Comprehensive experiment of realizing private network interworking under mGRE environment

1. Topology ：

2. The experimental requirements ：

（1）R4 by ISp, All physical interfaces connected are public network segments , Arbitrarily specify IP that will do
（2）R1-2-3, Build a star structure MGRE Interface , among R1 For the center , hypothesis R1 Of public ownership IP Is the inherent address
（3）R1-5-6 Build another fully trained mesh MGRE The Internet , among R1/5 All are central areas ;
（4） Use OSPF Realize the interworking of the whole private network , All at the same time PC Normal access R4 The loopback of
 

 3. Experimental thinking ：

（1） Configure the IP Address , Write default ,NAT（ And R4 Sure ping through ）.

（2） Configure each router according to the requirements of the topic （ Realization MGRE Network structure ）.

（3）ospf The regional division of （R1,R2,R3, Is the region 0）（R1,R5,R6 Is area one ）, Loopback configuration

（4） Test the interworking of private networks

4. Configuration command ：

Every router IP Configuration of ：（ With R1,R4 For example ）

  Write default and NAT：（ With R1 For example ）

notes ：

because R1 There are two physical interfaces , So there are two default commands .

  To configure MGRE Environmental Science （R1,R2,R3 It is a star structure ,R1,R5, R6 It is an interconnected mesh ）

R1,R5, R6 It is an interconnected mesh ,R1,R5 All centered , Therefore, the following configuration is required ：

notes ：

R4 Analog operator , So do not configure it ,R1 Because under two network structures , So we should establish two Tunnel mouth .

  stay R1 Upper detection NHRP:

OSPF Configuration of ：

  notes ：

Two regions ,ABR yes R1

of MGRE Knowledge , You can learn through my other blog http://t.csdn.cn/qdyDY.

Basic knowledge , You can go through http://t.csdn.cn/8ocRs To study

//

R1 There are two areas （area0,area1）

Configuration of other routers ;

R2

R3

R5

 R6

  test ：

PC 1 ping R4 Loopback ,pc1 ping pc 6

 pc 1 ping pc 5

pc 3 ping pc6 , as well as R4 The loopback of

Add ： 

Multipoint GRE  -- Belong to NBMA The Internet

If you use point-to-point GRE In the case of multiple nodes , To form a VPN Environmental Science ;VPN Number 、 Number of network segments 、 Fix ip Number 、 The number of routing entries increases exponentially with the increase of nodes ;

MGRE --- All nodes have the same MA Network segment ; And for the center to site structure ; In this structure , By default, only the central site needs to be fixed public ip Address ; The branch site address can be changed ;--- Greatly reduce the management difficulty , Resource occupancy , cost ;

NHRP： Next hop path discovery protocol ; There are server and client ; The server needs to be fixed and public ip Address , client ip The address is variable ; The client is locally public ip After change , Actively register with the server ; Server generation MAP,

MAP Record the public of the client ip And tunnel Of ip Address correspondence ; If other clients need to access another client , You can download this from the server MAP;

MRGE The environment is NBMA Environmental Science , stay NBMA Environment , Broadcast not supported 、 Flooding mechanism ; If broadcast message forwarding is required , Pseudo broadcasting rules can be used for reference , Unicast forwarding to all nodes of the network segment ; To achieve the broadcasting effect ;

Central site configuration

interface Tunnel0/0/0     establish tunnel mouth

 ip address 10.1.1.1 255.255.255.0    Configure interface ip Address

 tunnel-protocol gre p2mp   First modify the interface mode to multipoint GRE

 source 15.1.1.1   Redefine the public source IP Address

 nhrp entry multicast dynamic    Local become NHRP center , At the same time, pseudo broadcasting can be carried out

 nhrp network-id 100    The default is 0 Number , All nodes in the network segment tunnel The interface must be the same domain

Pseudo broadcast — When the target IP When the address is a multicast or broadcast address , Unicast traffic once per user ; The outer header is unicast header , The inner header is multicast or broadcast header ; This function is not enabled , The dynamic routing protocol based on multicast and broadcast will not work normally ;

[r1]dis nhrp peer all   View branch site registration results

Branch site ：

interface Tunnel0/0/0

 ip address 10.1.1.2 255.255.255.0

 tunnel-protocol gre p2mp

 source GigabitEthernet0/0/2   Suppose the branch site ip The address is not fixed

 nhrp network-id 100

 nhrp entry 10.1.1.1 15.1.1.1 register     The branch needs to register with the central site

If all tunnel Corresponding public ip All are fixed ip Address , You can make each router a central site , Both rooms are registered manually ;

It can form a fully connected network topology ;---rip This protocol with horizontal segmentation mechanism can converge normally ;

When the topology is central to the site （ Radial 、 Star type ）--- Not all outlets are fixed public ip, Not all tunnel Devices register with each other ; The normal convergence of the whole network can only be realized by turning off horizontal segmentation ;

[r1-Tunnel0/0/0]undo rip split-horizon   

Xiaobian's creation is not easy , Thank you for your support , I hope it can help you who are working hard ！！

What's the problem? , Feel free to leave a comment ！