...

Friday, June 4, 2010

Misc 28

There are times where you want to share routes across the internet using internal routing protocols such as OSPF. In this case, we would need to have a direct point-to-point link between the sites. However, this would mean that you would have to either purchase a private line of some sort.
Thankfully, all that is in the past. Cisco systems developed a tunneling protocol known as the Generic Routing Encapsulation that allows point-to-point links to be set up by encapsulating layer 3 protocols in IP packets.

In this example, we will be using this topology to demonstrate the concept:



Notice that the GRE tunnel has an IP address on each end. It's as if the router has another point-to-point interface through the internet. However, note that GRE is not encrypted by default so we will need to leverage on IPSec in the next article. This article will focus on setting up GRE and running OSPF through it.

First of all, I'll assume that you are able to ping across to the other side (e.g. ping 3.3.3.2 from R1 and ping 1.1.1.2 form R2). Now we'll start creating the GRE tunnel. We'll need to do this on both sides. First, on R1, type:
in tun 0
ip add 10.10.10.1 255.255.255.0
tunnel source f0/0
tunnel destination 3.3.3.2


Then on R2, we type:
ip add 10.10.10.2 255.255.255.0
tunnel source f0/0
tunnel destination 1.1.1.2


At this point if all goes well, you should be able to ping each other's tunnel interfaces. We'll begin with the routing protocols. First of all, we'll want to have some kind of routes to advertise. We'll make some loopbacks on R1 as shown:
in lo0
ip add 192.168.0.1 255.255.255.0
in lo1
ip add 192.168.1.1 255.255.255.0
in lo2
ip add 192.168.2.1 255.255.255.0
in lo3
ip add 192.168.3.1 255.255.255.0


We'll then start the routing process on R1:
router ospf 1
network 10.10.10.1 0.0.0.0 area 0
network 192.168.0.0 0.0.3.255 area 0


On R1, we'll do this:
router ospf 1
network 10.10.10.2 0.0.0.0 area 0


At this point, you should be exchanging neighbors. Test that you can ping the 192.168.x.x loopbacks from R2.

No comments :

Post a Comment

<