Problem z routingiem

Problemy związane z routingiem

Moderatorzy: mikrobi, garfield, gangrena, Seba, aron

Wiadomość
Autor
cake86
member
member
Posty: 19
Rejestracja: 02 wrz 2012, 10:53

Problem z routingiem

#1

#1 Post autor: cake86 »

Mam problem z routingiem na routerze, na którym podłączone są 2 wany i 2 lany. Lany skonfigurowane są poprzez interfejsy wilanowe na karcie wic-4esw. Po skonfigurowaniu samych interfejsów routing działał poprawnie, można było się pingować pomiędzy 2 podsieciami ale po dołożeniu natu ip sla i tracków przestał działać. Mogę tylko pingować 2 interfejsy lanowe (bramy po stronie lanu). Zamieszczam poniżej konfiguracje z routera oraz tablicę routingu. Proszę o podpowiedź, z góry dziękuję.



R2_UMO#sh run
Building configuration...


Current configuration : 2859 bytes
!
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R2_UMO
!
boot-start-marker
boot-end-marker
!
!
!
aaa new-model
!
!
aaa authentication login default local
aaa authorization exec default local
!
!
!
!
!
aaa session-id common
clock timezone utc 1 0
!
dot11 syslog
ip source-route
!
!
ip cef
!
!
!
ip domain name xxxx
ip name-server 1.1.1.1
ip name-server 1.0.0.1
no ipv6 cef
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
voice-card 0
!
crypto pki token default removal timeout 0
!
!
!
!
license udi pid sn
username privilege 15 password 0
!
!
ip ssh version 2
!
track 1 ip sla 1 reachability
delay down 1 up 1
!
track 2 ip sla 2 reachability
delay down 1 up 1
!
!
!
!
!
interface GigabitEthernet0/0
description
ip address x.x.x.x 255.255.255.240
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/1
description
ip address 10.0.0.254 255.255.255.0
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
interface FastEthernet0/0/0
description VLAN_9
switchport access vlan 9
!
interface FastEthernet0/0/1
description VLAN_21
switchport access vlan 21
!
interface FastEthernet0/0/2
!
interface FastEthernet0/0/3
!
interface Vlan1
no ip address
!
interface Vlan9
ip address 192.168.9.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
ip policy route-map 1
!
interface Vlan21
ip address 192.168.21.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
ip policy route-map 1
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip nat inside source route-map 2 interface GigabitEthernet0/0 overload
ip nat inside source route-map 3 interface GigabitEthernet0/1 overload
ip nat inside source static tcp x.x.x.x xxxx x.x.x.x xxxx extendable
ip route 0.0.0.0 0.0.0.0 91.218.157.65 track 1
ip route 0.0.0.0 0.0.0.0 10.0.0.1 track 2
!
ip sla 1
icmp-echo 91.218.157.65 source-interface GigabitEthernet0/0
frequency 5
ip sla schedule 1 life forever start-time now
ip sla 2
icmp-echo 10.0.0.1 source-interface GigabitEthernet0/1
frequency 5
ip sla schedule 2 life forever start-time now
logging esm config
access-list 100 permit ip any any
!
route-map 1 permit 10
match ip address 100
set ip next-hop verify-availability 91.218.157.65 1 track 1
set ip next-hop verify-availability 10.0.0.1 2 track 2
!
route-map 2 permit 10
match ip address 100
match interface GigabitEthernet0/0
!
route-map 3 permit 10
match ip address 100
match interface GigabitEthernet0/1
!
!
!
!
control-plane
!
!
!
!
mgcp profile default
!
!
!
!
!
line con 0
logging synchronous
line aux 0
line vty 0 4
logging synchronous
transport input ssh
!
scheduler allocate 20000 1000
ntp server 194.146.251.100
end

R2_UMO#




Gateway of last resort is 91.218.157.65 to network 0.0.0.0

S* 0.0.0.0/0 [1/0] via 91.218.157.65
[1/0] via 10.0.0.1
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.0.0.0/24 is directly connected, GigabitEthernet0/1
L 10.0.0.254/32 is directly connected, GigabitEthernet0/1
91.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 91.218.157.64/28 is directly connected, GigabitEthernet0/0
L x.x.x.x/32 is directly connected, GigabitEthernet0/0
192.168.9.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.9.0/24 is directly connected, Vlan9
L 192.168.9.1/32 is directly connected, Vlan9
192.168.21.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.21.0/24 is directly connected, Vlan21
L 192.168.21.1/32 is directly connected, Vlan21

