双nat路由试验,走ospf动态路由
试验环境:
一台路由器(R2)三个接口,一个接内部网络,二个接ISP1(R1)和ISP2(R3),把二个ISP的出口接入同一个交换机,然后在交换机外再接一台路由器(route),二个ISP即(R1,R3,router)走ospf 动态路由,再R2上做策略路由,根据下一跳地址来做路由决定。
---R3 ---
route--- ----R2----内部网络
---R1 ---
R3#sh run
Building configuration...
Current configuration : 902 bytes
version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
hostname R3
enable secret 5 $1$yd5D$PSCihTgQQhhAsLJRhZYBI.
ip subnet-zero
no ip domain-lookup
ip host R3 192.168.23.3
nterface Loopback0
ip address 3.3.3.3 255.255.255.0
interface Ethernet0
ip address 172.16.13.3 255.255.255.0
interface Serial0
no ip address
shutdown
interface Serial1
ip address 192.168.23.3 255.255.255.0
router ospf 1
router-id 3.3.3.3
log-adjacency-changes
redistribute connected subnets
redistribute static subnets
network 172.16.13.0 0.0.0.255 area 0
ip classless
ip route 192.168.100.0 255.255.255.0 192.168.23.2
ip http server
snmp-server community public RO
snmp-server community private RW
snmp-server enable traps tty
line con 0
logging synchronous
line aux 0
line vty 0 4
password cisco
logging synchronous
login
end
R3#
R2#
R2#sh run
Building configuration...
Current configuration : 1667 bytes
version 12.1
no service single-slot-reload-enable
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
hostname R2
logging rate-limit console 10 except errors
enable secret 5 $1$yOVt$dwGkyiFW674ow6bsPMdgZ0
ip subnet-zero
no ip finger
no ip domain-lookup
ip host R2 192.168.12.1
ip host R3 192.168.23.3
cns event-service server
interface Loopback0
ip address 2.2.2.2 255.255.255.0
interface Ethernet0
ip address 192.168.100.107 255.255.255.0
ip nat inside
interface Serial0
ip address 192.168.12.2 255.255.255.0
ip nat outside
clockrate 64000
interface Serial1
ip address 192.168.23.2 255.255.255.0
ip nat outside
clockrate 64000
interface Serial2
no ip address
shutdown
interface Serial3
no ip address
shutdown
interface BRI0
no ip address
shutdown
ip kerberos source-interface any
ip nat inside source route-map nat interface Serial1 overload
ip nat inside source route-map test interface Serial0 overload
ip classless
ip route 172.16.13.0 255.255.255.0 192.168.23.3
ip route 172.16.13.0 255.255.255.0 192.168.12.1
no ip http server
acess-list 1 permit 192.168.100.199
access-list 1 permit 192.168.100.233
access-list 1 permit 192.168.100.224
access-list 9 permit 192.168.12.1
access-list 10 permit 192.168.23.3
route-map test permit 10
match ip address 1
match ip next-hop 9
route-map cisco permit 10
route-map nat permit 10
match ip address 1
match ip next-hop 10
snmp-server community public RO
snmp-server community private RW
line con 0
logging synchronous
transport input none
line aux 0
line vty 0 4
password cisco
logging synchronous
login
end
R2#
R1#sh run
Building configuration...
Current configuration : 1017 bytes
version 12.1
no service single-slot-reload-enable
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
hostname R1
no logging rate-limit
enable secret 5 $1$Ogll$BSpS5/nOBq8HtaKfwOZ8W0
ip subnet-zero
no ip finger
no ip domain-lookup
frame-relay switching
cns event-service server
interface Loopback0
ip address 4.4.4.4 255.255.255.0
interface Ethernet0
ip address 172.16.13.1 255.255.255.0
interface Serial0
ip address 192.168.12.1 255.255.255.0
interface Serial1
no ip address
router ospf 1
router-id 4.4.4.4
log-adjacency-changes
redistribute connected subnets
redistribute static subnets
network 172.16.13.0 0.0.0.255 area 0
!
ip kerberos source-interface any
ip classless
ip route 192.168.100.0 255.255.255.0 192.168.12.2
ip http server
snmp-server community public RO
snmp-server community private RW
line con 0
logging synchronous
transport input none
line aux 0
line vty 0 4
password cisco
logging synchronous
login
end
R1#
Router#sh run
Building configuration...
