2 vpn channels with gre tunnel ans ospf quagga: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Thomas (Diskussion | Beiträge) (→quagga) |
Thomas (Diskussion | Beiträge) (→quagga) |
||
| Zeile 81: | Zeile 81: | ||
router ospf | router ospf | ||
ospf router-id 10.83.33.1 | ospf router-id 10.83.33.1 | ||
| + | redistribute static | ||
passive-interface ens6 | passive-interface ens6 | ||
network 10.1.1.32/32 area 0.0.0.0 | network 10.1.1.32/32 area 0.0.0.0 | ||
network 10.1.8.32/32 area 0.0.0.0 | network 10.1.8.32/32 area 0.0.0.0 | ||
network 10.83.33.0/24 area 0.0.0.0 | network 10.83.33.0/24 area 0.0.0.0 | ||
| − | ! | + | network 192.168.77.0/24 area 0.0.0.0 |
| + | ! | ||
ip forwarding | ip forwarding | ||
! | ! | ||
Version vom 14. Dezember 2017, 08:37 Uhr
gustavo
strongswan
- /etc/ipsec.conf
conn gustavo-tiazel-1
authby=secret
type=transport
left=10.84.252.33
right=10.84.252.32
auto=start
conn gustavo-tiazel-2
authby=secret
type=transport
left=10.84.244.33
right=10.84.244.32
auto=start
- /etc/ipsec.secret
10.84.252.33 10.84.252.31 : PSK "suxer" 10.84.244.33 10.84.244.31 : PSK "suxer"
gre tunnel
#!/bin/bash modprobe ip_gre LIP1="10.84.252.33" RIP1="10.84.252.32" LIP2="10.84.244.33" RIP2="10.84.244.32" LTIP1="10.1.1.33" RTIP1="10.1.1.32" LTIP2="10.1.8.33" RTIP2="10.1.8.32" ip tunnel add gt1 mode gre remote $RIP1 local $LIP1 ttl 255 ip tunnel add gt2 mode gre remote $RIP2 local $LIP2 ttl 255 ip address add dev gt1 $LTIP1 peer $RTIP1/32 ip address add dev gt2 $LTIP2 peer $RTIP2/32 ip link set gt1 up ip link set gt2 up
quagga
log file /var/log/quagga/quagga.log ! interface dummy0 ipv6 nd suppress-ra no link-detect ! interface ens3 ipv6 nd suppress-ra no link-detect ! interface ens6 ipv6 nd suppress-ra no link-detect ! interface ens7 ipv6 nd suppress-ra no link-detect ! interface gre0 ipv6 nd suppress-ra no link-detect ! interface gretap0 ipv6 nd suppress-ra no link-detect ! interface gt1 ipv6 nd suppress-ra no link-detect ! interface gt2 ipv6 nd suppress-ra no link-detect ! interface lo no link-detect ! router ospf ospf router-id 10.83.33.1 redistribute static passive-interface ens6 network 10.1.1.32/32 area 0.0.0.0 network 10.1.8.32/32 area 0.0.0.0 network 10.83.33.0/24 area 0.0.0.0 network 192.168.77.0/24 area 0.0.0.0 ! ip forwarding ! line vty
tiazel
strongswan
- /etc/ipsec.conf
conn gustavo-tiazel-1
authby=secret
type=transport
left=10.84.252.33
right=10.84.252.32
auto=start
conn gustavo-tiazel-2
authby=secret
type=transport
left=10.84.244.33
right=10.84.244.32
auto=start
- /etc/ipsec.secret
10.84.252.32 10.84.252.33 : PSK "suxer" 10.84.244.32 10.84.244.33 : PSK "suxer"#!/bin/bash
gre tunnel
#!/bin/bash modprobe ip_gre LIP1="10.84.252.32" RIP1="10.84.252.33" LIP2="10.84.244.32" RIP2="10.84.244.33" LTIP1="10.1.1.32" RTIP1="10.1.1.33" LTIP2="10.1.8.32" RTIP2="10.1.8.33" ip tunnel add gt1 mode gre remote $RIP1 local $LIP1 ttl 255 ip tunnel add gt2 mode gre remote $RIP2 local $LIP2 ttl 255 ip address add dev gt1 $LTIP1 peer $RTIP1/32 ip address add dev gt2 $LTIP2 peer $RTIP2/32 ip link set gt1 up ip link set gt2 up
quagga
log file /var/log/quagga/quagga.log ! interface dummy0 ipv6 nd suppress-ra no link-detect ! interface ens3 ipv6 nd suppress-ra no link-detect ! interface ens6 ipv6 nd suppress-ra no link-detect ! interface ens7 ipv6 nd suppress-ra no link-detect ! interface gre0 ipv6 nd suppress-ra no link-detect ! interface gretap0 ipv6 nd suppress-ra no link-detect ! interface gt1 ipv6 nd suppress-ra no link-detect ! interface gt2 ipv6 nd suppress-ra no link-detect ! interface lo no link-detect ! router ospf ospf router-id 10.83.32.1 passive-interface ens6 network 10.1.1.33/32 area 0.0.0.0 network 10.1.8.33/32 area 0.0.0.0 network 10.83.32.0/24 area 0.0.0.0 ! ip route 192.168.77.0/24 10.83.32.11 ! ip forwarding ! line vty