Notes - Computer Network
  • 計算機網路
  • 期中
    • 20200916 Introduction
    • 20200923 Introduction Routing
    • 20200930 Introduction Router Setting
    • 20201007 Introduction DHCP
    • 20201014 Introduction IPV6
    • 20201021 cisco RIP
    • 20201104 cisco EIGRP (一)
    • 20201111 期中週
  • 期末
    • 20201118 cisco EIGRP (二)
    • 20201125 cisco EIGRP (三)
    • 20201202 cisco KDLinux
    • 20201209 cisco VRF & OSPF
    • 20201216 cisco VLAN
    • 20201223 cisco 單臂路由
    • 20201230 cisco STP
    • 20210106 cisco GRE
  • 參考資料
Powered by GitBook
On this page
  • 課堂資料
  • Virtual Routing and Forwarding
  • 課堂練習
  • VRF
  • OSPF
  • Part 01.
  • Part 02.
  • Part 03.

Was this helpful?

  1. 期末

20201209 cisco VRF & OSPF

Previous20201202 cisco KDLinuxNext20201216 cisco VLAN

Last updated 4 years ago

Was this helpful?

課堂資料

Virtual Routing and Forwarding

Virtual Routing and Forwarding(VRF):虛擬路由和轉發,為第三層的網路虛擬化。

課堂練習

VRF

int e0/0
ip add 192.168.1.1 255.255.255.0
no shut
exit
int e0/0
ip add 192.168.2.1 255.255.255.0
no shut
exit
int e0/0
ip add 192.168.3.1 255.255.255.0
no shut
exit
int e0/0
ip add 192.168.4.1 255.255.255.0
no shut
exit

創建這些 VRF

ip vrf Blue
exit
ip vrf Red
exit

使用ip vrf forwarding命令將接口分配給正確的 VRF

int e0/0
ip vrf forwarding Blue
ip add 192.168.1.2 255.255.255.0
no shut
int e0/1
ip vrf forwarding Red
ip add 192.168.2.2 255.255.255.0
no shut
int e0/2
ip vrf forwarding Blue
ip add 192.168.3.2 255.255.255.0
no shut
int e0/3
ip vrf forwarding Red
ip add 192.168.4.2 255.255.255.0
no shut

看看 ISP 路由器的全局路由表

do sh ip ro connected

檢查 VRF 路由表

do sh ip ro vrf Blue
do sh ip ro vrf Red
do ping vrf Blue 192.168.1.1

配置靜態路由,則必須指定正確的 VRF。

R Blue 01有一個 IP 位址為 1.1.1.1 / 32 的環回接口。

我們在 ISP 路由器上創建一個靜態路由,以便我們可以訪問它

exit
ip route vrf Blue 1.1.1.1 255.255.255.255 192.168.1.1
do ping vrf Blue 1.1.1.1
ip route vrf Red 2.2.2.2 255.255.255.255 192.168.2.1
do ping vrf Red 2.2.2.2
ip route vrf Blue 3.3.3.3 255.255.255.255 192.168.3.1
do ping vrf Blue 3.3.3.3
ip route vrf Red 4.4.4.4 255.255.255.255 192.168.4.1
do ping vrf Red 4.4.4.4
do sh ip ro vrf Upper

OSPF

router ospf 1
network 192.168.1.0 0.0.0.255 area 0
network 1.1.1.1 0.0.0.0 area 0
router ospf 1
network 192.168.2.0 0.0.0.255 area 0
network 2.2.2.2 0.0.0.0 area 0
router ospf 1
network 192.168.3.0 0.0.0.255 area 0
network 3.3.3.3 0.0.0.0 area 0
router ospf 1
network 192.168.4.0 0.0.0.255 area 0
network 4.4.4.4 0.0.0.0 area 0

Blue

router ospf 1 vrf Blue
network 192.168.1.0 0.0.0.255 area 0
network 192.168.3.0 0.0.0.255 area 0

Red

router ospf 2 vrf Red
network 192.168.2.0 0.0.0.255 area 0
network 192.168.4.0 0.0.0.255 area 0