Current configuration : 769 bytes
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostn
一台路由器(R2)三个接口,一个接内部网络,二个接ISP1(R1)和ISP2(R3),把二个ISP的出口接入同一个交换机,然后在交换机外再接一台路由器(route),二个ISP即(R1,R3,router)走ospf 动态路由,再R2上做策略路由,根据下一跳地址来做路由决定。
---R3 ---
route--- ----R2----内部网络
---R1 ---
R3#sh run
Building configuration...
Current configuration : 902 bytes
version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
hostname R3
enable secret 5 $1$yd5D$PSCihTgQQhhAsLJRhZYBI.
ip subnet-zero
no ip domain-lookup
ip host R3 192.168.23.3
nterface Loopback0
ip address 3.3.3.3 255.255.255.0
interface Ethernet0
ip address 172.16.13.3 255.255.255.0
interface Serial0
no ip address
shutdown
interface Serial1
ip address 192.168.23.3 255.255.255.0
router ospf 1
router-id 3.3.3.3
log-adjacency-changes
redistribute connected subnets
redistribute static subnets
network 172.16.13.0 0.0.0.255 area 0
ip classless
ip route 192.168.100.0 255.255.255.0 192.168.23.2
ip http server
snmp-server community public RO
snmp-server community private RW
snmp-server enable traps tty
line con 0
logging synchronous
line aux 0
line vty 0 4
password cisco
logging synchronous
login
end
R3#
R2#
R2#sh run
Building configuration...
Current configuration : 1667 bytes
version 12.1
no service single-slot-reload-enable
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
hostname R2
logging rate-limit console 10 except errors
enable secret 5 $1$yOVt$dwGkyiFW674ow6bsPMdgZ0
ip subnet-zero
no ip finger
no ip domain-lookup
ip host R2 192.168.12.1
ip host R3 192.168.23.3
cns event-service server
interface Loopback0
ip address 2.2.2.2 255.255.255.0
interface Ethernet0
ip address 192.168.100.107 255.255.255.0
ip nat inside
interface Serial0
ip address 192.168.12.2 255.255.255.0
ip nat outside
clockrate 64000
interface Serial1
ip address 192.168.23.2 255.255.255.0
ip nat outside
clockrate 64000
interface Serial2
no ip address
shutdown
interface Serial3
no ip address
shutdown
interface BRI0
no ip address
shutdown
ip kerberos source-interface any
ip nat inside source route-map nat interface Serial1 overload
ip nat inside source route-map test interface Serial0 overload
ip classless
ip route 172.16.13.0 255.255.255.0 192.168.23.3
ip route 172.16.13.0 255.255.255.0 192.168.12.1
no ip http server
acess-list 1 permit 192.168.100.199
access-list 1 permit 192.168.100.233
access-list 1 permit 192.168.100.224
access-list 9 permit 192.168.12.1
access-list 10 permit 192.168.23.3
route-map test permit 10
match ip address 1
match ip next-hop 9
route-map cisco permit 10
route-map nat permit 10
match ip address 1
match ip next-hop 10
snmp-server community public RO
snmp-server community private RW
line con 0
logging synchronous
transport input none
line aux 0
line vty 0 4
password cisco
logging synchronous
login
end
R2#
R1#sh run
Building configuration...
Current configuration : 1017 bytes
version 12.1
no service single-slot-reload-enable
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
hostname R1
no logging rate-limit
enable secret 5 $1$Ogll$BSpS5/nOBq8HtaKfwOZ8W0
ip subnet-zero
no ip finger
no ip domain-lookup
frame-relay switching
cns event-service server
interface Loopback0
ip address 4.4.4.4 255.255.255.0
interface Ethernet0
ip address 172.16.13.1 255.255.255.0
interface Serial0
ip address 192.168.12.1 255.255.255.0
interface Serial1
no ip address
router ospf 1
router-id 4.4.4.4
log-adjacency-changes
redistribute connected subnets
redistribute static subnets
network 172.16.13.0 0.0.0.255 area 0
!
ip kerberos source-interface any
ip classless
ip route 192.168.100.0 255.255.255.0 192.168.12.2
ip http server
snmp-server community public RO
snmp-server community private RW
line con 0
logging synchronous
transport input none
line aux 0
line vty 0 4
password cisco
logging synchronous
login
end
R1#
Router#sh run
Building configuration...
Current configuration : 769 bytes
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostn
- 上一篇:OSPF相邻之前的几个邻居状态解释
- 下一篇:祥解 Linux 集群的安装与并行计算
相关文章
图文推荐
- 文章
- 推荐
- 热门新闻