Cisco IOS IPサービス – mGRE NHRPの設定

スポンサーリンク

mGRE (multipoint GRE)は宛先が複数存在するトンネルです。複数の宛先はNHRP(next hop resolution protocol)によって動的に生成されます。

概要

multipointのGRE tunnelを作成する方法についてまとめます。multipointの場合、tunnelの宛先を定義するために、NHRP(next hop resolution protocol)を使用する必要があります。

正確な言い方をすれば、NHRPはmGREのためのプロトコルではなくNBMA(non broadcast multi access)環境においてnext hopを解決するためのプロトコルです。詳細な情報はRFC2332を参照下さい。

コマンド一覧

このシナリオで重要なコマンド一覧は以下の通りです。

Router(config)# interface tunnel <num>
Router(config-if)# ip nhrp network-id <id>
Router(config-if)# ip nhrp map <ip_address> <nbma_address>
Router(config-if)# ip nhrp map multicast <nbma_address>
Router(config-if)# ip nhrp hrs <hrs_address>

Router(config)# interface tunnel <num>
Router(config-if)# ip nhrp map multicast dynamic

Router(config)# interface tunnel <num>
Router(config-if)# no ip next-hop-self eigrp <as>

構成図

以下の構成で動作確認を行います。以下のような物理構成に対して、CE間のmultipoint tunnelを作成する方法について考察します。

  [physical diagram]
                                           e0/0
                                           .3+--------+
                       ┌--------------------+   CE3  |
                       │     155.1.23.0/24  +--------+
         e0/0          │                  e0/0
 +--------+.1      +---+----+              .4+--------+
 |   CE1  +--------+   PE2  +----------------+   CE4  |
 +--------+        +---+----+ 155.1.24.0/24  +--------+
        155.1.12.0/24  │                  e0/0
                       │                  .5+--------+
                       └--------------------+   CE5  |
                              155.1.24.0/24  +--------+
 
  [logocal diagram]
                                           tun1345
                                           .3+--------+
                       ┌--------------------+   CE3  |
                       │                    +--------+
         tun1345       │                  tun1345
 +--------+.1          │                  .4+--------+
 |   CE1  +------------┼--------------------+   CE4  |
 +--------+            │                    +--------+
                       │                  tun1345
                       │                  .5+--------+
                       └--------------------+   CE5  |
                                             +--------+
                 192.168.0.0/24


 CE1 Loopback0     PE2 Loopback0     CE3 Loopback0     CE4 Loopback0     CE5 Loopback0
 10.1.1.1/32       10.2.2.2/32       10.3.3.3/32       10.4.4.4/32       10.5.5.5/32
 [CE1, PE2, CE3, CE4, CE5]
router rip
 version 2
 network 155.1.0.0
 no auto-summary

