L2TPV3实现端口到端口的二层VPN.doc

L2TPV3实现端口到端口的二层VPN1.实验描述有两个客户，一个VPNA，一个VPNB，通过运营网络建立端口到端口的二层VPN。VPNA的CE之间跑OSPF，VPNB的CE之间跑RIPV2。使得两个客户能够学到对方的loopback地址。注意，每个客户之间连接的地址是端口到端口的，犹如两台路由器直接用线缆连接，它们连接的IP是同一个网段的。运营商网络用台路由器，一台P，两台PE，每PE连接VPNA和VPNB的各一个CE。两台PE通过L2TPV3为客户VPNA和VPNB实现端口到端口的二层VPN。R1为P，R2和R3为PE;R7,R8为客户VPNA的CE；R9，R10为客户VPNB的CE；运营商内部IGP为OSPF 1；VPNA 的IGP 为OSPF 64；VPNB 的 IGP为 RIPV2。实验完成后R7，R8能学到对方的loopback地址，以7.7.7.7为源ping通8.8.8.8; R9，R10能学到对方的loopback地址，以9.9.9.9为源ping通10.10.10.10。具体实验的拓扑如下：2.实验步骤2.1配置运营商IGP，配置完后每台运营商路由器都能学到其他两台的loopback地址。R1interface Loopback0ip address 1.1.1.1 255.255.255.255!interface Serial1/0ip address 1.1.12.1 255.255.255.0!interface Serial1/1ip address 1.1.13.1 255.255.255.0!router ospf 1router-id 1.1.1.1network 1.1.1.1 0.0.0.0 area 0network 1.1.12.0 0.0.0.255 area 0network 1.1.13.0 0.0.0.255 area 0!R2interface Loopback0ip address 2.2.2.2 255.255.255.255!router ospf 1router-id 2.2.2.2log-adjacency-changesnetwork 1.1.12.0 0.0.0.255 area 0network 2.2.2.2 0.0.0.0 area 0!interface Serial1/0ip address 1.1.12.2 255.255.255.0!R3interface Loopback0ip address 3.3.3.3 255.255.255.255!interface Serial1/0ip address 1.1.13.3 255.255.255.0!router ospf 1router-id 3.3.3.3network 1.1.13.0 0.0.0.255 area 0network 3.3.3.3 0.0.0.0 area 0!以下内容需要回复才能看到验证每台运营商路由器都能学到其他路由器的loopback地址。r1# sh ip routeCodes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static routeGateway of last resort is not set 1.0.0.0/8 is variably subnetted, 3 subnets, 2 masksC 1.1.1.1/32 is directly connected, Loopback0C 1.1.12.0/24 is directly connected, Serial1/0C 1.1.13.0/24 is directly connected, Serial1/1 2.0.0.0/32 is subnetted, 1 subnetsO 2.2.2.2 110/65 via 1.1.12.2, 01:20:13, Serial1/0 3.0.0.0/32 is subnetted, 1 subnetsO 3.3.3.3 110/65 via 1.1.13.3, 01:20:13, Serial1/1r1#r2#sh ip routeCodes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static routeGateway of last resort is not set 1.0.0.0/8 is variably subnetted, 3 subnets, 2 masksO 1.1.1.1/32 110/65 via 1.1.12.1, 01:20:27, Serial1/0C 1.1.12.0/24 is directly connected, Serial1/0O 1.1.13.0/24 110/128 via 1.1.12.1, 01:20:27, Serial1/0 2.0.0.0/32 is subnetted, 1 subnetsC 2.2.2.2 is directly connected, Loopback0 3.0.0.0/32 is subnetted, 1 subnetsO 3.3.3.3 110/129 via 1.1.12.1, 01:20:27, Serial1/0r3#sh ip routeCodes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static routeGateway of last resort is not set 1.0.0.0/8 is variably subnetted, 3 subnets, 2 masksO 1.1.1.1/32 110/65 via 1.1.13.1, 01:20:32, Serial1/0O 1.1.12.0/24 110/128 via 1.1.13.1, 01:20:32, Serial1/0C 1.1.13.0/24 is directly connected, Serial1/0 2.0.0.0/32 is subnetted, 1 subnetsO 2.2.2.2 110/129 via 1.1.13.1, 01:20:32, Serial1/0 3.0.0.0/32 is subnetted, 1 subnetsC 3.3.3.3 is directly connected, Loopback02.2配置运营商两台PE的L2TPV3，配置完后验证会话。R2pseudowire-class vpna /*定义一个摸版名为VPNAencapsulation l2tpv3 /*封装为l2tpv3protocol none /* 因为配置手动L2TPV3会话，这里禁用L2TPV3ip local interface Loopback0!pseudowire-class vpnbencapsulation l2tpv3protocol noneip local interface Loopback0!interface Ethernet0/0no ip addresshalf-duplexno cdp enablexconnect 3.3.3.3 33 encapsulation l2tpv3 manual pw-class vpna /*对等体ip地址为3.3.3.3 ，VCID为33，L2TPV3为手动模式，调用摸版vpna l2tp id 245 329 /*l2tp本地会话ID为245,远程为329，在对等体设置与这里相反 l2tp cookie local 8 957344 93790092 /*定义L2TPV3cookies，保护VC会话，对等体那边本地和远程cookies与这里相反 l2tp cookie remote 8 76429 945!interface Ethernet0/1no ip addresshalf-duplexno cdp enablexconnect 3.3.3.3 44 encapsulation l2tpv3 manual pw-class vpnb l2tp id 222 333 l2tp cookie local 8 444444 5555555 l2tp cookie remote 8 66666 666!R3pseudowire-class vpnaencapsulation l2tpv3protocol noneip local interface Loopback0!pseudowire-class vpnbencapsulation l2tpv3protocol noneip local interface Loopback0!interface Ethernet0/0no ip addresshalf-duplexno cdp enablexconnect 1.1.1.1 33 encapsulation l2tpv3 manual pw-class vpna l2tp id 329 245 l2tp cookie local 8 76429 945 l2tp cookie remote 8 957344 93790092!interface Ethernet0/1no ip addresshalf-duplexno cdp enablexconnect 2.2.2.2 44 encapsulation l2tpv3 manual pw-class vpnb l2tp id 333 222 l2tp cookie local 8 66666 666 l2tp cookie remote 8 444444 5555555!