×××—GRE通用路由封装-白红宇

×××—GRE通用路由封装

阅读量：6608 次

发布时间：2019-06-24

本文共 9351 字，大约阅读时间需要 31 分钟。

GRE简介

通用路由选择封装（Generic RoutingEncapsulation，GRE）是网络中通过隧道将通信从一个专用网络传输到另一个专用网络常用到的一个协议。

尽管GRE不提供加密服务，但它提供低开销隧道。本实验通过GRE的RFC展示了GRE的不同实现并比较了其不同之处。

今天我们通过一个简单的实验来了解GRE

实验要求

1、现有一家公司，有两家分公司，这两家分公司分别在不同的地方，通过一个公用网通信

2、为在公用网中建立专用网络，实现公司内部加密通信，使用GRE协议技术实现此目的

实验拓扑

3、在总公司和两家分公司之间分别建立虚拟通信链路，两分公司的通信要通过总公司

具体实验过程

一、配置IP

总公司：

Router>en

Router#conf t

Enter configurationcommands, one per line. End with CNTL/Z.

Router(config)#int f0/1

Router(config-if)#ip add192.168.20.1 255.255.255.0

Router(config-if)#no sh

%LINK-5-CHANGED: InterfaceFastEthernet0/1, changed state to up

%LINEPROTO-5-UPDOWN: Lineprotocol on Interface FastEthernet0/1, changed state to up

Router(config-if)#ex

Router(config)#int f0/0

Router(config-if)#ip add172.1.1.2 255.255.255.252

Router(config-if)#no sh

%LINK-5-CHANGED: InterfaceFastEthernet0/0, changed state to up

Router(config-if)#ex

Router(config)#int loop0

%LINK-5-CHANGED: InterfaceLoopback0, changed state to up

%LINEPROTO-5-UPDOWN: Lineprotocol on Interface Loopback0, changed state to up

Router(config-if)#ip add192.168.0.1 255.255.255.255

Router(config-if)#ex

分公司1：

Router>en

Router#conf t

Enter configurationcommands, one per line. End with CNTL/Z.

Router(config)#int f0/1

Router(config-if)#ip add192.168.36.1 255.255.255.0

Router(config-if)#no sh

%LINK-5-CHANGED: InterfaceFastEthernet0/1, changed state to up

%LINEPROTO-5-UPDOWN: Lineprotocol on Interface FastEthernet0/1, changed state to up

Router(config-if)#exi

Router(config)#int f0/0

Router(config-if)#ip add172.1.2.2 255.255.255.252

Router(config-if)#no sh

%LINK-5-CHANGED: InterfaceFastEthernet0/0, changed state to up

Router(config-if)#ex

Router(config)#int loop 0

%LINK-5-CHANGED: InterfaceLoopback0, changed state to up

%LINEPROTO-5-UPDOWN: Lineprotocol on Interface Loopback0, changed state to up

Router(config-if)#ip add192.168.0.2 255.255.255.255

Router(config-if)#exi

分公司2：

Router>en

Router#conf t

Enter configurationcommands, one per line. End with CNTL/Z.

Router(config)#int f0/1

Router(config-if)#ip add192.168.44.1 255.255.255.0

Router(config-if)#no sh

%LINK-5-CHANGED: InterfaceFastEthernet0/1, changed state to up

%LINEPROTO-5-UPDOWN: Lineprotocol on Interface FastEthernet0/1, changed state to up

Router(config-if)#ex

Router(config)#int f0/0

Router(config-if)#ip add172.1.3.2 255.255.255.252

Router(config-if)#no sh

%LINK-5-CHANGED: InterfaceFastEthernet0/0, changed state to up

Router(config-if)#int loop0

%LINK-5-CHANGED: InterfaceLoopback0, changed state to up

Router(config-if)#

%LINEPROTO-5-UPDOWN: Lineprotocol on Interface Loopback0, changed state to up

Router(config-if)#ip ad192.168.0.3 255.255.255.255

Router(config-if)#ex

Router(config)#

INTERNET（中间路由）:

Router#conf t

Enter configurationcommands, one per line. End with CNTL/Z.