設定全文は下記ファイルです。詳細設定は下記を参照ください。

CE1
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CE1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
!
!
ip cef
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
 ip address 10.1.1.1 255.255.255.255
!
interface Ethernet0/0
 ip address 155.1.12.1 255.255.255.0
 half-duplex
!
interface Ethernet0/1
 no ip address
 shutdown
 half-duplex
!
interface Ethernet0/2
 no ip address
 shutdown
 half-duplex
!
interface Ethernet0/3
 no ip address
 shutdown
 half-duplex
!
!
router rip
 version 2
 network 155.1.0.0
 no auto-summary
!
ip http server
ip forward-protocol nd
!
!
!
!
!
!
control-plane
!
!
!
!
mgcp behavior g729-variants static-pt
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 login
!
!
end
PE2
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname PE2
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
!
!
ip cef
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Ethernet0/0
 ip address 155.1.12.2 255.255.255.0
 half-duplex
!
interface Ethernet0/1
 ip address 155.1.23.2 255.255.255.0
 half-duplex
!
interface Ethernet0/2
 ip address 155.1.24.2 255.255.255.0
 half-duplex
!
interface Ethernet0/3
 ip address 155.1.25.2 255.255.255.0
 half-duplex
!
!
router rip
 version 2
 network 155.1.0.0
 no auto-summary
!
ip http server
ip forward-protocol nd
!
!
!
!
!
!
control-plane
!
!
!
!
mgcp behavior g729-variants static-pt
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 login
!
!
end
CE3
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CE3
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
!
!
ip cef
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
 ip address 10.3.3.3 255.255.255.255
!
interface Ethernet0/0
 ip address 155.1.23.3 255.255.255.0
 half-duplex
!
interface Ethernet0/1
 no ip address
 shutdown
 half-duplex
!
interface Ethernet0/2
 no ip address
 shutdown
 half-duplex
!
interface Ethernet0/3
 no ip address
 shutdown
 half-duplex
!
!
router rip
 version 2
 network 155.1.0.0
 no auto-summary
!
ip http server
ip forward-protocol nd
!
!
!
!
!
!
control-plane
!
!
!
!
mgcp behavior g729-variants static-pt
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 login
!
!
end
CE4
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CE4
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
!
!
ip cef
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
 ip address 10.4.4.4 255.255.255.255
!
interface Ethernet0/0
 ip address 155.1.24.4 255.255.255.0
 half-duplex
!
interface Ethernet0/1
 no ip address
 shutdown
 half-duplex
!
interface Ethernet0/2
 no ip address
 shutdown
 half-duplex
!
interface Ethernet0/3
 no ip address
 shutdown
 half-duplex
!
!
router rip
 version 2
 network 155.1.0.0
 no auto-summary
!
ip http server
ip forward-protocol nd
!
!
!
!
!
!
control-plane
!
!
!
!
mgcp behavior g729-variants static-pt
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 login
!
!
end
CE5
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CE5
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
!
!
ip cef
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
 ip address 10.5.5.5 255.255.255.255
!
interface Ethernet0/0
 ip address 155.1.25.5 255.255.255.0
 half-duplex
!
interface Ethernet0/1
 no ip address
 shutdown
 half-duplex
!
interface Ethernet0/2
 no ip address
 shutdown
 half-duplex
!
interface Ethernet0/3
 no ip address
 shutdown
 half-duplex
!
!
router rip
 version 2
 network 155.1.0.0
 no auto-summary
!
ip http server
ip forward-protocol nd
!
!
!
!
!
!
control-plane
!
!
!
!
mgcp behavior g729-variants static-pt
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 login
!
!
end

仕様説明

static mapping

NHRPを使用するための大前提となる設定がnetwork-idの定義です。NHRPはnetwork-idを元に同一のセグメントかどうかを判断します。以下のようなコマンドを用いて全tunnel interfaceに同一のnetwork-idを付与します

Router(config)# interface tunnel <num>
Router(config-if)# ip nhrp network-id <id>

以下のようなコマンドでtunnel宛先アドレスのmappingをstaticに定義する事ができます。はtunnelのIPアドレスを、は物理interfaceのIPアドレスを指定して下さい。なお、multicast通信をエミュレートするには、ip nhrp map multicastコマンドを指定する必要があります。

Router(config)# interface tunnel <num>
Router(config-if)# ip nhrp map <ip_address> <nbma_address>
Router(config-if)# ip nhrp map multicast <nbma_address>

nexthop server

宛先アドレスのmappingをstaticに定義するのはscalabilityの観点で無理があります。大規模な拠点間接続をする場合は、nethop-serverを定義します。next-hop serverを定義する事によって以下の動作を行います。

  • 自身にstaticに定義されたmapping情報をnexthop serverへの登録を依頼します
  • tunnelの宛先を解決できない場合は、nexthop serverへ宛先を問い合わせます

nexthop serverの設定コマンドは以下の通りです。
<hrs_address>はtunnelのIPアドレスを指定して下さい。

Router(config)# interface tunnel <num>
Router(config-if)# ip nhrp hrs <hrs_address>

nexthop serverは各サーバからのmapping情報(NHRP register request)を元に宛先を決めます。この動的に得られた宛先に対してマルチキャスト通信を行うには以下のコマンドを指定して下さい。

