PG1X

My Knowledge Base

User Tools

Site Tools


tech:network:cisco:vpn:tunneling:gre:gre

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
tech:network:cisco:vpn:tunneling:gre:gre [2019/04/11 22:23]
wnoguchi
tech:network:cisco:vpn:tunneling:gre:gre [2019/04/11 23:07] (current)
wnoguchi
Line 521: Line 521:
  
 works fine works fine
 +
 +==== Dynamic routing verification ====
 +
 +<​code>​
 +R1#conf t
 +Enter configuration commands, one per line.  End with CNTL/Z.
 +R1(config)#​int gig0/0
 +R1(config-if)#​ip ad
 +R1(config-if)#​ip tc
 +R1(config-if)#​ip tcp ad
 +R1(config-if)#​ip tcp adjust-mss 1332
 +R1(config-if)#​int tunnel 0
 +R1(config-if)#​
 +*Apr 11 22:​51:​00.006:​ %LINEPROTO-5-UPDOWN:​ Line protocol on Interface Tunnel0, changed state to down
 +R1(config-if)#​ip add
 +R1(config-if)#​ip address 192.168.0.1 255.255.255.252
 +R1(config-if)#​tunne
 +R1(config-if)#​tunnel so
 +R1(config-if)#​tunnel source dia
 +R1(config-if)#​tunnel source dialer 1
 +R1(config-if)#​tunn
 +R1(config-if)#​tunnel des
 +R1(config-if)#​tunnel destination 200
 +R1(config-if)#​tunnel destination 200.0.0.1
 +R1(config-if)#​
 +*Apr 11 22:​51:​56.139:​ %LINEPROTO-5-UPDOWN:​ Line protocol on Interface Tunnel0, changed state to up
 +R1(config-if)#​do ping 192.168.0.2
 +Type escape sequence to abort.
 +Sending 5, 100-byte ICMP Echos to 192.168.0.2,​ timeout is 2 seconds:
 +.....
 +Success rate is 0 percent (0/5)
 +R1(config-if)#​tunnel source loo           
 +R1(config-if)#​tunnel source loopback 1
 +R1(config-if)#​do ping 192.168.0.2 ​    
 +Type escape sequence to abort.
 +Sending 5, 100-byte ICMP Echos to 192.168.0.2,​ timeout is 2 seconds:
 +.....
 +Success rate is 0 percent (0/5)
 +R1(config-if)#​do ping 192.168.0.2
 +Type escape sequence to abort.
 +Sending 5, 100-byte ICMP Echos to 192.168.0.2,​ timeout is 2 seconds:
 +.....
 +Success rate is 0 percent (0/5)
 +R1(config-if)#​kee ​               ​
 +R1(config-if)#​keepalive 10 5
 +R1(config-if)#​do ping 192.168.0.2
 +Type escape sequence to abort.
 +Sending 5, 100-byte ICMP Echos to 192.168.0.2,​ timeout is 2 seconds:
 +.....
 +Success rate is 0 percent (0/5)
 +R1(config-if)#​do ping 192.168.0.2
 +Type escape sequence to abort.
 +Sending 5, 100-byte ICMP Echos to 192.168.0.2,​ timeout is 2 seconds:
 +...
 +Success rate is 0 percent (0/3)
 +R1(config-if)#​tunnel source loopback  ​
 +*Apr 11 22:​56:​09.028:​ %LINEPROTO-5-UPDOWN:​ Line protocol on Interface Tunnel0, changed state to down
 +R1(config-if)#​do sh ip int tun0      ​
 +Tunnel0 is up, line protocol is down
 +  Internet address is 192.168.0.1/​30
 +  Broadcast address is 255.255.255.255
 +  Address determined by setup command
 +  MTU is 1430 bytes
 +  Helper address is not set
 +  Directed broadcast forwarding is disabled
 +  Outgoing access list is not set
 +  Inbound ​ access list is not set
 +  Proxy ARP is enabled
 +  Local Proxy ARP is disabled
 +  Security level is default
 +  Split horizon is enabled
 +  ICMP redirects are always sent
