Inet-Admins mailing list archive (inet-admins@info.east.ru)
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [inet-admins] bridging and routing over FR :(
On Wed, 13 Oct 1999, Vyacheslav Furist wrote:
>
> Столкнулся с такой проблеммой, может кто наступал на похожее, подскажите...
IP-адреса снимите с бриджуемых интерфейсов. Наличие IP-адреса означает, что
IP будет на этом интерфейсе _роутиться_, а не бриджитьтся.
Если адрес на роутере смотрящий через бриджуемый интерфейс все-таки нужен,
то делайте через IRB.
>
>
> Конфигурирование роутинга IP WAN и бриджинга IP LAN сети на маршрутизаторе
> включенном в Inet и маршрутизатор корпоративной сети.
>
> Центральный оффис:
> Имеется cisco-2621 (IOS 12.0) подключенная по FR(Serial0/0.102) в Интернет.
> На interface FastEthernet0/0 находится LAN локального Internet узла.
> На interface FastEthernet0/1 находится office LAN на внутренних адресах.
> Имеется еще один FR (Serial0/0.101) для связи с cisco-2509 в удаленном оффисе.
>
> Удаленный оффис:
> Имеется cisco-2509 (IOS 11.2) подключенная по FR(Serial0/0.101) к
> центральному оффису. На interface Ethernet0 находится LAN удаленного оффиса
> на внутренних адресах той же сети, что и в центральном оффисе.
>
> Задача: Обеспечить бриджинг между локальными сетями оффисов и их доступ
> к сегменту локального узла Интернет.
> Проблема: Не проходит IP (ping) от локального маршрутизатора в LAN интерфейс
> удаленного маршрутизатора с адресом сети для бриджинга.
> Источники:
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> CL# show version
> Cisco Internetwork Operating System Software
> IOS (tm) C2600 Software (C2600-I-M), Version 12.0(3)T3, RELEASE SOFTWARE (fc1)
> Copyright (c) 1986-1999 by cisco Systems, Inc.
> Compiled Thu 15-Apr-99 15:41 by kpma
> Image text-base: 0x80008088, data-base: 0x80693A88
>
> ROM: System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1)
>
> CL uptime is 11 weeks, 4 days, 21 hours, 14 minutes
> System restarted by power-on
> System image file is "flash:c2600-i-mz.120-3.T3"
>
> cisco 2621 (MPC860) processor (revision 0x101) with 18432K/6144K bytes of memory.
> Processor board ID JAB0322032J (4184118683)
> M860 processor: part number 0, mask 49
> Bridging software.
> X.25 software, Version 3.0.0.
> 2 FastEthernet/IEEE 802.3 interface(s)
> 2 Serial(sync/async) network interface(s)
> 32K bytes of non-volatile configuration memory.
> 8192K bytes of processor board System flash (Read/Write)
>
> Configuration register is 0x2102
>
> ------ 2621 config:
> version 12.0
> service timestamps debug uptime
> service timestamps log uptime
> service password-encryption
> !
> hostname CL
> !
> enable secret 5
> enable password 7
> !
> ip subnet-zero
> !
> frame-relay switching
> !
> !
> !
> interface FastEthernet0/0
> description Inet Lan
> ip address INT.ER.NET.33 255.255.255.248
> no ip directed-broadcast
> no ip mroute-cache
> !
> interface Serial0/0
> bandwidth 64000
> no ip address
> no ip directed-broadcast
> encapsulation frame-relay
> no ip mroute-cache
> frame-relay lmi-type ansi
> frame-relay ip tcp header-compression passive
> !
> interface Serial0/0.101 point-to-point
> description CL LAN
> bandwidth 128000
> ip address 10.9.2.254 255.255.255.252
> no ip directed-broadcast
> no ip mroute-cache
> no cdp enable
> frame-relay interface-dlci 101
> frame-relay ip tcp header-compression passive
> bridge-group 1
> !
> interface Serial0/0.102 point-to-point
> description Internet
> bandwidth 64000
> ip address INT.ER.NET.194 255.255.255.252
> no ip directed-broadcast
> no ip mroute-cache
> no arp frame-relay
> no cdp enable
> frame-relay interface-dlci 102
> frame-relay ip tcp header-compression passive
> !
> interface FastEthernet0/1
> description office LAN
> ip address 10.60.80.230 255.255.255.0 secondary
> ip address 10.9.1.222 255.255.255.0
> no ip directed-broadcast
> no ip mroute-cache
> bridge-group 1
> !
