12월 10

[GNS3 Labs. – Cisco] 라우팅 part 1 (static route, default route)

[GNS3 Lab. – Cisco] 라우팅 part 1 (static route, default route)

GNS3 로 아래와 같은 네트워크를 구성하고, static route 및 default route 설정하기.
참고문서 : CCNA® Routing and Switching Study Guide – sybex

* 작업 환경
GNS3 vm 시뮬레이터
각 라우터는 IOU L3 스위치 이용.
필요한 최소한의 설정만 적용(비밀번호 등의 설정은 배제 하였음).

1. 라우터 및 VPC(가상 컴퓨터) interface 설정

* Core 라우터 설정
L3 스위치를 라우터로 동작하도록 설정

Core# conf t
Core(config)# ip routing

각각의 인터페이스에 IP주소를 부여한다.

Core(config)# conf t
Core(config)# interface e0/0 
Core(config-if)# ip address 192.168.10.1 255.255.255.0
Core(config-if)# no shutdown
Core(config-if)# int s2/0
Core(config-if)# ip address 172.16.10.1 255.255.255.252
Core(config-if)# no shutdown
Core(config-if)# int s2/1
Core(config-if)# ip address 172.16.10.5 255.255.255.0
Core(config-if)# no shutdown
Core(config-if)# end
Core#

* Fox 라우터 설정

Fox# config terminal
Fox(Config)# ip routing
Fox(Config-if)# interface e0/1
Fox(Config-if)# ip address 192.168.10.1 255.255.255.0
Fox(Config-if)# no shutdown
Fox(Config-if)# int s0/0 
Fox(Config-if)# ip address 172.16.10.2 255.255.255.252
Fox(Config-if)# no shutdown
Fox(Config-if)# end

* Wolf 라우터 설정

Wolf# config terminal
Wolf(config)#ip routing
Wolf(config-if)# interface e0/1
Wolf(config-if)# ip address 192.168.20.1 255.255.255.0
Wolf(config-if)# no shutdown
Wolf(config-if)# int s2/1 
Wolf(config-if)# ip address 172.16.10.6 255.255.255.252
Wolf(config-if)# no shutdown

* VPCS-1 설정

VPCS> ip  192.168.10.2  255.255.255.0 192.168.10.1
VPCS>

* VPCS-2설정

VPCS> ip  192.168.20.2  255.255.255.0 192.168.20.1
VPCS>

2. Static Route 설정
* Static Routing은 각 라우터의 라우팅 테이블에 경로를 수동으로 추가하는 방법이며 아래와 같은 장단점이 있다.

장점 – 라우터 CPU의 오버헤드가 없다. 라우터 사이에 추가적인 bandwidth가 필요 없다. 관리자가 네트워크 접근을 배제할 수 있으므로 보안에 도움된다.

단점 – 관리자가 네트워크에 구성에 대해 완벽하게 알고 있어야한다. 네트워크를 추가하는 경우, 모든 라우터에 경로를 추가해야하며, 네트워크가 커질 수록 복잡해진다.

Cisco 라우터의 라우팅 설정 명령은 아래와 같다.
ip route [destination_network] [mask] [next-hop_address or exitinterface] [administrative_distance] [permanent]

* Core 라우터 설정
Core 라우터는 세개의 네트워크에 연결되어 있으며, 모든 네트워크에 라우팅 하기 위해서는 192.168.10.0/24, 192.168.20.0/24 네트워크를 라우팅 테이블에 추가해 주어야 한다.

Core# conf t
Core(config)# ip route 192.168.10.0 255.255.255.0 172.16.10.2 
Core(config)# ip route 192.168.20.0 255.255.255.0 172.16.10.6

또는, 

Core# conf t
Core(config)# ip route 192.168.10.0 255.255.255.0 s2/0
Core(config)# ip route 192.168.20.0 255.255.255.0 Serial2/1

* Fox 라우터 설정
Fox라우터는 172.16.10.0/30, 192.168.10.0/24 네트워크와 직접 연결되어 있으며, 10.10.10.0/24, 192.168.20.0/24, 172.16.10.4/30 네트워크에 대한 라우팅을 설정하면 된다.

