRE VPN

4.NHRP的配置

5.配置OSPF路由协议来传递两端私网路由

6.测试全网通

三.实验配置

1.配置ip地址

R1

[R1]int g0/0/0
[R1-GigabitEthernet0/0/0]ip add 15.0.0.1 24
[R1]int LoopBack 0
[R1-LoopBack0]ip address 192.168.1.1 24

R2 

[R2]int g0/0/0
[R2-GigabitEthernet0/0/0]ip add	
[R2-GigabitEthernet0/0/0]ip address 25.0.0.2 24
[R2]int LoopBack 0
[R2-LoopBack0]ip address 192.168.2.2 24

R3

[R3]int g0/0/0
[R3-GigabitEthernet0/0/0]ip address 35.0.0.3 24
[R3-GigabitEthernet0/0/0]int l0
[R3-LoopBack0]ip address 192.168.3.3 24

R4

[R4]int g0/0/0
[R4-GigabitEthernet0/0/0]ip add 45.0.0.4 24
[R4-GigabitEthernet0/0/0]int l0
[R4-LoopBack0]ip add 192.168.4.4 24

 R5

[R5]int g0/0/0
[R5-GigabitEthernet0/0/0]ip add 15.0.0.5 24
[R5-GigabitEthernet0/0/0]int g0/0/1
[R5-GigabitEthernet0/0/1]ip add 25.0.0.5 24
[R5-GigabitEthernet0/0/1]int g0/0/2
[R5-GigabitEthernet0/0/2]ip add 45.0.0.5 24
[R5-GigabitEthernet0/0/2]int g4/0/0
[R5-GigabitEthernet4/0/0]ip add 35.0.0.5 24

2.配置静态路由，搞通公网

[R1]ip route-static 0.0.0.0 0 15.0.0.5[R2]ip route-static 0.0.0.0 0 25.0.0.5[R3]ip route-static 0.0.0.0 0 35.0.0.5[R4]ip route-static 0.0.0.0 0 45.0.0.5

 3.配置总部与分部之间的隧道-MGRE VPN

R1

[R1]int Tunnel 0/0/0
[R1-Tunnel0/0/0]ip add 192.168.5.1 24
[R1-Tunnel0/0/0]tunnel-protocol gre p2mp 
[R1-Tunnel0/0/0]source 15.0.0.1

 R2

[R2]int Tunnel 0/0/0
[R2-Tunnel0/0/0]ip add 192.168.5.2 24
[R2-Tunnel0/0/0]tunnel-protocol gre p2mp 
[R2-Tunnel0/0/0]source GigabitEthernet 0/0/0

 R3

[R3]int Tunnel 0/0/0
[R3-Tunnel0/0/0]ip add 192.168.5.3 24
[R3-Tunnel0/0/0]tunnel-protocol gre p2mp 	
[R3-Tunnel0/0/0]source GigabitEthernet 0/0/0

R4

[R4]int Tunnel 0/0/0
[R4-Tunnel0/0/0]ip address 192.168.5.4 24	
[R4-Tunnel0/0/0]tunnel-protocol gre p2mp 
[R4-Tunnel0/0/0]source GigabitEthernet 0/0/0

4.NHRP的配置

中心站点配置：

R1

[R1-Tunnel0/0/0]nhrp network-id 100  
[R1-Tunnel0/0/0]nhrp entry multicast dynamic 

分支站点配置：

R2

[R2]int Tunnel 0/0/0
[R2-Tunnel0/0/0]nhrp network-id 100   
[R2-Tunnel0/0/0]nhrp entry 192.168.5.1 15.0.0.1 register 

 R3

[R3]int Tunnel 0/0/0
[R3-Tunnel0/0/0]nhrp network-id 100
[R3-Tunnel0/0/0]nhrp entry 192.168.5.1 15.0.0.1 register 

R4

[R4]int Tunnel 0/0/0	
[R4-Tunnel0/0/0]nhrp network-id 100
[R4-Tunnel0/0/0]nhrp entry 192.168.5.1 15.0.0.1 register 

5.配置OSPF路由协议来传递两端私网路由

R1

[R1]ospf 1 router-id 1.1.1.1
[R1-ospf-1]area 0
[R1-ospf-1-area-0.0.0.0]network 192.168.1.0 0.0.0.255
[R1-ospf-1-area-0.0.0.0]network 192.168.5.0 0.0.0.255

R2 

[R2]ospf 1 router-id 2.2.2.2
[R2-ospf-1]area 0
[R2-ospf-1-area-0.0.0.0]network 192.168.2.0 0.0.0.255
[R2-ospf-1-area-0.0.0.0]network 192.168.5.0 0.0.0.255

R3

[R3]ospf 1 router-id 3.3.3.3
[R3-ospf-1]area 0
[R3-ospf-1-area-0.0.0.0]ne	
[R3-ospf-1-area-0.0.0.0]network 192.168.3.0 0.0.0.255
[R3-ospf-1-area-0.0.0.0]network 192.168.5.0 0.0.0.255

R4

[R4]ospf 1 router-id 4.4.4.4
[R4-ospf-1]area 0
[R4-ospf-1-area-0.0.0.0]network 192.168.4.0 0.0.0.255
[R4-ospf-1-area-0.0.0.0]network 192.168.5.0 0.0.0.255
[R4-ospf-1-area-0.0.0.0]

查看各个设备的OSPF路由表学习情况及邻居表，会发现ospf的路由表学习不全，设备也无法正常建立邻接关系

Tunnel接口类型为P2P类型，不选举DR/BDR,使得设备无法正常建立邻接关系，

解决方法：更改网络中tunnel接口类型为广播或者P2MP

[R1-Tunnel0/0/0]ospf network-type broadcast
[R2-Tunnel0/0/0]ospf network-type broadcast
[R3-Tunnel0/0/0]ospf network-type broadcast
[R4-Tunnel0/0/0]ospf network-type broadcast

DR和BDR选举混乱，无法正常建邻

更改网络类型后，广播网络中中心站点和分支站点处于同一个广播域，此时需要进行DR和BDR的选举，但是在分支站点的世界里只和中心站点认识，分支站点和分支站点不认识，这就会发生多个分支站点和一个中心站点互相竞选DR和BDR，这样会造成选举结果混乱，可在中心站点看到混乱的场景 

解决方法：将分支站点的dr选举优先级变0，这样就能保证中心站点是整个广播网络中唯一的DR

[R2-Tunnel0/0/0]ospf dr-priority 0
[R3-Tunnel0/0/0]ospf dr-priority 0
[R4-Tunnel0/0/0]ospf dr-priority 0