Router(config)# interface tunnel <num>
Router(config-if)# ip nhrp map multicast dynamic

NHRP register

spoke側のルータは自身に定義されたmapping情報をnexthop serverへ登録しようとします。spoke側は以下のようなNHRP register requestというパケットを送信します。

Ethernet II, Src: cc:01:0e:ec:00:00 (cc:01:0e:ec:00:00), Dst: cc:00:0e:ec:00:00 (cc:00:0e:ec:00:00)
Internet Protocol Version 4, Src: 155.1.24.4 (155.1.24.4), Dst: 155.1.12.1 (155.1.12.1)
Generic Routing Encapsulation (NHRP)
Next Hop Resolution Protocol (NHRP Registration Request)
    NHRP Fixed Header
    NHRP Mandatory Part
        Source Protocol Len: 4
        Destination Protocol Len: 4
        Flags: 0x8000
        Request ID: 0x00000001 (1)
        Source NBMA Address: 155.1.24.4 (155.1.24.4)
        Source Protocol Address: 192.168.0.4 (192.168.0.4)
        Destination Protocol Address: 192.168.0.1 (192.168.0.1)
        Client Information Entry
    Responder Address Extension
    Forward Transit NHS Record Extension
    Reverse Transit NHS Record Extension
    End of Extension

nexthop serverはNHRP register replyという返答を返します。

Ethernet II, Src: cc:00:0e:ec:00:00 (cc:00:0e:ec:00:00), Dst: cc:01:0e:ec:00:00 (cc:01:0e:ec:00:00)
Internet Protocol Version 4, Src: 155.1.12.1 (155.1.12.1), Dst: 155.1.24.4 (155.1.24.4)
Generic Routing Encapsulation (NHRP)
Next Hop Resolution Protocol (NHRP Registration Reply)
    NHRP Fixed Header
    NHRP Mandatory Part
        Source Protocol Len: 4
        Destination Protocol Len: 4
        Flags: 0x8000
        Request ID: 0x00000001 (1)
        Source NBMA Address: 155.1.24.4 (155.1.24.4)
        Source Protocol Address: 192.168.0.4 (192.168.0.4)
        Destination Protocol Address: 192.168.0.1 (192.168.0.1)
        Client Information Entry
    Responder Address Extension
    Forward Transit NHS Record Extension
    Reverse Transit NHS Record Extension
    End of Extension

nexthop serverに登録された情報は以下のコマンドで確認する事ができます。

CE1#show ip nhrp
192.168.0.3/32 via 192.168.0.3, Tunnel1345 created 00:05:55, expire 01:54:04
  Type: dynamic, Flags: authoritative unique registered
  NBMA address: 155.1.23.3
192.168.0.4/32 via 192.168.0.4, Tunnel1345 created 00:04:02, expire 01:55:57
  Type: dynamic, Flags: authoritative unique registered
  NBMA address: 155.1.24.4
192.168.0.5/32 via 192.168.0.5, Tunnel1345 created 00:03:49, expire 01:56:10
  Type: dynamic, Flags: authoritative unique registered
  NBMA address: 155.1.25.5
CE1#

NHRP Resolution

spoke側ルータに登録されたmapping情報は以下showコマンドで確認する事ができます。ルータは自身のメモリ内に格納されたmapping情報をまず参照し、自身のメモリ内にmapping情報が存在しない場合は、nexthop serverへ宛先を問い合わせます。

