我实际上有如下图所示的以下拓扑。我有 4 个 VPC,每个 VPC 有 3 个子网(1 个用于 VM 实例,另外 2 个用于接口)。每个 VPC 托管一个Cisco CSR 1000vin subnet-1.
我IPIP tunnel在实例之间进行了配置,并interfaces使用了以下配置。似乎一切都好。详细show run命令如下所示。
R1
Interface IP-Address OK? Method Status Protocol
GigabitEthernet1 172.0.1.9 YES DHCP up up
GigabitEthernet2 172.0.1.28 YES NVRAM up up
GigabitEthernet3 172.0.1.40 YES NVRAM up up
Tunnel0 10.10.1.1 YES NVRAM up up
Tunnel1 10.10.4.2 YES NVRAM up up
VirtualPortGroup0 192.168.35.101 YES NVRAM up up
路由协议
Routing Protocol is "ospf 1"
Router ID 172.0.1.40
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
Maximum path: 4
Routing for Networks:
10.10.1.0 0.0.0.3 area 0
10.10.4.0 0.0.0.3 area 0
R2
Interface IP-Address OK? Method Status Protocol
GigabitEthernet1 172.1.1.11 YES DHCP up up
GigabitEthernet2 172.1.1.27 YES NVRAM up up
GigabitEthernet3 172.1.1.46 YES NVRAM up up
Tunnel0 10.10.1.2 YES NVRAM up up
Tunnel1 10.10.2.1 YES NVRAM up up
VirtualPortGroup0 192.168.35.101 YES NVRAM up up
路由协议
Routing Protocol is "ospf 1"
Router ID 172.1.1.46
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
Maximum path: 4
Routing for Networks:
10.10.1.0 0.0.0.3 area 0
10.10.2.0 0.0.0.3 area 0
R3
Interface IP-Address OK? Method Status Protocol
GigabitEthernet1 172.2.1.6 YES DHCP up up
GigabitEthernet2 172.2.1.28 YES NVRAM up up
GigabitEthernet3 172.2.1.46 YES NVRAM up up
Tunnel0 10.10.2.2 YES NVRAM up up
Tunnel1 10.10.3.1 YES NVRAM up up
VirtualPortGroup0 192.168.35.101 YES NVRAM up up
路由协议
Routing Protocol is "ospf 1"
Router ID 172.2.1.46
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
Maximum path: 4
Routing for Networks:
10.10.2.0 0.0.0.3 area 0
10.10.3.0 0.0.0.3 area 0
R4
Interface IP-Address OK? Method Status Protocol
GigabitEthernet1 172.3.1.8 YES DHCP up up
GigabitEthernet2 172.3.1.25 YES NVRAM up up
GigabitEthernet3 172.3.1.38 YES NVRAM up up
Tunnel0 10.10.3.2 YES NVRAM up up
Tunnel1 10.10.4.1 YES NVRAM up up
VirtualPortGroup0 192.168.35.101 YES NVRAM up up
路由协议
Routing Protocol is "ospf 1"
Router ID 172.3.1.38
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
Maximum path: 4
Routing for Networks:
10.10.3.0 0.0.0.3 area 0
10.10.4.0 0.0.0.3 area 0
我现在面临的问题是,当我这样做时,show ip ospf neighbor它什么也没有显示,也没有显示show ip route ospf我得到的位置Gateway of last resort is 172.0.1.1 to network 0.0.0.0。
路由器的所有配置详细信息如下所示。R1
interface Tunnel0
ip address 10.10.1.1 255.255.255.252
keepalive 2 3
tunnel source GigabitEthernet2
tunnel mode ipip
tunnel destination 54.70.35.124
!
interface Tunnel1
ip address 10.10.4.2 255.255.255.252
keepalive 2 3
tunnel source GigabitEthernet3
tunnel mode ipip
tunnel destination 54.71.64.23
!
interface VirtualPortGroup0
vrf forwarding GS
ip address 192.168.35.101 255.255.255.0
ip nat inside
no mop enabled
no mop sysid
!
interface GigabitEthernet1
ip address dhcp
ip nat outside
negotiation auto
no mop enabled
no mop sysid
!
