H3C网络学院路由交换第四卷实验指导书Word格式文档下载.docx
《H3C网络学院路由交换第四卷实验指导书Word格式文档下载.docx》由会员分享,可在线阅读,更多相关《H3C网络学院路由交换第四卷实验指导书Word格式文档下载.docx(105页珍藏版)》请在冰豆网上搜索。
spoofing
InterfacePhysicalProtocolIPAddressDescription
Vlan-interface1upup1.1.1.2Vlan-inte...
Vlan-interface2upup2.2.2.2Vlan-inte...
[SWA]displayiprouting-table
RoutingTables:
Public
Destinations:
6Routes:
6
Destination/MaskProtoPreCostNextHopInterface
1.1.1.0/24Direct001.1.1.2Vlan1
1.1.1.2/32Direct00127.0.0.1InLoop0
2.2.2.0/24Direct002.2.2.2Vlan2
2.2.2.2/32Direct00127.0.0.1InLoop0
127.0.0.0/8Direct00127.0.0.1InLoop0
127.0.0.1/32Direct00127.0.0.1InLoop0
也可以使用displayinterface命令。
在RTA和RTB上配置公网接口互通所需的静态路由。
[RTA]interfaceGigabitEthernet0/0
[RTA-GigabitEthernet0/0]ipaddress192.168.1.1255.255.255.0
[RTA-GigabitEthernet0/0]interfaceGigabitEthernet0/1
[RTA-GigabitEthernet0/1]ipaddress1.1.1.1255.255.255.0
[RTA-GigabitEthernet0/1]iproute-static2.2.2.0255.255.255.01.1.1.2
[RTB]interfaceGigabitEthernet0/0
[RTB-GigabitEthernet0/0]ipaddress192.168.2.1255.255.255.0
[RTB-GigabitEthernet0/0]interfaceGigabitEthernet0/1
[RTB-GigabitEthernet0/1]ipaddress2.2.2.1255.255.255.0
[RTB-GigabitEthernet0/1]iproute-static1.1.1.0255.255.255.02.2.2.2
步骤三:
配置GRE隧道接口
[RTA]interfaceTunnel0
[RTA-Tunnel0]ipaddress192.168.3.1255.255.255.252
[RTA-Tunnel0]source1.1.1.1
[RTA-Tunnel0]destination2.2.2.1
[RTB]interfaceTunnel0
[RTB-Tunnel0]ipaddress192.168.3.2255.255.255.252
[RTB-Tunnel0]source2.2.2.1
[RTB-Tunnel0]destination1.1.1.1
步骤四:
为私网配置静态路由
[RTA]iproute-static192.168.2.0255.255.255.0Tunnel0
[RTB]iproute-static192.168.1.0255.255.255.0Tunnel0
配置时也可以用下一跳地址。
步骤五:
检验隧道工作状况
查看RTA与RTB的路由表,可见公网、私网路由均存在于路由表中:
[RTB]displayiprouting-table
10Routes:
10
1.1.1.0/24Static6002.2.2.2GE0/1
2.2.2.0/24Direct002.2.2.1GE0/1
2.2.2.1/32Direct00127.0.0.1InLoop0
192.168.1.0/24Static600192.168.3.2Tun0
192.168.2.0/24Direct00192.168.2.1GE0/0
192.168.2.1/32Direct00127.0.0.1InLoop0
192.168.3.0/30Direct00192.168.3.2Tun0
192.168.3.2/32Direct00127.0.0.1InLoop0
查看RTA和RTB的隧道接口状态,可见其使用GRE封装,状态为UP:
[RTB]displayinterfaceTunnel0
Tunnel0currentstate:
UP
Lineprotocolcurrentstate:
Description:
Tunnel0Interface
TheMaximumTransmitUnitis1476
InternetAddressis192.168.3.2/30Primary
EncapsulationisTUNNEL,service-loopback-groupIDnotset.
Tunnelsource2.2.2.1,destination1.1.1.1
Tunnelkeepalivedisable
Tunnelprotocol/transportGRE/IP
GREkeydisabled
ChecksummingofGREpacketsdisabled
Outputqueue:
(Urgentqueuing:
Size/Length/Discards)0/100/0
(Protocolqueuing:
Size/Length/Discards)0/500/0
(FIFOqueuing:
Size/Length/Discards)0/75/0
Last300secondsinput:
15bytes/sec,0packets/sec
Last300secondsoutput:
21bytes/sec,0packets/sec
133packetsinput,5701bytes
0inputerror
124packetsoutput,7469bytes
0outputerror
在RTA上打开GRE协议调试开关用debugging命令检验路由器实际收发的报文,说明其地址已经改变。
<
RTA>
terminalmonitor
terminaldebugging
debugginggrepacket
在PCA上对RTB运行ping命令,但只发送一个ICMP包:
C:
\DocumentsandSettings\User>
ping-n1192.168.2.1
Pinging192.168.2.1with32bytesofdata:
Replyfrom192.168.2.1:
bytes=32time<
1msTTL=254
Pingstatisticsfor192.168.2.1:
Packets:
Sent=1,Received=1,Lost=0(0%loss),
Approximateroundtriptimesinmilli-seconds:
Minimum=0ms,Maximum=0ms,Average=0ms
观察RTA上的输出信息:
*Jun2616:
15:
30:
4432009RTAGRE/7/debug:
Tunnel0packet:
Afterencapsulation,
Outgoingpacketheader1.1.1.1->
2.2.2.1(length=84)
Output:
Grepackethasbeenfast-switc
hedsuccessfully,interfaceindexis0x2f0000.
可见RTA从Tunnel0接口发出了一个包,源地址为1.1.1.1,目的地址为2.2.2.1。
因为发送的包已经被GRE封装后在公网发送了。
步骤六:
清除静态路由
用undoiproute-static命令。
步骤七:
为公网配置动态路由
[RTA]ospf1
[RTA-ospf-1]area0.0.0.0
[RTA-ospf-1-area-0.0.0.0]network1.0.0.00.255.255.255
[RTB]ospf1
[RTB-ospf-1]area0.0.0.0
[RTB-ospf-1-area-0.0.0.0]network2.0.0.00.255.255.255
[SWA]ospf1
[SWA-ospf-1]area0.0.0.0
[SWA-ospf-1-area-0.0.0.0]network1.0.0.00.255.255.255
[SWA-ospf-1-area-0.0.0.0]network2.0.0.00.255.255.255
步骤八:
为私网配置动态路由
[RTA]rip1
[RTA-rip-1]version2
[RTA-rip-1]network192.168.1.0
[RTA-rip-1]network192.168.3.0
[RTB]rip
[RTB-rip-1]version2
[RTB-rip-1]network192.168.2.0
[RTB-rip-1]network192.168.3.0
步骤九:
再次检验隧道工作状况
查看RTA与RTB的路由表:
RTB>
displayiprouting-table
1.1.1.0/24OSPF1022.2.2.2GE0/1
2.2.2.0/24Direct002.2.2.
升级会员 