Cisco IOS IPサービス – Local Area Mobilityの設定

スポンサーリンク

Local Area Mobilityは、無線環境における接続性を担保する機能です。 クライアント端末が移動し、異なるサブネットに属すアクセスポイントに接続したとしても、 IPアドレスを変更する事なく接続可能にする機能です。

コマンド一覧

このシナリオで重要なコマンド一覧は以下の通りです。

Router(config)# ip proxy-mobile enable

Router(config)# interface <interface>
Router(config-if)# ip proxy-mobile

Router(config)# interface <interface>
Router(config-if)# ip mobile arp access-group <std_acl>

Router(config)# router <protocol>
Router(config-router)# redistribute mobile metric <metric>

構成図

Local Area Mobilityの動作確認をするために、次のようなシナリオを考えます。

VLAN 23にあるホスト2台がVLAN 5に引越をしました。これら2台のホストには、155.16.23.7/24, 155.16.23.8/24が割り当てられています。これら2台のホストは自社管理ではなく、外注しているソフトウェアが動作しております。あなたはこれら2台のホストのIPアドレス変更料金を支払いたくありません。IPアドレスを変更せずに、これらホストに接続可能になるように設定して下さい。

これら2台をエミュレートするために、SW1, SW2のinterface Vlan5に対して155.16.23.7/24, 155.16.23.8/24を割り当てて下さい。

構成図の一部を転機すると以下の通りです。


                                       +--------+
                                 ┌----+  Host  |
         s0/1/0  s0/1/0    f0/1  │    +--------+
 +--------+.4    .5+--------+.5  │   155.16.23.7/24
 |   R4   +--------+   R5   +----┤
 +--------+        +--------+    │   155.16.23.8/24
                                 │    +--------+
                                 └----+  Host  |
                                     .8+--------+
       155.16.45.0/24      155.16.5.0/24
 [SW1]
interface Vlan5
 ip address 155.16.23.7 255.255.255.0