CE3#show ip nhrp
192.168.0.1/32 via 192.168.0.1, Tunnel1345 created 00:07:29, never expire
  Type: static, Flags: authoritative used
  NBMA address: 155.1.12.1
CE3#

spokeルータはNHRP Resolution requestというパケットを送付し、
tunnelの宛先アドレスの解決を試みます。

Ethernet II, Src: cc:02:0b:4c:00:00 (cc:02:0b:4c:00:00), Dst: cc:01:0b:4c:00:01 (cc:01:0b:4c:00:01)
Internet Protocol Version 4, Src: 155.1.23.3 (155.1.23.3), Dst: 155.1.12.1 (155.1.12.1)
Generic Routing Encapsulation (NHRP)
Next Hop Resolution Protocol (NHRP Resolution Request)
    NHRP Fixed Header
    NHRP Mandatory Part
        Source Protocol Len: 4
        Destination Protocol Len: 4
        Flags: 0xc800
        Request ID: 0x00000002 (2)
        Source NBMA Address: 155.1.23.3 (155.1.23.3)
        Source Protocol Address: 192.168.0.3 (192.168.0.3)
        Destination Protocol Address: 192.168.0.4 (192.168.0.4)
        Client Information Entry
            Code: 0
            Prefix Length: 0
            Unused: 0
            Max Transmission Unit: 1514
            Holding Time (s): 7200
            Client Address Type/Len: NSAP format/0
            Client Sub Address Type/Len: NSAP format/0
            Client Protocol Length: 0
            CIE Preference Value: 0
    Responder Address Extension
    Forward Transit NHS Record Extension
    Reverse Transit NHS Record Extension
    End of Extension

nexthop serverはNHRP Resolution replyという返答を返します。

Ethernet II, Src: cc:01:0b:4c:00:01 (cc:01:0b:4c:00:01), Dst: cc:02:0b:4c:00:00 (cc:02:0b:4c:00:00)
Internet Protocol Version 4, Src: 155.1.12.1 (155.1.12.1), Dst: 155.1.23.3 (155.1.23.3)
Generic Routing Encapsulation (NHRP)
Next Hop Resolution Protocol (NHRP Resolution Reply)
    NHRP Fixed Header
    NHRP Mandatory Part
        Source Protocol Len: 4
        Destination Protocol Len: 4
        Flags: 0xf800
        Request ID: 0x00000002 (2)
        Source NBMA Address: 155.1.23.3 (155.1.23.3)
        Source Protocol Address: 192.168.0.3 (192.168.0.3)
        Destination Protocol Address: 192.168.0.4 (192.168.0.4)
        Client Information Entry
            Code: Success
            Prefix Length: 32
            Unused: 0
            Max Transmission Unit: 1514
            Holding Time (s): 7060
            Client Address Type/Len: NSAP format/4
            Client Sub Address Type/Len: NSAP format/0
            Client Protocol Length: 4
            CIE Preference Value: 0
            Client NBMA Address: 155.1.24.4 (155.1.24.4)
            Client Protocol Address: 192.168.0.4 (192.168.0.4)
    Responder Address Extension
    Forward Transit NHS Record Extension
    Reverse Transit NHS Record Extension
    End of Extension

routing protocol

mGRE間でrouting protoclの設定を行います。RIP, EIGRPの場合はsplit-horizonに注意し、OSPFの場合はnetwork typeやDR/BDRに注意して下さい。

またEIGRPの場合は以下のコマンドで、spoke間の直接の通信ができるようになります。このコマンドを投入しないと、next-hopがHUB routerになってしまい遠回りな通信経路になってしまいます。

Router(config)# interface tunnel <num>
Router(config-if)# no ip next-hop-self eigrp <as>

static mapping

設定投入

CE1, CE3でmGREを作成します。宛先情報のmappingはstaticに行います。

 [CE1]
no ip domain-lookup
!
interface Tunnel1345
 ip address 192.168.0.1 255.255.255.0
 ip nhrp map 192.168.0.3 155.1.23.3
 ip nhrp map multicast 155.1.23.3
 ip nhrp network-id 1345
 tunnel source Ethernet0/0
 tunnel mode gre multipoint