用show l2tun显示会话摘要信息r2#sh l2tunL2TP Tunnel and Session Information Total tunnels 0 sessions 2LocID RemID TunID Username, Intf/ State Last Chg Uniq ID Vcid, Circuit 245 329 0 33, Et0/0 est 01:19:22 1 222 333 0 44, Et0/1 est 00:44:01 2用show l2tun session all显示会话属性r2#sh l2tun session allL2TP Session Information Total tunnels 0 sessions 2Session id 245 is up, tunnel id 0Call serial number is 0Remote tunnel name is Internet address is 3.3.3.3 Session is manually signalled Session state is established, time since change 01:20:11150061 Packets sent, 0 received12060054 Bytes sent, 0 received Last clearing of "show vpdn" counters neverReceive packets dropped: out-of-order: 0 total: 0Send packets dropped: exceeded session MTU: 0 total: 0Session vcid is 33 Session Layer 2 circuit, type is Ethernet, name is Ethernet0/0 Circuit state is UPRemote session id is 329, remote tunnel id 0 DF bit off, ToS reflect disabled, ToS value 0, TTL value 255 Session cookie information:local cookie, size 8 bytes, value 05 97 1F 8C 00 0E 9B A0remote cookie, size 8 bytes, value 00 00 03 B1 00 01 2A 8D UDP checksums are disabled SSS switching enabled Sequencing is off Unique ID is 1Session id 222 is up, tunnel id 0Call serial number is 0Remote tunnel name is Internet address is 3.3.3.3 Session is manually signalled Session state is established, time since change 00:44:5173507 Packets sent, 33786 received5879391 Bytes sent, 2673331 received Last clearing of "show vpdn" counters neverReceive packets dropped: out-of-order: 0 total: 0Send packets dropped: exceeded session MTU: 0 total: 0Acknowledgements My deepest gratitude goes first and foremost to Professor aaa , my supervisor, for her constant encouragement and guidance. She has walked me through all the stages of the writing of this thesis. Without her consistent and illuminating instruction, this thesis could not havereached its present form. Second, I would like to express my heartfelt gratitude to Professor aaa, who led me into the world of translation. I am also greatly indebted to the professors and teachers at the Department of English: Professor dddd, Professor ssss, who have instructed and helped me a lot in the past two years. Last my thanks would go to my beloved family for their loving considerations and great confidence in me all through these years. I also owe my sincere gratitude to my friends and my fellow classmates who gave me their help and time in listening to me and helping me work out my problems during the difficult course of the thesis. My deepest gratitude goes first and foremost to Professor aaa , my supervisor, for her constant encouragement and guidance. She has walked me through all the stages of the writing of this thesis. Without her consistent and illuminating instruction, this thesis could not havereached its present form. Second, I would like to express my heartfelt gratitude to Professor aaa, who led me into the world of translation. I am also greatly indebted to the professors and teachers at the Department of English: Professor dddd, Professor ssss, who have instructed and helped me a lot in the past two years. Last my thanks would go to my beloved family for their loving considerations and great confidence in me all through these years. I also owe my sincere gratitude to my friends and my fellow classmates who gave me their help and time in listening to me and helping me work out my problems during the difficult course of the thesis.