ISP 路由器上的 VRF 路由表現在的樣子

do sh ip ro vrf Blue ospf
do sh ip ro vrf Red ospf

  • Dynamic NAT ( DAT ):Many to Many Mopping

  • Port NAT ( PAT ) :Many to 1

  • Static NAT:1 to 1

Part 01.

int e0/0
ip add 12.1.1.1 255.255.255.0
no shut
int lo1
ip add 192.168.1.1 255.255.255.0
no shut
int lo2
ip add 192.168.2.1 255.255.255.0
no shut
exit
ip route 0.0.0.0 0.0.0.0 12.1.1.2
do ping 12.1.1.2
do ping 23.1.1.3
do ping 23.1.1.3 source 192.168.1.1
do ping 23.1.1.3 source 192.168.2.1
ping 3.3.3.3 source 192.168.1.1
int e0/0
ip add 12.1.1.2 255.255.255.0
no shut
int e0/1
ip add 23.1.1.2 255.255.255.0
no shut
exit
ip route 192.168.1.0 255.255.255.0 12.1.1.1
ip route 192.168.2.0 255.255.255.0 12.1.1.1
ip route 0.0.0.0 0.0.0.0 23.1.1.3
do ping 23.1.1.3
do ping 3.3.3.3
do ping 8.8.8.8
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 2 permit 192.168.2.0 0.0.0.255
ip nat pool DNAT 23.1.1.100 23.1.1.200 netmask 255.255.255.0
int e0/0
ip nat inside
int e0/1
ip nat outside
exit
ip nat inside source list 1 pool DNAT
ip nat inside source list 2 pool DNAT
exit
sh ip nat translations
sh ip nat statistics
conf t
no ip nat inside source list 1 pool DNAT
no ip nat inside source list 2 pool DNAT
ip nat pool PAT 23.1.1.2 23.1.1.2 netmask 255.255.255.0
ip nat inside source list 1 pool DNAT overload
ip nat inside source list 2 pool DNAT overload
exit
debug ip nat
int e0/0
ip add 23.1.1.3 255.255.255.0
no shut
int lo1
ip add 3.3.3.3 255.255.255.255
no shut
int lo2
ip add 8.8.8.8 255.255.255.255
no shut
exit
do sh ip ro
conf t
line vty 0 4
password cisco
login
transport input telnet

Part 02.

ifconfig eth0 192.168.3.2/24
ip addr add 192.168.3.2/24 brd + dev eth0
ip route add default via 192.168.3.1
ping 192.168.3.1
ping 12.1.1.1
ping 12.1.1.2
ping 23.1.1.2
ip route add default 192.168.3.2/24 brd + dev eth0
wireshark
telnet 23.1.1.3
conf t
int e0/1
ip add 192.168.3.1 255.255.255.0
no shut
conf t
ip route 192.168.3.0 255.255.255.0 12.1.1.1
access-list 3 permit 192.168.3.0 0.0.0.255
ip nat inside source list 3 pool DNAT overload

Part 03.

int e0/0
ip add 12.1.1.1 255.255.255.0
no shut
exit
ip route 0.0.0.0 0.0.0.0 12.1.1.2
line vty 0 4
password cisco
login
transport input telnet
int e0/0
ip add 12.1.1.2 255.255.255.0
no shut
int e0/1
ip add 23.1.1.2 255.255.255.0
no shut
exit
ip route 0.0.0.0 0.0.0.0 23.1.1.3
telnet 12.1.1.1
exit
int e0/0
ip nat inside
int e0/1
ip nat outside
exit
ip nat inside source static 12.1.1.1 23.1.1.10
do sh ip nat translations
int e0/0
ip add 23.1.1.3 255.255.255.0
no shut
exit
do ping 23.1.1.2
telnet 23.1.1.10
Virtual routing and forwardingWikipedia
https://kknews.cc/zh-tw/code/4j9pp6q.htmlkknews.cc
NAT 網路位址轉換 - Jan Ho 的網絡世界Jan Ho 的網絡世界
Logo
Logo