 [SW2]
interface Vlan5
 ip address 155.16.23.7 255.255.255.0

設定全文は下記ファイルです。ルーティングなどの詳細設定は下記を参照ください。

R4
hostname Rack16R4
!
enable password cisco
!
ip subnet-zero
no ip domain-lookup
!
interface Loopback0
 ip address 150.16.4.4 255.255.255.0
!
interface FastEthernet0/0
 no shutdown
 ip address 204.12.16.4 255.255.255.0
 no shutdown
!
interface FastEthernet0/1
 no shutdown
 ip address 155.16.146.4 255.255.255.0
 no shutdown
!
interface FastEthernet0/0
 no shutdown
 ip address 204.12.16.4 255.255.255.0
 no shutdown
!
interface FastEthernet0/1
 no shutdown
 ip address 155.16.146.4 255.255.255.0
 no shutdown
!
interface Serial0/0/0
 no shutdown
 encapsulation frame-relay
 ip address 155.16.0.4 255.255.255.0
 no frame-relay inverse-arp
 frame-relay map ip 155.16.0.5 405 broadcast
 frame-relay map ip 155.16.0.3 405
 frame-relay map ip 155.16.0.2 405
 frame-relay map ip 155.16.0.1 405
 ip split-horizon
 no shutdown
!
interface Serial0/1/0
 no shutdown
 ip address 155.16.45.4 255.255.255.0
 clock rate 128000
 no shutdown
!
ip classless
!
router rip
 version 2
 no auto-summary
 timers basic 10 40 30 60
 network 150.16.0.0
 network 155.16.0.0
 network 204.12.16.0
 exit
!
line con 0
 exec-timeout 0 0
 logging synchronous
 privilege level 15
line aux 0
 exec-timeout 0 0
 privilege level 15
line vty 0 4
 password cisco
 login
!
end
R5
hostname Rack16R5
!
enable password cisco
!
ip subnet-zero
no ip domain-lookup
!
interface Loopback0
 ip address 150.16.5.5 255.255.255.0
!
interface FastEthernet0/0
 no shutdown
 ip address 155.16.58.5 255.255.255.0
 no shutdown
!
interface FastEthernet0/1
 no shutdown
 ip address 155.16.5.5 255.255.255.0
 no shutdown
!
interface FastEthernet0/0
 no shutdown
 ip address 155.16.58.5 255.255.255.0
 no shutdown
!
interface FastEthernet0/1
 no shutdown
 ip address 155.16.5.5 255.255.255.0
 no shutdown
!
interface Serial0/0/0
 no shutdown
 encapsulation frame-relay
 ip address 155.16.0.5 255.255.255.0
 no frame-relay inverse-arp
 frame-relay map ip 155.16.0.1 501 broadcast
 frame-relay map ip 155.16.0.2 502 broadcast
 frame-relay map ip 155.16.0.3 503 broadcast
 frame-relay map ip 155.16.0.4 504 broadcast
 no ip split-horizon
 no shutdown
!
interface Serial0/1/0
 no shutdown
 ip address 155.16.45.5 255.255.255.0
 no shutdown
 clock rate 64000
!
ip classless
!
router rip
 version 2
 no auto-summary
 timers basic 10 40 30 60
 network 150.16.0.0
 network 155.16.0.0
 exit
!
line con 0
 exec-timeout 0 0
 logging synchronous
 privilege level 15
line aux 0
 exec-timeout 0 0
 privilege level 15
line vty 0 4
 password cisco
 login
!
end
SW1
hostname Rack16SW1
!
vtp mode transparent
vlan 7,67,146,79,9,22,10,43,5,58,8
!
enable password cisco
!
ip subnet-zero
no ip domain-lookup
!
interface FastEthernet0/3
 no shutdown
 no switchport
 ip address 155.16.37.7 255.255.255.0
!
!   (((range FastEthernet0/ 13 - 21)))
!   ((( switchport mode dynamic desirable)))
interface FastEthernet0/13
 no shutdown
 switchport mode dynamic desirable
!
interface FastEthernet0/14
 no shutdown
 switchport mode dynamic desirable
!
interface FastEthernet0/15
 no shutdown
 switchport mode dynamic desirable
!
interface FastEthernet0/16
 no shutdown
 switchport mode dynamic desirable
!
interface FastEthernet0/17
 no shutdown
 switchport mode dynamic desirable
!
interface FastEthernet0/18
 no shutdown
 switchport mode dynamic desirable
!
interface FastEthernet0/19
 no shutdown
 switchport mode dynamic desirable
!
interface FastEthernet0/20
 no shutdown
 switchport mode dynamic desirable
!
interface FastEthernet0/21
 no shutdown
 switchport mode dynamic desirable
!
interface Vlan5
 ip address 155.16.23.7 255.255.255.0
!
interface Vlan7
 ip address 155.16.7.7 255.255.255.0
!
interface Vlan67
 ip address 155.16.67.7 255.255.255.0
!
interface Vlan79
 ip address 155.16.79.7 255.255.255.0
!
interface Loopback0
 ip address 150.16.7.7 255.255.255.0
!
interface FastEthernet0/1
 no shutdown
 switchport access vlan 146
!
interface FastEthernet0/5
 no shutdown
 switchport access vlan 58
 switchport mode access
!
ip classless
!
ip routing
!
router rip
 version 2
 no auto-summary
 timers basic 10 40 30 60
 network 150.16.0.0
 network 155.16.0.0
 exit
!
line con 0
 exec-timeout 0 0
 logging synchronous
 privilege level 15
line vty 0 15
 password cisco
 login
!
end
SW2
hostname Rack16SW2
!
vtp mode transparent
vlan 7,67,146,79,9,22,10,43,5,58,8
!
enable password cisco
!
ip subnet-zero
no ip domain-lookup
!
!   (((range FastEthernet0/ 13 - 21)))
!   ((( switchport mode dynamic desirable)))
interface FastEthernet0/13
 no shutdown
 switchport mode dynamic desirable
!
interface FastEthernet0/14
 no shutdown
 switchport mode dynamic desirable
!
interface FastEthernet0/15
 no shutdown
 switchport mode dynamic desirable
!
interface FastEthernet0/16
 no shutdown
 switchport mode dynamic desirable
!
interface FastEthernet0/17
 no shutdown
 switchport mode dynamic desirable
!
interface FastEthernet0/18
 no shutdown
 switchport mode dynamic desirable
!
interface FastEthernet0/19
 no shutdown
 switchport mode dynamic desirable
!
interface FastEthernet0/20
 no shutdown
 switchport mode dynamic desirable
!
interface FastEthernet0/21
 no shutdown
 switchport mode dynamic desirable
!
interface Vlan5
 ip address 155.16.23.8 255.255.255.0
!
interface Vlan8
 ip address 155.16.8.8 255.255.255.0
!
interface Vlan58
 ip address 155.16.58.8 255.255.255.0
!
interface Loopback0
 ip address 150.16.8.8 255.255.255.0
!
interface FastEthernet0/2
 no shutdown
 switchport access vlan 22
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/4
 no shutdown
 switchport access vlan 43
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/6
 no shutdown
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 67,146
 switchport mode trunk
!
interface FastEthernet0/24
 no shutdown
 switchport access vlan 22
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/19
 no shutdown
 no switchport
 no ip address
 channel-group 1 mode on
!
interface FastEthernet0/20
 no shutdown
 no switchport
 no ip address
 channel-group 1 mode on
!
interface Port-channel1
 no switchport
 ip address 155.16.108.8 255.255.255.0
!
ip classless
!
ip routing
!
router rip
 version 2
 no auto-summary
 timers basic 10 40 30 60
 network 150.16.0.0
 network 155.16.0.0
 exit
!
line con 0
 exec-timeout 0 0
 logging synchronous
 privilege level 15
line vty 0 15
 password cisco
 login
!
end