 [CE3]
no ip domain-lookup
!
interface Tunnel1345
 ip address 192.168.0.3 255.255.255.0
 ip nhrp map 192.168.0.1 155.1.12.1
 ip nhrp map multicast 155.1.12.1
 ip nhrp network-id 1345
 tunnel source Ethernet0/0
 tunnel mode gre multipoint

動作確認

CE3に登録されたmapping情報を確認します。また、ブロードキャストによる疎通が可能である事を確認します。

CE3#show ip nhrp
192.168.0.1/32 via 192.168.0.1, Tunnel1345 created 00:01:06, never expire
  Type: static, Flags: authoritative used
  NBMA address: 155.1.12.1
CE3#
CE3#
CE3#ping 192.168.0.255

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.0.255, timeout is 2 seconds:

Reply to request 0 from 192.168.0.1, 84 ms
Reply to request 1 from 192.168.0.1, 72 ms
Reply to request 2 from 192.168.0.1, 76 ms
CE3#

nexthop server

設定投入

CE1をnexthop serverとするmGRE tunnelを作成します。

 [CE1]
no interface Tunnel1345
interface Tunnel1345
 ip address 192.168.0.1 255.255.255.0
 ip nhrp map multicast dynamic
 ip nhrp network-id 1345
 tunnel source Ethernet0/0
 tunnel mode gre multipoint

 [CE3]
interface Tunnel1345
 ip nhrp nhs 192.168.0.1

 [CE4]
interface Tunnel1345
 ip address 192.168.0.4 255.255.255.0
 ip nhrp map 192.168.0.1 155.1.12.1
 ip nhrp map multicast 155.1.12.1
 ip nhrp network-id 1345
 ip nhrp nhs 192.168.0.1
 tunnel source Ethernet0/0
 tunnel mode gre multipoint

 [CE5]
interface Tunnel1345
 ip address 192.168.0.5 255.255.255.0
 ip nhrp map 192.168.0.1 155.1.12.1
 ip nhrp map multicast 155.1.12.1
 ip nhrp network-id 1345
 ip nhrp nhs 192.168.0.1
 tunnel source Ethernet0/0
 tunnel mode gre multipoint

動作確認

CE1に登録されたmapping情報を確認します。また、ブロードキャストによる疎通が可能である事を確認します。

 [CE1]
CE1#show ip nhrp
192.168.0.3/32 via 192.168.0.3, Tunnel1345 created 00:14:53, expire 01:45:06
  Type: dynamic, Flags: authoritative unique registered
  NBMA address: 155.1.23.3
192.168.0.4/32 via 192.168.0.4, Tunnel1345 created 00:13:01, expire 01:46:58
  Type: dynamic, Flags: authoritative unique registered
  NBMA address: 155.1.24.4
192.168.0.5/32 via 192.168.0.5, Tunnel1345 created 00:12:48, expire 01:47:11
  Type: dynamic, Flags: authoritative unique registered
  NBMA address: 155.1.25.5
CE1#
CE1#
CE1#ping 192.168.0.255

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.0.255, timeout is 2 seconds:

Reply to request 0 from 192.168.0.3, 76 ms
Reply to request 0 from 192.168.0.5, 76 ms
Reply to request 0 from 192.168.0.4, 76 ms
CE1#

パケット観察

CE3からCE4へのpingを送付しこの時のパケットを観察します。

 [CE3]
CE3#clear ip nhrp
CE3#
CE3#
CE3#show ip nhrp
192.168.0.1/32 via 192.168.0.1, Tunnel1345 created 00:21:18, never expire
  Type: static, Flags: authoritative used
  NBMA address: 155.1.12.1
CE3#
CE3#
CE3#ping 192.168.0.4

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.0.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/48/168 ms
CE3#
CE3#show ip nhrp
192.168.0.1/32 via 192.168.0.1, Tunnel1345 created 00:21:26, never expire
  Type: static, Flags: authoritative used
  NBMA address: 155.1.12.1
192.168.0.4/32 via 192.168.0.4, Tunnel1345 created 00:00:03, expire 01:45:42
  Type: dynamic, Flags: router used
  NBMA address: 155.1.24.4
CE3#