Awatar użytkownika
scoon
wannabe
wannabe
Posty: 299
Rejestracja: 28 paź 2008, 12:24

Re: Problem z routingiem

#2

#2 Post autor: scoon »

Spróbuj wyrzucić z route mapek match interface.

cake86
member
member
Posty: 19
Rejestracja: 02 wrz 2012, 10:53

Re: Problem z routingiem

#3

#3 Post autor: cake86 »

scoon pisze: 12 sty 2021, 14:17 Spróbuj wyrzucić z route mapek match interface.
po całkowitym usunięciu match interface ... przy route-map 2 i 3 routing wrócił ale nat nie działa (nie ma internetu)
jakiś pomysł?

Awatar użytkownika
scoon
wannabe
wannabe
Posty: 299
Rejestracja: 28 paź 2008, 12:24

Re: Problem z routingiem

#4

#4 Post autor: scoon »

Sprobuj zamiast route map uzyc aclki w translacji source nat overload.

cake86
member
member
Posty: 19
Rejestracja: 02 wrz 2012, 10:53

Re: Problem z routingiem

#5

#5 Post autor: cake86 »

scoon pisze: 12 sty 2021, 15:57 Sprobuj zamiast route map uzyc aclki w translacji source nat overload.
skasowałem route-map 2 i 3, dpoisałem 1 acl (taka sama pod innym numerem) oraz 2 wpisy to nat, internet jest ale routing między 2 interfejsami vilanowymi znikł

Awatar użytkownika
scoon
wannabe
wannabe
Posty: 299
Rejestracja: 28 paź 2008, 12:24

Re: Problem z routingiem

#6

#6 Post autor: scoon »

Co rozumiesz przez to, że routing między vlanowy znikł?

Awatar użytkownika
cbr
member
member
Posty: 38
Rejestracja: 09 wrz 2015, 19:35

Re: Problem z routingiem

#7

#7 Post autor: cbr »

Kod: Zaznacz cały


     +----+            +----+     
     |ISP1|            |ISP2|     
     +----+            +----+     
   1.1.1.0/30         2.2.2.0/30  
        |                 |       
        |                 |       
        |      +-----+    |       
        |----- | RTR |----|       
               +-----+            
                  |               
                  |               
   +-------+   +-----+  +-------+ 
   |  PC1  |---| SW  |--|  PC2  | 
   +-------+   +-----+  +-------+ 
 192.168.1.10         192.168.2.10
 

Kod: Zaznacz cały

   RTR
---------
interface Ethernet0/0
 ip address 1.1.1.2 255.255.255.252
 ip nat outside
 ip virtual-reassembly in
!
interface Ethernet0/1
 ip address 2.2.2.2 255.255.255.252
 ip nat outside
 ip virtual-reassembly in
 !
 interface Ethernet0/2.10
 encapsulation dot1Q 10
 ip address 192.168.1.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
!
interface Ethernet0/2.20
 encapsulation dot1Q 20
 ip address 192.168.2.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
 !
ip nat inside source route-map isp1 interface Ethernet0/0 overload
ip nat inside source route-map isp2 interface Ethernet0/1 overload
!
ip route 0.0.0.0 0.0.0.0 1.1.1.1 track 1
ip route 0.0.0.0 0.0.0.0 2.2.2.1 10 track 2
!
track 1 ip sla 1 reachability
track 2 ip sla 2 reachability
!
ip sla 1
 icmp-echo 1.1.1.1 source-interface Ethernet0/0
ip sla schedule 1 life forever start-time now
ip sla 2
 icmp-echo 2.2.2.1 source-interface Ethernet0/1
ip sla schedule 2 life forever start-time now
!
route-map isp1 permit 10
 match ip address 100
 match interface Ethernet0/0
!
route-map isp2 permit 10
 match ip address 100
 match interface Ethernet0/1
!
access-list 100 permit ip 192.168.0.0 0.0.3.255 any

cake86
member
member
Posty: 19
Rejestracja: 02 wrz 2012, 10:53

Re: Problem z routingiem

#8

#8 Post autor: cake86 »

Problem rozwiązany, dziękuję za pomoc, problem był w acl.

ODPOWIEDZ