관리 메뉴
kjh00n의 기록저장소
PBR 실습2 본문
내가 한 풀이
PC1
ip 50.50.50.1 255.255.255.0 50.50.50.254
PC2
ip 50.50.50.2 255.255.255.0 50.50.50.254
PC3
ip 100.100.100.1 255.255.255.0 100.100.100.254
PC4
ip 100.100.100.2 255.255.255.0 100.100.100.254
PC5
ip 150.150.150.1 255.255.255.0 150.150.150.254
PC6
ip 150.150.150.2 255.255.255.0 150.150.150.254
---------------------------------------------------
R1
conf t
int fa 0/0
ip addr 50.50.50.254 255.255.255.0
no shu
int fa 0/1
ip addr 10.10.10.1 255.255.255.0
no shu
ip route 0.0.0.0 0.0.0.0 10.10.10.2
[Tunneling]
int tunnel 14
ip addr 192.168.10.1 255.255.255.0
tunnel source 10.10.10.1
tunnel destination 30.30.30.4
tunnel mode gre ip
[PBR]
access-list 100 permit ip host 50.50.50.2 host 100.100.100.2
route-map R1 permit
match ip address 100
set ip next-hop 192.168.10.4
int fa 0/0
ip policy route-map R1
access-list 101 permit ip host 50.50.50.2 host 150.150.150.2
route-map R1 permit 20
match ip address 101
set ip next-hop 192.168.10.4
int fa 0/0
ip policy route-map R1
---------------------------------------------------
R2
conf t
int fa 0/0
ip addr 30.30.30.2 255.255.255.0
no shu
int fa 0/1
ip addr 10.10.10.2 255.255.255.0
no shu
int fa 1/0
ip addr 20.20.20.2 255.255.255.0
no shu
---------------------------------------------------
R3
conf t
int fa 0/0
ip addr 150.150.150.254 255.255.255.0
no shu
int fa 1/0
ip addr 20.20.20.3 255.255.255.0
no shu
ip route 0.0.0.0 0.0.0.0 20.20.20.2
[Tunneling]
int tunnel 34
ip addr 192.168.20.3 255.255.255.0
tunnel source 20.20.20.3
tunnel destination 30.30.30.4
tunnel mode gre ip
[PBR]
access-list 100 permit ip host 150.150.150.2 host 100.100.100.2
route-map R3 permit
match ip address 100
set ip next-hop 192.168.20.4
int fa 0/0
ip policy route-map R3
access-list 101 permit ip host 150.150.150.2 host 50.50.50.2
route-map R3 permit 20
match ip address 101
set ip next-hop 192.168.20.4
int fa 0/0
ip policy route-map R3
---------------------------------------------------
R4
conf t
int fa 0/0
ip addr 100.100.100.254 255.255.255.0
no shu
int fa 0/1
ip addr 30.30.30.4 255.255.255.0
no shu
ip route 0.0.0.0 0.0.0.0 30.30.30.2
[Tunneling]
int tunnel 41
ip addr 192.168.10.4 255.255.255.0
tunnel source 30.30.30.4
tunnel destination 10.10.10.1
tunnel mode gre ip
int tunnel 43
ip addr 192.168.20.4 255.255.255.0
tunnel source 30.30.30.4
tunnel destination 20.20.20.3
tunnel mode gre ip
[PBR]
access-list 100 permit ip host 100.100.100.2 host 50.50.50.2
route-map R4 permit
match ip address 100
set ip next-hop 192.168.10.1
int fa 0/0
ip policy route-map R4
access-list 101 permit ip host 100.100.100.2 host 150.150.150.2
route-map R4 permit 20
match ip address 101
set ip next-hop 192.168.20.3
int fa 0/0
ip policy route-map R4
access-list 102 permit ip host 50.50.50.2 host 150.150.150.2
route-map R4 permit 30
match ip address 102
set ip next-hop 192.168.20.3
int fa 0/0
ip policy route-map R4
access-list 103 permit ip host 150.150.150.2 host 50.50.50.2
route-map R4 permit 40
match ip address 103
set ip next-hop 192.168.20.3
int fa 0/0
ip policy route-map R4강사님 풀이
가상에 존재하는 I/F에도 PBR을 설정할 수 있다.
