OSPF over GRE
Материал из xapmc.net
- Задача
- Настроить через Internet взаимосвязь по протоколу OSPF, используя туннель GRE.
- Решение
- Воспользуемся для этого vyos и mikrotik.
- Оборудование, которым располагаем
| Вендор | Модель |
|---|---|
| 1. Mikrotik | RB2011iL-IN |
| 2. Vyos | VyOS 1.1.5 |
| 3. Extreme networks | summit 350 |
- Схема сети
- Настройка
- vyos
- Создаём GRE туннель.
- Где 1.1.1.2 - внешний адрес vyos,а 2.2.2.3 внешний адрес mikrotik.
set interfaces tunnel tun2 address '172.32.1.14/30' set interfaces tunnel tun2 description 'GRE' set interfaces tunnel tun2 encapsulation 'gre' set interfaces tunnel tun2 local-ip '1.1.1.2' set interfaces tunnel tun2 multicast 'disable' set interfaces tunnel tun2 remote-ip '2.2.2.3'
- OSPF
set protocols ospf area 66 network '192.168.0.0/24' set protocols ospf area 66 network '172.32.1.12/30' set protocols ospf 'log-adjacency-changes' set protocols ospf parameters router-id '1.1.1.1'
- mikrotik
- Где 1.1.1.2 - внешний адрес vyos,а 2.2.2.3 внешний адрес mikrotik.
/interface gre add !keepalive local-address=2.2.2.3 name=gre1 remote-address=1.1.1.2 /ip address add address=172.32.1.13/30 interface=gre1 network=172.32.1.12
- OSPF
/routing ospf area add area-id=0.0.0.66 name=area66 /routing ospf interface add interface=gre1 network-type=point-to-point /routing ospf network add area=area66 network=192.168.2.0/24 add area=area66 network=172.32.1.12/30
- Проверка
- vyos
show ip route ospf
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
I - ISIS, B - BGP, > - selected route, * - FIB route
O 172.32.1.12/30 [110/10] is directly connected, tun2, 32w5d22h
O 192.168.0.0/24 [110/10] is directly connected, bond0.999, 32w5d22h
O>* 192.168.2.0/24 [110/20] via 172.32.1.13, tun2, 1d23h42m
- mikrotik
ip route print
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, B - blackhole, U - unreachable, P - prohibit # DST-ADDRESS PREF-SRC GATEWAY DISTANCE 4 ADC 172.32.1.12/30 172.32.1.13 gre1 0 6 A S 192.168.0.0/24 gre1 1 7 Do 192.168.0.0/24 172.32.1.14 110 16 ADC 192.168.2.0/24 192.168.2.1 bridge-local 0
- ICMP
ifconfig eth0
eth0 Link encap:Ethernet HWaddr 3c:97:0e:65:be:b4
inet addr:192.168.2.130 Bcast:192.168.2.255 Mask:255.255.255.0
inet6 addr: fe80::3e97:eff:fe65:beb4/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:219486511 errors:0 dropped:0 overruns:0 frame:0
TX packets:207421943 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:180693264660 (168.2 GiB) TX bytes:234164375455 (218.0 GiB)
ip r
default via 192.168.2.1 dev eth0 proto static metric 1024 192.168.2.0/24 dev eth0 proto kernel scope link src 192.168.2.130
ping 192.168.0.154
PING 192.168.0.154 (192.168.0.154) 56(84) bytes of data. 64 bytes from 192.168.0.154: icmp_seq=1 ttl=126 time=1.93 ms 64 bytes from 192.168.0.154: icmp_seq=2 ttl=126 time=2.10 ms 64 bytes from 192.168.0.154: icmp_seq=3 ttl=126 time=1.83 ms 64 bytes from 192.168.0.154: icmp_seq=4 ttl=126 time=2.02 ms ^C --- 192.168.0.154 ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3004ms rtt min/avg/max/mdev = 1.835/1.974/2.107/0.106 ms
- Как видим сети друг друга видят, icmp пакеты проходят.
- Задача решена.
