使用BGP时PC无法互相ping通

网络工程 路由 纳特 BGP
2022-02-05 05:46:48

我对为什么 PC-A 无法 ping PC-B 感到困惑。当从 PC-A ping PC-B 时,总是超时,根据tracert,数据包在 R3 g0/1 处停止。
但是我认为根据路由表,PC-A应该可以ping通PC-B,因为R1知道如何获取192.168.3.0/24,R3知道如何获取192.168.1.0/24,R2知道如何获取两者其中。请告诉我这里出了什么问题...提前谢谢您!

R1的路由表

Gateway of last resort is 0.0.0.0 to network 0.0.0.0

     172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C       172.16.1.0/30 is directly connected, Tunnel0
L       172.16.1.1/32 is directly connected, Tunnel0
     192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
C       192.168.1.0/24 is directly connected, GigabitEthernet0/1
L       192.168.1.1/32 is directly connected, GigabitEthernet0/1
B    192.168.3.0/24 [20/0] via 209.165.200.226, 00:00:00
     209.165.200.0/24 is variably subnetted, 3 subnets, 2 masks
C       209.165.200.224/30 is directly connected, Serial0/0/0
L       209.165.200.225/32 is directly connected, Serial0/0/0
C       209.165.200.226/32 is directly connected, Serial0/0/0
     209.165.201.0/24 is variably subnetted, 2 subnets, 2 masks
C       209.165.201.0/30 is directly connected, Loopback1
L       209.165.201.1/32 is directly connected, Loopback1
S*   0.0.0.0/0 is directly connected, Serial0/0/0

R2的路由表

Gateway of last resort is not set

B    192.168.1.0/24 [20/0] via 209.165.200.225, 00:00:00
B    192.168.3.0/24 [20/0] via 209.165.200.229, 00:00:00
     209.165.200.0/24 is variably subnetted, 6 subnets, 2 masks
C       209.165.200.224/30 is directly connected, Serial0/0/0
C       209.165.200.225/32 is directly connected, Serial0/0/0
L       209.165.200.226/32 is directly connected, Serial0/0/0
C       209.165.200.228/30 is directly connected, Serial0/0/1
C       209.165.200.229/32 is directly connected, Serial0/0/1
L       209.165.200.230/32 is directly connected, Serial0/0/1
     209.165.201.0/30 is subnetted, 1 subnets
B       209.165.201.0/30 [20/0] via 209.165.200.225, 00:00:00

R3的路由表

Gateway of last resort is 0.0.0.0 to network 0.0.0.0

     172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C       172.16.1.0/30 is directly connected, Tunnel0
L       172.16.1.2/32 is directly connected, Tunnel0
B    192.168.1.0/24 [20/0] via 209.165.200.230, 00:00:00
     192.168.3.0/24 is variably subnetted, 2 subnets, 2 masks
C       192.168.3.0/24 is directly connected, GigabitEthernet0/1
L       192.168.3.1/32 is directly connected, GigabitEthernet0/1
     209.165.200.0/24 is variably subnetted, 3 subnets, 2 masks
C       209.165.200.228/30 is directly connected, Serial0/0/1
L       209.165.200.229/32 is directly connected, Serial0/0/1
C       209.165.200.230/32 is directly connected, Serial0/0/1
     209.165.201.0/30 is subnetted, 1 subnets
B       209.165.201.0/30 [20/0] via 209.165.200.230, 00:00:00
S*   0.0.0.0/0 is directly connected, Serial0/0/1

R1的配置

R1#show run
!
hostname R1
!
!
enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1
!
no ip cef
no ipv6 cef
!
username R2 password 0 cisco
username user privilege 15 secret 5 $1$mERr$hx5rVt7rPNoS4wqbXKX7m0
!
!
license udi pid CISCO1941/K9 sn FTX1524DG51
!
!
no ip domain-lookup
ip domain-name West.com
!
spanning-tree mode pvst
!
interface Loopback1
 ip address 209.165.201.1 255.255.255.252
!
interface Tunnel0
 ip address 172.16.1.1 255.255.255.252
 mtu 1476
 tunnel source Serial0/0/0
 tunnel destination 209.165.200.229
!
!
interface GigabitEthernet0/0
 no ip address
 duplex auto
 speed auto
 shutdown
!
interface GigabitEthernet0/1
 ip address 192.168.1.1 255.255.255.0
 ip nat inside
 duplex auto
 speed auto
!
interface Serial0/0/0
 ip address 209.165.200.225 255.255.255.252
 encapsulation ppp
 ppp authentication chap
 ip nat outside
 clock rate 128000
!
interface Serial0/0/1
 no ip address
 clock rate 2000000
 shutdown
!
interface Vlan1
 no ip address
 shutdown
!
router bgp 65010
 bgp log-neighbor-changes
 no synchronization
 neighbor 209.165.200.226 remote-as 65001
 network 192.168.1.0
 network 209.165.201.0 mask 255.255.255.252
!
ip nat inside source list 1 interface Serial0/0/0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0/0/0 
!
ip flow-export version 9
!
!
access-list 1 permit 192.168.1.0 0.0.0.255
!
line con 0
 password cisco
 login
!
line aux 0
!
line vty 0 4
 password cisco
 login local
 transport input ssh
!
!
!
end