interface GigabitEthernet2
ip address 172.0.1.28 255.255.255.240
negotiation auto
no mop enabled
no mop sysid
!
interface GigabitEthernet3
ip address 172.0.1.40 255.255.255.240
negotiation auto
no mop enabled
no mop sysid
!
router ospf 1
network 10.10.1.0 0.0.0.3 area 0
network 10.10.4.0 0.0.0.3 area 0
!
iox
ip nat inside source list GS_NAT_ACL interface GigabitEthernet1 vrf GS overload
ip forward-protocol nd
ip tcp window-size 8192
ip http server
ip http authentication local
ip http secure-server
ip route 0.0.0.0 0.0.0.0 GigabitEthernet1 172.0.1.1
ip route vrf GS 0.0.0.0 0.0.0.0 GigabitEthernet1 172.0.1.1 global
ip ssh rsa keypair-name ssh-key
ip ssh version 2
ip ssh pubkey-chain
username ec2-user
key-hash ssh-rsa ****** ec2-user
ip scp server enable
ip access-list standard GS_NAT_ACL
permit 192.168.35.0 0.0.0.255
control-plane
line con 0
stopbits 1
line vty 0 4
login local
transport input ssh
app-hosting appid guestshell
app-vnic gateway1 virtualportgroup 0 guest-interface 0
guest-ipaddress 192.168.35.102 netmask 255.255.255.0
app-default-gateway 192.168.35.101 guest-interface 0
name-server0 8.8.8.8
R2
interface Tunnel0
ip address 10.10.1.2 255.255.255.252
keepalive 2 3
tunnel source GigabitEthernet2
tunnel mode ipip
tunnel destination 34.211.24.85
!
interface Tunnel1
ip address 10.10.2.1 255.255.255.252
keepalive 2 3
tunnel source GigabitEthernet3
tunnel mode ipip
tunnel destination 52.89.60.204
!
interface VirtualPortGroup0
vrf forwarding GS
ip address 192.168.35.101 255.255.255.0
ip nat inside
no mop enabled
no mop sysid
!
interface GigabitEthernet1
ip address dhcp
ip nat outside
negotiation auto
no mop enabled
no mop sysid
!
interface GigabitEthernet2
ip address 172.1.1.27 255.255.255.240
negotiation auto
no mop enabled
no mop sysid
!
interface GigabitEthernet3
ip address 172.1.1.46 255.255.255.240
negotiation auto
no mop enabled
no mop sysid
!
router ospf 1
network 10.10.1.0 0.0.0.3 area 0
network 10.10.2.0 0.0.0.3 area 0
!
iox
ip nat inside source list GS_NAT_ACL interface GigabitEthernet1 vrf GS overload
ip forward-protocol nd
ip tcp window-size 8192
ip http server
ip http authentication local
ip http secure-server
ip route 0.0.0.0 0.0.0.0 GigabitEthernet1 172.1.1.1
ip route vrf GS 0.0.0.0 0.0.0.0 GigabitEthernet1 172.1.1.1 global
!
ip ssh rsa keypair-name ssh-key
ip ssh version 2
ip ssh pubkey-chain
username ec2-user
key-hash ssh-rsa ****** ec2-user
ip scp server enable
!
ip access-list standard GS_NAT_ACL
permit 192.168.35.0 0.0.0.255
!
control-plane
!
line con 0
stopbits 1
line vty 0 4
login local
transport input ssh
app-hosting appid guestshell
app-vnic gateway1 virtualportgroup 0 guest-interface 0
guest-ipaddress 192.168.35.102 netmask 255.255.255.0
app-default-gateway 192.168.35.101 guest-interface 0
name-server0 8.8.8.8
end
R3
interface Tunnel0
ip address 10.10.2.2 255.255.255.252
keepalive 2 3
tunnel source GigabitEthernet2
tunnel mode ipip
tunnel destination 52.13.239.188
!
interface Tunnel1
ip address 10.10.3.1 255.255.255.252
keepalive 2 3
tunnel source GigabitEthernet3
tunnel mode ipip
tunnel destination 54.148.168.63
!