 +  ICMP unreachables are always sent
 +  ICMP mask replies are never sent
 +  IP fast switching is enabled
 +  IP fast switching on the same interface is disabled
 +  IP Flow switching is disabled
 +  IP CEF switching is enabled
 +  IP CEF switching turbo vector
 +  IP Null turbo vector
 +  IP multicast fast switching is enabled
 +          ​
 +R1(config-if)#​tunn
 +R1(config-if)#​tunnel so
 +R1(config-if)#​tunnel source 100.0.0.1
 +R1(config-if)#​tu
 +R1(config-if)#​tunnel so
 +R1(config-if)#​tunnel source dia
 +R1(config-if)#​tunnel source dialer 1
 +R1(config-if)#​tu
 +R1(config-if)#​tunnel des
 +R1(config-if)#​tunnel destination 200.0.0.2
 +R1(config-if)#​
 +*Apr 11 22:​57:​49.034:​ %LINEPROTO-5-UPDOWN:​ Line protocol on Interface Tunnel0, changed state to up
 +R1(config-if)#​do ping 192.168.0.2
 +Type escape sequence to abort.
 +Sending 5, 100-byte ICMP Echos to 192.168.0.2,​ timeout is 2 seconds:
 +!!!!!
 +Success rate is 100 percent (5/5), round-trip min/avg/max = 5/8/11 ms
 +R1(config-if)#​router ospf 1
 +R1(config-router)#​network 10.100.0.1 0.0.0.0 are
 +R1(config-router)#​network 10.100.0.1 0.0.0.0 area 0
 +R1(config-router)#​ne
 +R1(config-router)#​netwo
 +R1(config-router)#​network 192.168.0.1 0.0.0.0 area 0
 +R1(config-router)#​
 +*Apr 11 23:​03:​46.160:​ %OSPF-5-ADJCHG:​ Process 1, Nbr 200.0.0.2 on Tunnel0 from LOADING to FULL, Loading Done
 +R1(config-router)#​do sh ip ospf neighbor
 +
 +Neighbor ID     ​Pri ​  ​State ​          Dead Time   ​Address ​        ​Interface
 +200.0.0.2 ​        ​0 ​  ​FULL/ ​ -        00:​00:​38 ​   192.168.0.2 ​    ​Tunnel0
 +R1(config-router)#​do sh ip ro ospf
 +Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
 +       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
 +       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
 +       E1 - OSPF external type 1, E2 - OSPF external type 2
 +       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
 +       ia - IS-IS inter area, * - candidate default, U - per-user static route
 +       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
 +       a - application route
 +       + - replicated route, % - next hop override, p - overrides from PfR
 +
 +Gateway of last resort is not set
 +
 +      10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
 +O        10.200.0.0/​24 [110/1001] via 192.168.0.2,​ 00:00:13, Tunnel0
 +R1(config-router)#​ping 10.200.0.204
 +                   ^
 +% Invalid input detected at '​^'​ marker.
 +
 +R1(config-router)#​do ping 10.200.0.204
 +Type escape sequence to abort.
 +Sending 5, 100-byte ICMP Echos to 10.200.0.204,​ timeout is 2 seconds:
 +!!!!!
 +Success rate is 100 percent (5/5), round-trip min/avg/max = 8/10/18 ms
 +</​code>​
 +
 +<​code>​
 +R2#conf t
 +Enter configuration commands, one per line.  End with CNTL/Z.
 +R2(config)#​int gig0/0
 +R2(config-if)#​ip tc
 +R2(config-if)#​ip tcp ad
 +R2(config-if)#​ip tcp adjust-mss 1332
 +R2(config-if)#​int tun0 
 +R2(config-if)#​