Router(config)#int f0/0

Router(config-if)#ip add172.1.1.1 255.255.255.252

Router(config-if)#no sh

%LINK-5-CHANGED: InterfaceFastEthernet0/0, changed state to up

%LINEPROTO-5-UPDOWN: Lineprotocol on Interface FastEthernet0/0, changed state to up

Router(config-if)#ex

Router(config)#int f0/1

Router(config-if)#ip add172.1.2.1 255.255.255.252

Router(config-if)#no sh

%LINK-5-CHANGED: InterfaceFastEthernet0/1, changed state to up

%LINEPROTO-5-UPDOWN: Lineprotocol on Interface FastEthernet0/1, changed state to up

Router(config-if)#ex

Router(config)#int f1/0

Router(config-if)#ip add172.1.3.1 255.255.255.252

Router(config-if)#no sh

%LINK-5-CHANGED: InterfaceFastEthernet1/0, changed state to up

%LINEPROTO-5-UPDOWN: Lineprotocol on Interface FastEthernet1/0, changed state to up

Router(config-if)#ex

Router(config)#int loop 0

%LINK-5-CHANGED: InterfaceLoopback0, changed state to up

%LINEPROTO-5-UPDOWN: Lineprotocol on Interface Loopback0, changed state to up

Router(config-if)#ip add172.1.0.1 255.255.255.255

Router(config-if)#ex

终端设备IP设置略

二、为3个路由设置NAT和ACL表

总公司：

Router#conf t

Enter configurationcommands, one per line. End with CNTL/Z.

Router(config)#int f0/1

Router(config-if)#ip nat in

Router(config-if)#ip natinside

Router(config-if)#exit

Router(config)#int f0/0

Router(config-if)#ip nat ou

Router(config-if)#ip natoutside

Router(config-if)#exi

Router(config)#ac

Router(config)#access-list100 per

Router(config)#access-list1 permit 192.168.20.0 0.0.0.255

Router(config)#ip natinside sou

Router(config)#ip natinside source list 1 ?

interface Specify interface for global address

pool Name pool of global addresses

Router(config)#ip natinside source list 1 int f0/0

Router(config)#exit

分公司1：

Router>en

Router#conf t

Enter configurationcommands, one per line. End with CNTL/Z.

Router(config)#int f0/1

Router(config-if)#ip natinsi

Router(config-if)#ip natinside

Router(config-if)#ex

Router(config)#int f0/0

Router(config-if)#ip nat o

Router(config-if)#ex

Router(config)#ac

Router(config)#access-list1 per

Router(config)#access-list1 permit 192.168.36.0 0.0.0.255

Router(config)#ip nat in

Router(config)#ip natinside s

Router(config)#ip natinside source list 1 int f0/0

Router(config)#ex

分公司2：

Router#conf t

Enter configurationcommands, one per line. End with CNTL/Z.

Router(config)#int f0/1

Router(config-if)#ip nat i

Router(config-if)#ex

Router(config)#int f0/0

Router(config-if)#ip nat o

Router(config-if)#ex

Router(config)#ac

Router(config)#access-list1 pe

Router(config)#access-list1 permit 192.168.44.0 0.0.0.255

Router(config)#ip nat in

Router(config)#ip natinside so

Router(config)#ip natinside source list 1 int f0/0

Router(config)#ex

三、GRE协议配置

总公司分公司1

总公司配置

Router>en

Router#conf t

Enter configuration commands, one perline. End with CNTL/Z.

Router(config)#int t

Router(config)#int tunnel 0

%LINK-5-CHANGED: Interface Tunnel0, changedstate to up

Router(config-if)#ip add 192.168.1.1255.255.255.252

Router(config-if)#tunnel s

Router(config-if)#tunnel source f0/0

Router(config-if)#tun

Router(config-if)#tunnel d

Router(config-if)#tunnel destination172.1.2.2

Router(config-if)#ex

分公司1配置

Router>en

Router#conf t

Enter configuration commands, one perline. End with CNTL/Z.

Router(config)#int t 0

%LINK-5-CHANGED: Interface Tunnel0, changedstate to up

Router(config-if)#ip add 192.168.1.2255.255.255.252

Router(config-if)#tu

Router(config-if)#tunnel s f0/0

Router(config-if)#tu

Router(config-if)#tunnel d 172.1.1.2

Router(config-if)#ex

总公司分公司2

总公司配置

Router#conf t

Enter configuration commands, one perline. End with CNTL/Z.

Router(config)#int t 1

%LINK-5-CHANGED: Interface Tunnel1, changedstate to up

Router(config-if)#ip add 192.168.1.5255.255.255.252

Router(config-if)#t s f0/0

Router(config-if)#t d 172.1.3.2

Router(config-if)#exi

分公司2配置

Router>en

Router#conf t

Enter configuration commands, one perline. End with CNTL/Z.

Router(config)#int t 0

%LINK-5-CHANGED: Interface Tunnel0, changedstate to up

Router(config-if)#ip ad 192.168.1.6255.255.255.252

Router(config-if)#t s f0/0

Router(config-if)#t d 172.1.1.2

Router(config-if)#ex

四、配置动态路由OSPF

开启OSPF动态路由协议并配置

总公司

Router#conf t

Enter configurationcommands, one per line. End with CNTL/Z.