interface VirtualPortGroup0
vrf forwarding GS
ip address 192.168.35.101 255.255.255.0
ip nat inside
no mop enabled
no mop sysid
!
interface GigabitEthernet1
ip address dhcp
ip nat outside
negotiation auto
no mop enabled
no mop sysid
!
interface GigabitEthernet2
ip address 172.2.1.28 255.255.255.240
negotiation auto
no mop enabled
no mop sysid
!
interface GigabitEthernet3
ip address 172.2.1.46 255.255.255.240
negotiation auto
no mop enabled
no mop sysid
!
router ospf 1
network 10.10.2.0 0.0.0.3 area 0
network 10.10.3.0 0.0.0.3 area 0
!
iox
ip nat inside source list GS_NAT_ACL interface GigabitEthernet1 vrf GS overload
ip forward-protocol nd
ip tcp window-size 8192
ip http server
ip http authentication local
ip http secure-server
ip route 0.0.0.0 0.0.0.0 GigabitEthernet1 172.2.1.1
ip route vrf GS 0.0.0.0 0.0.0.0 GigabitEthernet1 172.2.1.1 global
!
ip ssh rsa keypair-name ssh-key
ip ssh version 2
ip ssh pubkey-chain
username ec2-user
key-hash ssh-rsa ******** ec2-user
ip scp server enable
!
ip access-list standard GS_NAT_ACL
permit 192.168.35.0 0.0.0.255
!
control-plane
!
line con 0
stopbits 1
line vty 0 4
login local
transport input ssh
!
app-hosting appid guestshell
app-vnic gateway1 virtualportgroup 0 guest-interface 0
guest-ipaddress 192.168.35.102 netmask 255.255.255.0
app-default-gateway 192.168.35.101 guest-interface 0
name-server0 8.8.8.8
end
R4
interface Tunnel0
ip address 10.10.3.2 255.255.255.252
keepalive 2 3
tunnel source GigabitEthernet2
tunnel mode ipip
tunnel destination 52.34.186.234
!
interface Tunnel1
ip address 10.10.4.1 255.255.255.252
keepalive 2 3
tunnel source GigabitEthernet3
tunnel mode ipip
tunnel destination 34.212.97.47
!
interface VirtualPortGroup0
vrf forwarding GS
ip address 192.168.35.101 255.255.255.0
ip nat inside
no mop enabled
no mop sysid
!
interface GigabitEthernet1
ip address dhcp
ip nat outside
negotiation auto
no mop enabled
no mop sysid
!
interface GigabitEthernet2
ip address 172.3.1.25 255.255.255.240
negotiation auto
no mop enabled
no mop sysid
!
interface GigabitEthernet3
ip address 172.3.1.38 255.255.255.240
negotiation auto
no mop enabled
no mop sysid
!
router ospf 1
network 10.10.3.0 0.0.0.3 area 0
network 10.10.4.0 0.0.0.3 area 0
!
iox
ip nat inside source list GS_NAT_ACL interface GigabitEthernet1 vrf GS overload
ip forward-protocol nd
ip tcp window-size 8192
ip http server
ip http authentication local
ip http secure-server
ip route 0.0.0.0 0.0.0.0 GigabitEthernet1 172.3.1.1
ip route vrf GS 0.0.0.0 0.0.0.0 GigabitEthernet1 172.3.1.1 global
!
ip ssh rsa keypair-name ssh-key
ip ssh version 2
ip ssh pubkey-chain
username ec2-user
key-hash ssh-rsa ****** ec2-user
ip scp server enable
!
ip access-list standard GS_NAT_ACL
permit 192.168.35.0 0.0.0.255
!
control-plane
!
line con 0
stopbits 1
line vty 0 4
login local
transport input ssh
!
app-hosting appid guestshell
app-vnic gateway1 virtualportgroup 0 guest-interface 0
guest-ipaddress 192.168.35.102 netmask 255.255.255.0
app-default-gateway 192.168.35.101 guest-interface 0
name-server0 8.8.8.8
end
请注意,已为所有接口分配了一个公共地址,该地址被分配为每个 IPIP 隧道配置的目标。