 +*Apr 11 22:​51:​16.347:​ %LINEPROTO-5-UPDOWN:​ Line protocol on Interface Tunnel0, changed state to down
 +R2(config-if)#​tunn
 +R2(config-if)#​tunnel sou
 +R2(config-if)#​tunnel source dia
 +R2(config-if)#​tunnel source dialer 1
 +R2(config-if)#​ip add
 +R2(config-if)#​ip address 192.168.0.2 255.255.255.252 ​
 +R2(config-if)#​tu
 +R2(config-if)#​tunnel des
 +R2(config-if)#​tunnel destination 100.0.0.1
 +R2(config-if)#​
 +*Apr 11 22:​53:​04.664:​ %LINEPROTO-5-UPDOWN:​ Line protocol on Interface Tunnel0, changed state to up
 +R2(config-if)#​tunnel source loo                     
 +R2(config-if)#​tunnel source loopback 1
 +R2(config-if)#​kee
 +R2(config-if)#​keepalive 10 5
 +R2(config-if)#​
 +*Apr 11 22:​56:​15.362:​ %LINEPROTO-5-UPDOWN:​ Line protocol on Interface Tunnel0, changed state to down
 +R2(config-if)#​do sh ip int tun0
 +Tunnel0 is up, line protocol is down
 +  Internet address is 192.168.0.2/​30
 +  Broadcast address is 255.255.255.255
 +  Address determined by setup command
 +  MTU is 1430 bytes
 +  Helper address is not set
 +  Directed broadcast forwarding is disabled
 +  Outgoing access list is not set
 +  Inbound ​ access list is not set
 +  Proxy ARP is enabled
 +  Local Proxy ARP is disabled
 +  Security level is default
 +  Split horizon is enabled
 +  ICMP redirects are always sent
 +  ICMP unreachables are always sent
 +  ICMP mask replies are never sent
 +  IP fast switching is enabled
 +  IP fast switching on the same interface is disabled
 +  IP Flow switching is disabled
 +  IP CEF switching is enabled
 +  IP CEF switching turbo vector
 +  IP Null turbo vector
 +  IP multicast fast switching is enabled
 +          ​
 +R2(config-if)#​tunn
 +R2(config-if)#​tunnel so
 +R2(config-if)#​tunnel source 200.0.0.2
 +R2(config-if)#​tunnel source dia         
 +R2(config-if)#​tunnel source dialer 1
 +R2(config-if)#​tun
 +R2(config-if)#​tunnel ​
 +*Apr 11 22:​57:​55.370:​ %LINEPROTO-5-UPDOWN:​ Line protocol on Interface Tunnel0, changed state to up
 +R2(config-if)#​tunnel des
 +R2(config-if)#​tunnel destination 100.0.0.1
 +R2(config-if)#​router ospf 1
 +R2(config-router)#​netwo
 +R2(config-router)#​network 10.200.0.2 0.0.0.0 area 0
 +R2(config-router)#​netwo
 +R2(config-router)#​network 192.168.0.2 0.0.0.0 area 0
 +R2(config-router)#​
 +*Apr 11 23:​03:​47.152:​ %OSPF-5-ADJCHG:​ Process 1, Nbr 100.0.0.1 on Tunnel0 from LOADING to FULL, Loading Done
 +
 +</​code>​
 +
 +<​code>​
 +PC-1> ping 10.200.0.204
 +84 bytes from 10.200.0.204 icmp_seq=1 ttl=62 time=6.818 ms
 +84 bytes from 10.200.0.204 icmp_seq=2 ttl=62 time=6.569 ms
 +84 bytes from 10.200.0.204 icmp_seq=3 ttl=62 time=5.863 ms
 +84 bytes from 10.200.0.204 icmp_seq=4 ttl=62 time=4.850 ms
 +84 bytes from 10.200.0.204 icmp_seq=5 ttl=62 time=5.164 ms
 +
 +PC-1> ​
 +</​code>​
 +
 +
 +{{:​tech:​network:​cisco:​vpn:​tunneling:​gre:​pasted:​20190411-230701.png}}
  
 ==== TCP SYN packet MSS negotiation ==== ==== TCP SYN packet MSS negotiation ====
tech/network/cisco/vpn/tunneling/gre/gre.txt · Last modified: 2019/04/11 23:07 by wnoguchi