この時観察されたパケットは以下の通りです。一発目のpingの後にNHRP Resolution Requestが送信されている事をまず頭の片隅に置いて下さい。

No.     Time        Source                Destination           Protocol Length Info
      1 0.000000    cc:02:0b:4c:00:00     cc:02:0b:4c:00:00     LOOP     60     Reply
      2 0.432000    cc:01:0b:4c:00:01     cc:01:0b:4c:00:01     LOOP     60     Reply
      3 3.148000    192.168.0.3           192.168.0.4           ICMP     138    Echo (ping) request  id=0x0003, seq=0/0, ttl=255
      4 3.150000    155.1.23.3            155.1.12.1            NHRP     106    NHRP Resolution Request, ID=2
      5 3.204000    155.1.12.1            155.1.23.3            NHRP     134    NHRP Resolution Reply, ID=2, Code=Success
      6 3.221000    192.168.0.4           192.168.0.3           ICMP     138    Echo (ping) reply    id=0x0003, seq=0/0, ttl=254
      7 3.272000    192.168.0.3           192.168.0.4           ICMP     138    Echo (ping) request  id=0x0003, seq=1/256, ttl=255
      8 3.300000    192.168.0.4           192.168.0.3           ICMP     138    Echo (ping) reply    id=0x0003, seq=1/256, ttl=255
      9 3.320000    192.168.0.3           192.168.0.4           ICMP     138    Echo (ping) request  id=0x0003, seq=2/512, ttl=255
     10 3.326000    192.168.0.4           192.168.0.3           ICMP     138    Echo (ping) reply    id=0x0003, seq=2/512, ttl=255
     11 3.328000    192.168.0.3           192.168.0.4           ICMP     138    Echo (ping) request  id=0x0003, seq=3/768, ttl=255
     12 3.334000    192.168.0.4           192.168.0.3           ICMP     138    Echo (ping) reply    id=0x0003, seq=3/768, ttl=255
     13 3.336000    192.168.0.3           192.168.0.4           ICMP     138    Echo (ping) request  id=0x0003, seq=4/1024, ttl=255
     14 3.342000    192.168.0.4           192.168.0.3           ICMP     138    Echo (ping) reply    id=0x0003, seq=4/1024, ttl=255
     15 5.177000    192.168.0.3           192.168.0.4           ICMP     138    Echo (ping) request  id=0x0004, seq=0/0, ttl=255
     16 5.208000    192.168.0.4           192.168.0.3           ICMP     138    Echo (ping) reply    id=0x0004, seq=0/0, ttl=255
     17 5.226000    192.168.0.3           192.168.0.4           ICMP     138    Echo (ping) request  id=0x0004, seq=1/256, ttl=255
     18 5.231000    192.168.0.4           192.168.0.3           ICMP     138    Echo (ping) reply    id=0x0004, seq=1/256, ttl=255
     19 5.233000    192.168.0.3           192.168.0.4           ICMP     138    Echo (ping) request  id=0x0004, seq=2/512, ttl=255
     20 5.239000    192.168.0.4           192.168.0.3           ICMP     138    Echo (ping) reply    id=0x0004, seq=2/512, ttl=255
     21 5.241000    192.168.0.3           192.168.0.4           ICMP     138    Echo (ping) request  id=0x0004, seq=3/768, ttl=255
     22 5.247000    192.168.0.4           192.168.0.3           ICMP     138    Echo (ping) reply    id=0x0004, seq=3/768, ttl=255
     23 5.249000    192.168.0.3           192.168.0.4           ICMP     138    Echo (ping) request  id=0x0004, seq=4/1024, ttl=255
     24 5.255000    192.168.0.4           192.168.0.3           ICMP     138    Echo (ping) reply    id=0x0004, seq=4/1024, ttl=255
     25 7.611000    155.1.23.2            224.0.0.9             RIPv2    106    Response
     26 9.997000    cc:02:0b:4c:00:00     cc:02:0b:4c:00:00     LOOP     60     Reply
     27 10.432000   cc:01:0b:4c:00:01     cc:01:0b:4c:00:01     LOOP     60     Reply