Local Area Mobility

仕様説明

以下のコマンドで、Local Area Mobilityを有効にする事ができます。この機能を有効にすると、異なるセグメントからのARP requestに対して応答するようになります。global単位の有効化とinterface単位の有効化の両方が必要である事に注意して下さい。

Router(config)# ip proxy-mobile enable
Router(config)# 
Router(config)# interface <interface>
Router(config-if)# ip proxy-mobile

Local Area Mobilityを有効にしても全てのホストからのARP requestに応答するわけではありません。以下のようにARP requestに対して応答を返すホストをACLで指定して下さい。

Router(config)# interface <interface>
Router(config-if)# ip mobile arp access-group <std_acl>

Local Area Mobilityの機能によりARP responseを返したホストは、ルーティングテーブルにMobileとして載ります。このルートを適当なルーティングプロトコルで再配送する事によって疎通可能になります。

Router(config)# router <protocol>
Router(config-router)# redistribute mobile metric <metric>

動作確認

R5 f0/1において、Local Area Mobilityを有効にします。

 [R5]
ip proxy-mobile enable
!
ip access-list standard ACL_MOBILE
 permit 155.16.23.0 0.0.0.255
!
interface FastEthernet0/1
 ip proxy-mobile
 ip mobile arp access-group ACL_MOBILE

R5において、確かにLocal Area Mobilityが有効になっている事を確認します。

 [R5]
Rack16R5#show ip proxy-mobile
WLAN Proxy Mobile IP : Enabled
Interfaces : FastEthernet0/1
IP address 155.16.5.5, Mask 255.255.255.0, MAC 001a.2fee.bc97, Gateway 0.0.0.0
No active Home Agent
No active Foreign Agent
Uninitialized AP!
Authoritative APs (AAP) not configured
WLAN Proxy Mobile IP traffic:
Time since last cleared: 00:07:17
Foreign MN: 0, doing proxy MIP 0
Advertisements:
    Solicitations sent 4
    Advertisements received 0
Home Agent Registrations:
    Register 0, Deregister 0 requests sent
    Register 0, Deregister 0 replies received
    Accepted 0
    Denied 0, By HA 0 , By FA 0
    Authentication failed MN - HA 0, FA 0
    Gratuitous ARPs sent 0
Rack16R5#

SW1, SW2からそれぞれARP requestを送信します。

 [SW1]
Rack16SW1#ping 155.16.23.255 repeat 2

Type escape sequence to abort.
Sending 2, 100-byte ICMP Echos to 155.16.23.255, timeout is 2 seconds:

Reply to request 0 from 155.16.5.5, 9 ms
Reply to request 0 from 155.16.23.8, 9 ms
Reply to request 1 from 155.16.5.5, 1 ms
Reply to request 1 from 155.16.23.8, 1 ms
Rack16SW1#

 [SW2]
Rack16SW2#ping 155.16.23.255 repeat 2

Type escape sequence to abort.
Sending 2, 100-byte ICMP Echos to 155.16.23.255, timeout is 2 seconds:

Reply to request 0 from 155.16.5.5, 1 ms
Reply to request 0 from 155.16.23.7, 1 ms
Reply to request 1 from 155.16.5.5, 1 ms
Reply to request 1 from 155.16.23.7, 1 ms
Rack16SW2#

ARP responseを返したホストが、ルーティングテーブル上にMobileとして載っている事を確認します。

 [R5]
Rack16R5#show arp | include 23
Internet  155.16.23.7             -   0017.0e3f.3945  ARPA   FastEthernet0/1
Internet  155.16.23.8             -   001f.9e4a.fa46  ARPA   FastEthernet0/1
Rack16R5#
Rack16R5#
Rack16R5#show ip route mobile
     155.16.0.0/16 is variably subnetted, 17 subnets, 2 masks
M       155.16.23.8/32 [3/1] via 155.16.23.8, 00:02:12, FastEthernet0/1
M       155.16.23.7/32 [3/1] via 155.16.23.7, 00:02:36, FastEthernet0/1
Rack16R5#

Mobileのルートを再配送し、このルートが他のルータまで届いている事を確認します。

 [R5]
router rip
 redistribute mobile metric 1

 [R4]
Rack16R4#show ip route | i 23
R       155.16.23.8/32 [120/1] via 155.16.45.5, 00:00:06, Serial0/1/0
R       155.16.23.7/32 [120/1] via 155.16.45.5, 00:00:06, Serial0/1/0
R       155.16.23.0/24 [120/1] via 155.16.0.3, 00:00:05, Serial0/0/0
Rack16R4#
タイトルとURLをコピーしました