R2的配置

R2#show run
!
hostname R2
!
enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1
!
no ip cef
no ipv6 cef
!
username R1 password 0 cisco
username user privilege 15 secret 5 $1$mERr$hx5rVt7rPNoS4wqbXKX7m0
!
!
license udi pid CISCO1941/K9 sn FTX1524FYUJ
!
no ip domain-lookup
!
!
spanning-tree mode pvst
!
interface GigabitEthernet0/0
 no ip address
 duplex auto
 speed auto
 shutdown
!
interface GigabitEthernet0/1
 no ip address
 duplex auto
 speed auto
 shutdown
!
interface Serial0/0/0
 ip address 209.165.200.226 255.255.255.252
 encapsulation ppp
 ppp authentication chap
!
interface Serial0/0/1
 ip address 209.165.200.230 255.255.255.252
 encapsulation ppp
 clock rate 128000
!
interface Vlan1
 no ip address
 shutdown
!
router bgp 65001
 bgp log-neighbor-changes
 no synchronization
 neighbor 209.165.200.225 remote-as 65010
 neighbor 209.165.200.229 remote-as 65030
!
ip classless
!
ip flow-export version 9
!
line con 0
 password cisco
 login
!
line aux 0
!
line vty 0 4
 password cisco
 login local
!
end

R3的配置

R3#show run
hostname R3
!
enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1
!
no ip cef
no ipv6 cef
!
username user privilege 15 secret 5 $1$mERr$hx5rVt7rPNoS4wqbXKX7m0
!
!
license udi pid CISCO1941/K9 sn FTX1524D6LB
!
no ip domain-lookup
ip domain-name East.com
!
!
spanning-tree mode pvst
!
interface Tunnel0
 ip address 172.16.1.2 255.255.255.252
 mtu 1476
 tunnel source Serial0/0/1
 tunnel destination 209.165.200.225
!
!
interface GigabitEthernet0/0
 no ip address
 duplex auto
 speed auto
 shutdown
!
interface GigabitEthernet0/1
 ip address 192.168.3.1 255.255.255.0
 ip nat inside
 duplex auto
 speed auto
!
interface Serial0/0/0
 no ip address
 clock rate 2000000
 shutdown
!
interface Serial0/0/1
 ip address 209.165.200.229 255.255.255.252
 encapsulation ppp
 ip nat outside
!
interface Vlan1
 no ip address
 shutdown
!
router bgp 65030
 bgp log-neighbor-changes
 no synchronization
 neighbor 209.165.200.230 remote-as 65001
 network 192.168.3.0
!
ip nat inside source list 3 interface Serial0/0/1 overload
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0/0/1 
!
ip flow-export version 9
!
access-list 3 permit 192.168.3.0 0.0.0.255
!
line con 0
 password cisco
 login
!
line aux 0
!
line vty 0 4
 password cisco
 login local
 transport input ssh
!
end
1个回答

您似乎没有通过 BGP 通告隧道端点。例如,R1interface Tunnel0tunnel destination 209.165.200.229,但 R1 没有到 的路由209.165.200.228/30此外,R3interface Tunnel0tunnel destination 209.165.200.225,但 R3 没有通往 的路线209.165.200.224/30

您需要添加网络语句来通告这些网络。

您还想使用 BGP no auto-summary

看起来您当前的问题是您在 R1 和 R3 上配置了 NAT。隧道应该绕过 NAT,但您没有通过隧道路由任何东西。

其它你可能感兴趣的问题
上一篇Cat 5e 接线 Type A 与 Type B 不兼容 下一篇交换机 LLDP MIB 是否包含连接服务器的 MAC 地址?