> ip classless
> ip route 0.0.0.0 0.0.0.0 INT.ER.NET.193
> ip route 10.9.2.0 255.255.255.0 10.9.2.253
> ip route INT.ER.NET.35 255.255.255.255 INT.ER.NET.34
> ip route INT.ER.NET.36 255.255.255.255 INT.ER.NET.34
> ip route INT.ER.NET.37 255.255.255.255 INT.ER.NET.34
> no ip http server
> !
> bridge 1 protocol dec
> !
> line con 0
> transport input none
> line 2
> line aux 0
> line vty 0 4
> password 7 XXX
> login
> !
> end
>
> CL#show bridge verbose
>
> Total of 300 station blocks, 277 free
> Codes: P - permanent, S - self
>
> BG Hash Address Action Interface VC Age RX count TX count
> 1 08/0 0060.0877.636b forward FastEthernet0/1 - 1 1 0
> 1 0F/0 0060.977a.b9b6 forward FastEthernet0/1 - 4 1 0
> 1 54/0 00c0.4f83.c99d forward FastEthernet0/1 - 0 2307 0
> 1 61/0 0800.0946.e283 forward FastEthernet0/1 - 0 385 137
> 1 63/0 0800.0947.3e5d forward FastEthernet0/1 - 0 1046 882
> 1 6D/0 0060.b038.8ae7 forward FastEthernet0/1 - 0 1921 883
> 1 6E/0 0800.0946.e28c forward FastEthernet0/1 - 0 296 125
> 1 6E/1 00c0.4fc1.7816 forward FastEthernet0/1 - 0 454 0
> 1 72/0 0060.0877.5e2c forward FastEthernet0/1 - 3 1 0
> 1 92/0 0060.0877.5cce forward FastEthernet0/1 - 1 1 0
> 1 9B/0 00c0.4f43.ca51 forward FastEthernet0/1 - 0 230 0
> 1 9E/0 00c0.4fc1.77e9 forward FastEthernet0/1 - 0 341 0
> 1 A3/0 0060.086b.2784 forward FastEthernet0/1 - 2 1 0
> 1 B9/0 0000.aa55.358c forward FastEthernet0/1 - 0 8373 0
> 1 BF/0 00c0.4fc1.77c8 forward FastEthernet0/1 - 0 352 0
> 1 C4/0 0060.973e.4d89 forward FastEthernet0/1 - 1 1 0
> 1 C6/0 0060.973e.4d8b forward FastEthernet0/1 - 4 1 0
> 1 D5/0 0060.b0c7.25f0 forward FastEthernet0/1 - 0 2115 883
> 1 D8/0 0060.0876.f820 forward FastEthernet0/1 - 1 1 0
> 1 DA/0 0060.0856.815b forward FastEthernet0/1 - 1 1 0
> 1 E7/0 0090.271e.23c4 forward FastEthernet0/1 - 0 14254 5769
> 1 F5/0 00c0.4f4e.7481 forward FastEthernet0/1 - 3 1 0
> 1 FE/0 0060.b03c.d32d forward Serial0/0.101 101 0 29789 9003
>
> BG Hash Address Action Interface VC Age RX count TX count
> Flood ports RX count TX count
> Serial0/0.101 20684 26835
> FastEthernet0/1 26835 20684
>
> CL#
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> CL2#show version
> Cisco Internetwork Operating System Software
> IOS (tm) 2500 Software (C2500-I-L), Version 11.2(5), RELEASE SOFTWARE (fc1)
> Copyright (c) 1986-1997 by cisco Systems, Inc.
> Compiled Mon 31-Mar-97 19:53 by ckralik
> Image text-base: 0x03022120, data-base: 0x00001000
>
> ROM: System Bootstrap, Version 11.0(10c), SOFTWARE
> ROM: 3000 Bootstrap Software (IGS-BOOT-R), Version 11.0(10c), RELEASE SOFTWARE (fc1)
>
> CL2 uptime is 4 days, 22 hours, 55 minutes
> System restarted by power-on
> System image file is "flash:c2500-i-l.112-5", booted via flash
>
> cisco 2509 (68030) processor (revision L) with 2048K/2048K bytes of memory.
> Processor board ID 05920042, with hardware revision 00000000
> Bridging software.
> X.25 software, Version 2.0, NET2, BFE and GOSIP compliant.
> 1 Ethernet/IEEE 802.3 interface(s)
> 2 Serial network interface(s)
> 8 terminal line(s)
> 32K bytes of non-volatile configuration memory.
> 8192K bytes of processor board System flash (Read ONLY)
>
> Configuration register is 0x2102
>
> -------- cisco-2509 config:
> version 11.2
> service password-encryption
> service udp-small-servers
> service tcp-small-servers
> !