Router(config)#router ?

bgp Border Gateway Protocol (BGP)

eigrp Enhanced Interior Gateway Routing Protocol (EIGRP)

ospf Open Shortest Path First (OSPF)

rip Routing Information Protocol (RIP)

Router(config)#router ospf?

<1-65535> Process ID

Router(config)#router ospf1

Router(config-router)#net

Router(config-router)#network192.168.20.0 0.0.0.255 area 0

Router(config-router)#network192.168.0.1 0.0.0.0 area 0

Router(config-router)#network192.168.1.0 0.0.0.3 area 0

Router(config-router)#network192.168.1.4 0.0.0.3 area 0

Router(config-router)#exit

Router(config)#ip route0.0.0.0 0.0.0.0 172.1.1.1（默认路由，作为连接入公网的边界路由，要配置默认路由）

%LINEPROTO-5-UPDOWN: Lineprotocol on Interface Tunnel0, changed state to up

%LINEPROTO-5-UPDOWN: Lineprotocol on Interface Tunnel1, changed state to up

Router(config)#

分公司1：

Router#conf t

Enter configurationcommands, one per line. End with CNTL/Z.

Router(config)#router o

% Incomplete command.

Router(config)#router o 1

Router(config-router)#net192.168.36.0 0.0.0.255 a 0

Router(config-router)#net192.168.0.2 0.0.0.0 a 0

Router(config-router)#net192.168.1.0 0.0.0.3 a 0

Router(config-router)#exit

Router(config)#ip route0.0.0.0 0.0.0.0 172.1.2.1

%LINEPROTO-5-UPDOWN: Lineprotocol on Interface Tunnel0, changed state to up

Router(config)#

00:50:26: %OSPF-5-ADJCHG:Process 1, Nbr 192.168.0.1 on Tunnel0 from LOADING to FULL, Loading Done

Router(config)#

分公司2

Router#conf t

Enter configurationcommands, one per line. End with CNTL/Z.

Router(config)#router o 1

Router(config-router)#net 192.168.44.00.0.0.255 a 0

Router(config-router)#net192.168.0.3 0.0.0.0 a 0

Router(config-router)#net192.168.1.4 0.0.0.3 a 0

Router(config-router)#ex

Router(config)#ip route0.0.0.0 0.0.0.0 172.1.3.1

%LINEPROTO-5-UPDOWN: Lineprotocol on Interface Tunnel0, changed state to up

Router(config)#

01:00:16: %OSPF-5-ADJCHG:Process 1, Nbr 192.168.0.1 on Tunnel0 from LOADING to FULL, Loading Done

Router(config)#

INTERNET配置

Router#conf t

Enter configurationcommands, one per line. End with CNTL/Z.

Router(config)#router o 1

Router(config-router)#net172.1.1.0 0.0.0.3 a 0

Router(config-router)#net172.1.2.0 0.0.0.3 a 0

Router(config-router)#net172.1.3.0 0.0.0.3 a 0

Router(config-router)#net172.1.0.1 0.0.0.0 a 0

Router(config-router)#exit

Router(config)#

至此，全部配置完成，在中间配置过程中也可以虽是进行测试，这里我们对结果进行个测试

，结果全部连通，我们来抓包看看协议的工作。

通过以上两个进出包的分析，我们很容易发现，数据包从总公司出去的时候加上了GRE封装，IP协议在这里既做了载荷协议又做了承载协议。并且经过GRE封装之后，可以看到承载协议的IP头源地址和目的地址被转换为我们的通信隧道的源端和目的端。

转载于:https://blog.51cto.com/lining/1400730

你可能感兴趣的文章

par函数的xaxt函数-控制x轴刻度的显示

查看>>

Unity5.1 新的网络引擎UNET（十五） Networking 引用--中

查看>>

用任务计划管理计划任务对付任务计划-禁止WPS提示升级

查看>>

Android——SlidingMenu学习总结

查看>>

React-Native 之 GD （十六）首页筛选功能

查看>>

UI概念体系要素

查看>>

SSISDB5：使用TSQL脚本执行Package

查看>>

performSelectorInBackground V.S detachNewThreadSelector?

查看>>

linux，Centos，bash: service: command not found

查看>>

【转】UIColor对颜色的自定义

查看>>

php编译报错　configure: error: Please reinstall the libcurl distribution - easy.h should be in <curl-...

查看>>

asp.net后台进程做定时任务

查看>>

Ural_1671. Anansi's Cobweb(并查集)