Fox# conf t
Fox(config)# ip route 10.10.10.0 255.255.255.0 172.16.10.1
Fox(config)#ip route 192.168.20.0 255.255.255.0 172.16.10.1
Fox(config)#ip route 172.16.10.4 255.255.255252 172.16.10.1

* Wolf 라우터 설정
Wolf 라우터는 172.16.10.4/30, 192.168.20.0/24 네트워크와 직접 연결되어 있음, 10.10.10.0/24, 192.168.10.0/24, 172.16.10.0/30 네트워크에 대한 라우팅을 설정하면 된다.

Wolf# conf t
Wolf(config)# ip route 10.10.10.0 255.255.255.0 172.16.10.5
Wolf(config)# ip route 192.168.10.0  255.255.255.0 172.16.10.5
Wolf(config)# ip route 172.16.10.0 255.255.255.252 172.16.10.5

* 시험
Wolf라우터에서 VPCS-1까지 ping을 해 본다. 

Wolf#ping 192.168.10.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.10.2, timeout is 2 seconds:
.!!!!

위처럼 각 라우터와 VPC에서 서로 다른 네트워크까지 통신이 정상적으로 이루어지는지 ping 명령어로 확인 해 본다.

3. Default routing
Core 라우터에 연결된 Fox 라우터와 Wolf 라우터는 스텁-라우터(stub router)로 생각할 수 있다. 스텁이란 다른 네트워크로 가는 경로가 단 하나만 있는 경우다. 이 경우, 여러 개의 고정 경로(static route)를 만드는 대신 단일 기본 경로(default route)를 사용할 수 있다. 이 기본 경로는 라우팅 테이블에 없는 모든 패킷을 전달하는데 사용된다. 따라서, 스텁상태인 Fox, Wolf 라우터는 위에 설정한 여러개의 static route 대신 하나의 default route 만 설정해서 사용 할 수 있다.

Wolf 라우터에서 기존의 static route를 삭제하고, 하나의 default route를 설정 하도록 한다.

설정한 route 삭제

Wolf# conf t
Wolf(config)# no ip route 10.10.10.0 255.255.255.0 172.16.10.5
Wolf(config)# no ip route 192.168.10.0  255.255.255.0 172.16.10.5
Wolf(config)# no ip route 172.16.10.0 255.255.255.252 172.16.10.5

Default Route 설정 

Wolf# conf t
Wolf(config)#  ip route 0.0.0.0 0.0.0.0 172.16.10.5

4. show run 으로 확인한 각각의 라우터 최종 설정은 아래와 같다. 

4.1. Core 라우터 설정

Core#sh config
Using 1932 out of 32768 bytes
!
! Last configuration change at 06:21:27 UTC Wed Dec 6 2017
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Core
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
no ip icmp rate-limit unreachable
!
!

Core#sh run
Building configuration...

Current configuration : 2082 bytes
!
! Last configuration change at 07:25:16 UTC Wed Dec 6 2017
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Core
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
no ip icmp rate-limit unreachable
!
!
!
!
!
!
no ip domain lookup
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
redundancy
!
!
ip tcp synwait-time 5
!
!
!
!
!
!
!
!
!
!
!
!
interface Ethernet0/0
 description LAN connect to hub
 no ip address
 shutdown
!
interface Ethernet0/1
 ip address 10.10.10.1 255.255.255.0
!
interface Ethernet0/2
 no ip address
 shutdown
!
interface Ethernet0/3
 no ip address
 shutdown
!
interface Ethernet1/0
 no ip address
 shutdown
!
interface Ethernet1/1
 no ip address
 shutdown
!
interface Ethernet1/2
 no ip address
 shutdown
!
interface Ethernet1/3
 no ip address
 shutdown
!
interface Serial2/0
 description WAN connect to Fox
 ip address 172.16.10.1 255.255.255.252
 serial restart-delay 0
!
interface Serial2/1
 description WAN connect to Wolf
 ip address 172.16.10.5 255.255.255.252
 serial restart-delay 0
!
interface Serial2/2
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial2/3
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial3/0
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial3/1
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial3/2
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial3/3
 no ip address
 shutdown
 serial restart-delay 0
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
ip route 192.168.10.0 255.255.255.0 172.16.10.2 150
ip route 192.168.20.0 255.255.255.0 172.16.20.2
ip route 192.168.20.0 255.255.255.0 Serial2/1 150
!
!
!
!
control-plane
!
!
!
!
!
!
!
line con 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
line aux 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
line vty 0 4
 login
 transport input all
!
!
end