> hostname CL2
> !
> enable secret 5
> enable password 7
> !
> interface Ethernet0
> ip address 10.60.80.231 255.255.255.0 secondary
> ip address 10.9.2.1 255.255.255.128
> bridge-group 1
> !
> interface Serial0
> description GT
> no ip address
> no ip directed-broadcast
> no ip mroute-cache
> encapsulation frame-relay
> no ip route-cache
> bandwidth 64000
> fair-queue 64 256 0
> frame-relay lmi-type ansi
> frame-relay ip tcp header-compression passive
> !
> interface Serial0.101 point-to-point
> description INTRANET
> ip address 10.9.2.253 255.255.255.252
> no ip mroute-cache
> no ip route-cache
> bandwidth 64000
> frame-relay interface-dlci 101
> frame-relay ip tcp header-compression passive
> bridge-group 1
> !
> interface Serial1
> no ip address
> no ip mroute-cache
> no ip route-cache
> shutdown
> !
> no ip classless
> ip route 10.9.1.0 255.255.255.0 Serial0.101
> ip route INT.ER.NET.0 255.255.255.0 Serial0.101
> bridge 1 protocol dec
> !
> line con 0
> line 1 8
> transport input all
> line aux 0
> transport input all
> line vty 0 4
> password 7
> login
> !
> end
>
> CL2#show bridge verbose
>
> Total of 300 station blocks, 275 free
> Codes: P - permanent, S - self
>
> BG Hash Address Action Interface VC Age RX count TX count
> 1 08/0 0060.0877.636b forward Serial0.101 101 3 1 0
> 1 0F/0 0060.977a.b9b6 forward Serial0.101 101 5 1 0
> 1 54/0 00c0.4f83.c99d forward Serial0.101 101 0 2308 0
> 1 61/0 0800.0946.e283 forward Serial0.101 101 0 388 138
> 1 63/0 0800.0947.3e5d forward Serial0.101 101 0 1048 883
> 1 6D/0 0060.b038.8ae7 forward Serial0.101 101 0 1923 883
> 1 6E/0 0800.0946.e28c forward Serial0.101 101 0 298 126
> 1 6E/1 00c0.4fc1.7816 forward Serial0.101 101 0 458 0
> 1 72/0 0060.0877.5e2c forward Serial0.101 101 5 1 0
> 1 92/0 0060.0877.5cce forward Serial0.101 101 3 1 0
> 1 9B/0 00c0.4f43.ca51 forward Serial0.101 101 0 232 0
> 1 9E/0 00c0.4fc1.77e9 forward Serial0.101 101 0 344 0
> 1 A3/0 0060.086b.2784 forward Serial0.101 101 3 1 0
> 1 AA/0 0060.0856.7fd5 forward Serial0.101 101 0 1 0
> 1 B9/0 0000.aa55.358c forward Serial0.101 101 0 8385 0
> 1 BF/0 00c0.4fc1.77c8 forward Serial0.101 101 0 356 0
> 1 C4/0 0060.973e.4d89 forward Serial0.101 101 3 1 0
> 1 C6/0 0060.973e.4d8b forward Serial0.101 101 5 1 0
> 1 D2/0 0800.0952.a173 forward Ethernet0 - 0 0 0
> Filtered on-net packets 21439 21439
> 1 D5/0 0060.b0c7.25f0 forward Serial0.101 101 0 2118 884
> 1 D8/0 0060.0876.f820 forward Serial0.101 101 3 1 0
> 1 DA/0 0060.0856.815b forward Serial0.101 101 3 1 0
> 1 E7/0 0090.271e.23c4 forward Serial0.101 101 0 14256 5769
> BG Hash Address Action Interface VC Age RX count TX count
> 1 F5/0 00c0.4f4e.7481 forward Serial0.101 101 4 1 0
> 1 FE/0 0060.b03c.d32d forward Ethernet0 - 0 29809 9008
>
> Flood ports RX count TX count
> Ethernet0 21108 27724
> Serial0.101 27724 21108
>
>
>
> --
> Slawa.
> =============================================================================
> "inet-admins" Internet access mailing list. Maintained by East Connection ISP.
> Mail "unsubscribe inet-admins" to Majordomo@info.east.ru if you want to quit.
> Archive is accessible on
>
--------------------------------------
Basil (Vasily) Dolmatov CCNP-Security, CCDA
East Connection ISP, Moscow, Russia. ()
=============================================================================
"inet-admins" Internet access mailing list. Maintained by East Connection ISP.
Mail "unsubscribe inet-admins" to Majordomo@info.east.ru if you want to quit.
Archive is accessible on
|