1発目のpingは以下の通りです。tunnel内の宛先アドレスがCE1(155.1.12.1)になっています。
nexthopが解決できない場合は、nexthop serverにパケットを送付する動作をします。すなわち、nexthop serverが解決できない間はCE3, CE1, CE4という通信経路になります。

Ethernet II, Src: cc:02:0b:4c:00:00 (cc:02:0b:4c:00:00), Dst: cc:01:0b:4c:00:01 (cc:01:0b:4c:00:01)
Internet Protocol Version 4, Src: 155.1.23.3 (155.1.23.3), Dst: 155.1.12.1 (155.1.12.1)
Generic Routing Encapsulation (IP)
Internet Protocol Version 4, Src: 192.168.0.3 (192.168.0.3), Dst: 192.168.0.4 (192.168.0.4)
Internet Control Message Protocol

2発目のpingは以下の通りです。tunnel内の宛先アドレスがCE4(155.1.24.4)になっています。nexthopが解決できたので、CE3からCE4へ直接送信されるようになりました。

Ethernet II, Src: cc:02:0b:4c:00:00 (cc:02:0b:4c:00:00), Dst: cc:01:0b:4c:00:01 (cc:01:0b:4c:00:01)
Internet Protocol Version 4, Src: 155.1.23.3 (155.1.23.3), Dst: 155.1.24.4 (155.1.24.4)
Generic Routing Encapsulation (IP)
Internet Protocol Version 4, Src: 192.168.0.3 (192.168.0.3), Dst: 192.168.0.4 (192.168.0.4)
Internet Control Message Protocol

routing protocol

設定投入

mGRE間でEIGRPを設定します。

 [CE1, CE3, CE4, CE5]
router eigrp 1
 network 10.0.0.0
 network 192.168.0.0
 no auto-summary

 [CE1]
interface Tunnel1345
 no ip split-horizon eigrp 1

ここまでの設定でルーティングを確認します。nexthopがHUBであるCE1(192.168.0.1)になっており、遠回りな通信経路になっています。

 [CE3]
CE3#show ip route eigrp
     10.0.0.0/32 is subnetted, 4 subnets
D       10.1.1.1 [90/297372416] via 192.168.0.1, 00:00:39, Tunnel1345
D       10.4.4.4 [90/310172416] via 192.168.0.1, 00:00:04, Tunnel1345
D       10.5.5.5 [90/310172416] via 192.168.0.1, 00:00:04, Tunnel1345
CE3#

CE1に以下のコマンドを投入し、nexthopを制御します。

 [CE1]
interface Tunnel1345
 no ip next-hop-self eigrp 1

設定投入

ルーティングを確認します。

 [CE3]
CE3#show ip route eigrp
     10.0.0.0/32 is subnetted, 4 subnets
D       10.1.1.1 [90/297372416] via 192.168.0.1, 00:08:56, Tunnel1345
D       10.4.4.4 [90/310172416] via 192.168.0.4, 00:08:57, Tunnel1345
D       10.5.5.5 [90/310172416] via 192.168.0.5, 00:08:56, Tunnel1345
CE3#

疎通を確認します。

 [CE3]
CE3#tclsh
CE3(tcl)#foreach h {
+>10.1.1.1
+>10.4.4.4
+>10.5.5.5
+>} { ping $h source Loopback 0 }

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds:
Packet sent with a source address of 10.3.3.3
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/49/92 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.4.4.4, timeout is 2 seconds:
Packet sent with a source address of 10.3.3.3
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/29/88 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.5.5.5, timeout is 2 seconds:
Packet sent with a source address of 10.3.3.3
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/56/120 ms
CE3(tcl)#
タイトルとURLをコピーしました