Core#




4.2. Fox 라우터 설정

Fox#sh run
Building configuration...

Current configuration : 2009 bytes
!
! Last configuration change at 07:41:39 UTC Wed Dec 6 2017
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Fox
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
no ip icmp rate-limit unreachable
!
!
!
!
!
!
no ip domain lookup
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
redundancy
!
!
ip tcp synwait-time 5
!
!
!
!
!
!
!
!
!
!
!
!
interface Ethernet0/0
 no ip address
 shutdown
!
interface Ethernet0/1
 ip address 192.168.10.1 255.255.255.0
!
interface Ethernet0/2
 no ip address
 shutdown
!
interface Ethernet0/3
 no ip address
 shutdown
!
interface Ethernet1/0
 no ip address
 shutdown
!
interface Ethernet1/1
 no ip address
 shutdown
!
interface Ethernet1/2
 no ip address
 shutdown
!
interface Ethernet1/3
 no ip address
 shutdown
!
interface Serial2/0
 description WAN connect to Core
 ip address 172.16.10.2 255.255.255.252
 serial restart-delay 0
!
interface Serial2/1
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial2/2
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial2/3
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial3/0
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial3/1
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial3/2
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial3/3
 no ip address
 shutdown
 serial restart-delay 0
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
ip route 10.10.10.0 255.255.255.0 172.16.10.1 150
ip route 172.16.10.4 255.255.255.252 172.16.10.1 150
ip route 192.168.20.0 255.255.255.0 172.16.10.1 150
!
!
!
!
control-plane
!
!
!
!
!
!
!
line con 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
line aux 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
line vty 0 4
 login
 transport input all
!
!
end


4.3. Wolf 라우터 설정
Wolf#sh run
Building configuration...

Current configuration : 1892 bytes
!
! Last configuration change at 07:51:31 UTC Wed Dec 6 2017
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Wolf
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
no ip icmp rate-limit unreachable
!
!
!
!
!
!
no ip domain lookup
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
redundancy
!
!
ip tcp synwait-time 5
!
!
!
!
!
!
!
!
!
!
!
!
interface Ethernet0/0
 no ip address
 shutdown
!
interface Ethernet0/1
 ip address 192.168.20.1 255.255.255.0
!
interface Ethernet0/2
 no ip address
 shutdown
!
interface Ethernet0/3
 no ip address
 shutdown
!
interface Ethernet1/0
 no ip address
 shutdown
!
interface Ethernet1/1
 no ip address
 shutdown
!
interface Ethernet1/2
 no ip address
 shutdown
!
interface Ethernet1/3
 no ip address
 shutdown
!
interface Serial2/0
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial2/1
 description WAN connect to Core
 ip address 172.16.10.6 255.255.255.252
 serial restart-delay 0
!
interface Serial2/2
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial2/3
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial3/0
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial3/1
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial3/2
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial3/3
 no ip address
 shutdown
 serial restart-delay 0
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 172.16.10.5
!
!
!
!
control-plane
!
!
!
!
!
!
!
line con 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
line aux 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
line vty 0 4
 login
 transport input all
!
!
end

답글 남기기

Your email address will not be published.