GNS3을 이용한 2 라우터 네트워크 구성
구성환경: GNS3 네트워크 시뮬레이터, CISCO 3745 IOS 이미지.
각 네트워크의 IP주소 대역은 아래와 같으며, 네트워크 1 에서 네트워크 2로 혹은 그 역방향으로 통신을 가능하도록 구성한다.
Network 1 : 192.168.100.0/24
Network 2 : 192.168.200.0/24
Serial : 172.16.1.0/30 , HDLC 프로토콜 사용.
GNS3 시뮬레이터 상에서의 구성은 아래 그림과 같다. GNS3은 https://www.gns3.com 에서 회원 가입후 다운로드 받을 수 있다.
GNS3 구성시 주의 사항
– Serial 은 DCE 로만 작동하기 때문에, 라우터의 시리얼 포트가 동일 한경우에 Line Protocol이 Down 되며 up되지 않는다.
이것을 해결려면, 시리얼포트를 하나는 짝수, 다른 하나는 홀수로 주면 Line Protocol이 up 된다.
실제환경에서는 한쪽은 DCE, 다른쪽은 DTE가 되어야 하며, DCE쪽에서 clock rate를 설정해 주면 다른쪽(DTE)에서 자동으로 clock rate를 맞춰주게 된다. (참고 : https://www.gns3.com/discussions/line-protocol-is-down-on-serial- )
라우터의 시리얼 확인
시리얼이 양쪽 라우터 모두 DCE로 설정되어 있음을 볼 수 있다.
R1#sh controller serial 0/0 Interface Serial0/0 Hardware is GT96K DCE 530, clock rate 2000000 idb at 0x6540DA9C, driver data structure at 0x654151C0 wic_info 0x654157C4 Physical Port 1, SCC Num 1 . . . R2#sh controller serial 0/1 Interface Serial0/1 Hardware is GT96K DCE 530, clock rate 64000 idb at 0x65417C88, driver data structure at 0x6541F3AC wic_info 0x6541F9B0 . . .
라우터는 cisco 3745 IOS 이미지를 이용한다.
라우터1(R1)의 설정
R1#sh run Building configuration... Current configuration : 1639 bytes ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R1 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5 no ip subnet-zero no ip icmp rate-limit unreachable ip cef ! ! ! ! no ip domain lookup ip auth-proxy max-nodata-conns 3 ip admission max-nodata-conns 3 ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ip tcp synwait-time 5 ! ! ! ! ! interface FastEthernet0/0 no ip address duplex auto speed auto ! interface Serial0/0 ip address 172.16.1.1 255.255.255.252 clock rate 2000000 ! interface FastEthernet0/1 ip address 192.168.100.1 255.255.255.0 duplex auto speed auto ! interface Serial0/1 no ip address clock rate 64000 ! interface Serial0/2 no ip address shutdown clock rate 2000000 ! interface FastEthernet1/0 ! interface FastEthernet1/1 ! interface FastEthernet1/2 ! interface FastEthernet1/3 ! interface FastEthernet1/4 ! interface FastEthernet1/5 ! interface FastEthernet1/6 ! interface FastEthernet1/7 ! interface FastEthernet1/8 ! interface FastEthernet1/9 ! interface FastEthernet1/10 ! interface FastEthernet1/11 ! interface FastEthernet1/12 ! interface FastEthernet1/13 ! interface FastEthernet1/14 ! interface FastEthernet1/15 ! interface Vlan1 no ip address ! ip forward-protocol nd ip route 192.168.200.0 255.255.255.0 172.16.1.2 ! ! no ip http server no ip http secure-server ! no cdp log mismatch duplex ! ! ! control-plane ! ! ! ! ! ! ! ! ! ! line con 0 exec-timeout 0 0 privilege level 15 logging synchronous line aux 0 exec-timeout 0 0 privilege level 15 logging synchronous line vty 0 4 login ! ! end R1#
라우터2(R2)의 설정
R2#sh run Building configuration... Current configuration : 1659 bytes ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R2 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 5 no ip subnet-zero no ip icmp rate-limit unreachable ip cef ! ! ! ! no ip domain lookup ip auth-proxy max-nodata-conns 3 ip admission max-nodata-conns 3 ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ip tcp synwait-time 5 ! ! ! ! ! interface FastEthernet0/0 ip address 192.168.200.1 255.255.255.0 duplex auto speed auto ! interface Serial0/0 no ip address shutdown clock rate 2000000 ! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! interface Serial0/1 ip address 172.16.1.2 255.255.255.252 clock rate 64000 ! interface Serial0/2 no ip address shutdown clock rate 2000000 ! interface FastEthernet1/0 ! interface FastEthernet1/1 ! interface FastEthernet1/2 ! interface FastEthernet1/3 ! interface FastEthernet1/4 ! interface FastEthernet1/5 ! interface FastEthernet1/6 ! interface FastEthernet1/7 ! interface FastEthernet1/8 ! interface FastEthernet1/9 ! interface FastEthernet1/10 ! interface FastEthernet1/11 ! interface FastEthernet1/12 ! interface FastEthernet1/13 ! interface FastEthernet1/14 ! interface FastEthernet1/15 ! interface Vlan1 no ip address ! ip forward-protocol nd ip route 192.168.100.0 255.255.255.0 172.16.1.1 ! ! no ip http server no ip http secure-server ! no cdp log mismatch duplex ! ! ! control-plane ! ! ! ! ! ! ! ! ! ! line con 0 exec-timeout 0 0 privilege level 15 logging synchronous line aux 0 exec-timeout 0 0 privilege level 15 logging synchronous line vty 0 4 login ! ! end R2#
VPC 설정
각 VPC들은 ip주소와 게이트웨이를 설정하면된다.
VPCS> sh ip NAME : VPCS[1] IP/MASK : 192.168.100.2/24 GATEWAY : 192.168.100.1 DNS : MAC : 00:50:79:66:68:00 LPORT : 10020 RHOST:PORT : 127.0.0.1:10021 MTU: : 1500 VPCS> VPCS-4> sh ip NAME : VPCS-4[1] IP/MASK : 192.168.200.3/24 GATEWAY : 192.168.200.1 DNS : MAC : 00:50:79:66:68:03 LPORT : 10028 RHOST:PORT : 127.0.0.1:10029 MTU: : 1500 VPCS-4>
네트워크 구성이 끝나고, VPC1에서 VPC4까지 ping으로 시험하면 아래와 같은 결과를 볼 수 있다.
VPCS> ping 192.168.200.3 84 bytes from 192.168.200.3 icmp_seq=1 ttl=62 time=31.250 ms 84 bytes from 192.168.200.3 icmp_seq=2 ttl=62 time=31.250 ms 84 bytes from 192.168.200.3 icmp_seq=3 ttl=62 time=31.234 ms 84 bytes from 192.168.200.3 icmp_seq=4 ttl=62 time=31.271 ms 84 bytes from 192.168.200.3 icmp_seq=5 ttl=62 time=31.252 ms VPCS> VPCS-4> ping 192.168.100.2 84 bytes from 192.168.100.2 icmp_seq=1 ttl=62 time=31.251 ms 84 bytes from 192.168.100.2 icmp_seq=2 ttl=62 time=31.269 ms 84 bytes from 192.168.100.2 icmp_seq=3 ttl=62 time=31.255 ms 84 bytes from 192.168.100.2 icmp_seq=4 ttl=62 time=31.252 ms 84 bytes from 192.168.100.2 icmp_seq=5 ttl=62 time=31.254 ms VPCS-4>