PC1
ip 50.50.50.1 255.255.255.0 50.50.50.254
PC2
ip 50.50.50.2 255.255.255.0 50.50.50.254
PC3
ip 100.100.100.1 255.255.255.0 100.100.100.254
PC4
ip 100.100.100.2 255.255.255.0 100.100.100.254
PC5
ip 150.150.150.1 255.255.255.0 150.150.150.254
PC6
ip 150.150.150.2 255.255.255.0 150.150.150.254
R1
conf t
int fa 0/0
ip addr 50.50.50.254 255.255.255.0
no shu
int fa 0/1
ip addr 10.10.10.1 255.255.255.0
no shu
ip route 0.0.0.0 0.0.0.0 10.10.10.2
int tunnel 0
ip addr 192.168.10.1 255.255.255.0
tunnel source 10.10.10.1
tunnel destination 30.30.30.4
tunnel mode gre ip
access-list 100 permit ip 50.50.50.0 0.0.0.254 100.100.100.0 0.0.0.254
access-list 100 permit ip 50.50.50.0 0.0.0.254 150.150.150.0 0.0.0.254
route-map tu0 permit
match ip address 100
set ip next-hop 192.168.10.4
int fa 0/0
ip policy route-map tu0
R2
conf t
int fa 0/0
ip addr 30.30.30.2 255.255.255.0
no shu
int fa 0/1
ip addr 10.10.10.2 255.255.255.0
no shu
int fa 1/0
ip addr 20.20.20.2 255.255.255.0
no shu
R3
conf t
int fa 0/0
ip addr 150.150.150.254 255.255.255.0
no shu
int fa 1/0
ip addr 20.20.20.3 255.255.255.0
no shu
ip route 0.0.0.0 0.0.0.0 20.20.20.2
int tunnel 1
ip addr 192.168.20.3 255.255.255.0
tunnel source 20.20.20.3
tunnel destination 30.30.30.4
tunnel mode gre ip
access-list 100 permit ip 150.150.150.0 0.0.0.254 50.50.50.0 0.0.0.254
access-list 100 permit ip 150.150.150.0 0.0.0.254 100.100.100.0 0.0.0.254
route-map tu1 permit
match ip address 100
set ip next-hop 192.168.20.4
int fa 0/0
ip policy route-map tu1
R4
conf t
int fa 0/0
ip addr 100.100.100.254 255.255.255.0
no shu
int fa 0/1
ip addr 30.30.30.4 255.255.255.0
no shu
ip route 0.0.0.0 0.0.0.0 30.30.30.2
int tunnel 0
ip addr 192.168.10.4 255.255.255.0
tunnel source 30.30.30.4
tunnel destination 10.10.10.1
tunnel mode gre ip
int tunnel 1
ip addr 192.168.20.4 255.255.255.0
tunnel source 30.30.30.4
tunnel destination 20.20.20.3
tunnel mode gre ip
access-list 100 permit ip 50.50.50.0 0.0.0.254 150.150.150.0 0.0.0.254
access-list 101 permit ip 150.150.150.0 0.0.0.254 50.50.50.0 0.0.0.254
access-list 102 permit ip 100.100.100.0 0.0.0.254 50.50.50.0 0.0.0.254
access-list 103 permit ip 100.100.100.0 0.0.0.254 150.150.150.0 0.0.0.254
route-map tu0 permit
match ip address 100
set ip next-hop 192.168.20.3
int tunnel 0
ip policy route-map tu0
route-map tu1 permit
match ip address 101
set ip next-hop 192.168.10.1
int tunnel 1
ip policy route-map tu1
route-map tu2 permit 10
match ip address 102
set ip next-hop 192.168.10.1
route-map tu2 permit 20
match ip address 103
set ip next-hop 192.168.20.3
int fa 0/0
ip policy route-map tu2'보안 장비 운용' 카테고리의 다른 글
| VPN 실습 (0) | 2025.01.23 |
|---|---|
| VPN (0) | 2025.01.23 |
| PBR 실습 (0) | 2025.01.22 |
| PBR (Policy Based Routin) (0) | 2025.01.22 |
| Tunneling 실습2 (0) | 2025.01.22 |
'보안 장비 운용' Related Articles
more
