No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

CLI-based Configuration Guide - VPN

AR650, AR1600, and AR6100 V300R003

This document describes VPN features on the device and provides configuration procedures and configuration examples.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Example for Enlarging the Operation Scope of a Network with a Hop Limit

Example for Enlarging the Operation Scope of a Network with a Hop Limit

Networking Requirements

As shown in Figure 2-14, RouterA, RouterB, RouterC, and RouterD run RIP to implement interworking. Data sent from RouterA to RouterD must pass through only one hop. That is, the route cost is 1. RIP is deployed without changing the network topology. There are two hops between RouterA and RouterD. To reduce a hop, you need to set up a GRE tunnel between RouterA and RouterC. Although the logical hop count is 1, there are two devices on the path from RouterA to RouterD. Therefore, the hop count allowed on a RIP network is increased.

Figure 2-14  Enlarging the operation scope of a network with a hop limit

Configuration Roadmap

The configuration roadmap is as follows:

  1. Run RIP process 1 on RouterA, RouterB, and RouterC to implement interworking among them.

  2. Set up a GRE tunnel between RouterA and RouterC to hide RouterB.

  3. Run RIP process 2 on RouterA, RouterC, and RouterD to forward packets over the GRE tunnel. The actual hop counts allowed on a RIP network is increased.

Procedure

  1. Configure an IP address for each physical interface.

    # Configure RouterA.

    <Huawei> system-view
    [Huawei] sysname RouterA
    [RouterA] interface gigabitethernet 1/0/0
    [RouterA-GigabitEthernet1/0/0] ip address 20.1.1.1 255.255.255.0
    [RouterA-GigabitEthernet1/0/0] quit

    # Configure RouterB.

    <Huawei> system-view
    [Huawei] sysname RouterB
    [RouterB] interface gigabitethernet 1/0/0
    [RouterB-GigabitEthernet1/0/0] ip address 20.1.1.2 255.255.255.0
    [RouterB-GigabitEthernet1/0/0] quit
    [RouterB] interface gigabitethernet 2/0/0
    [RouterB-GigabitEthernet2/0/0] ip address 30.1.1.1 255.255.255.0
    [RouterB-GigabitEthernet2/0/0] quit

    # Configure RouterC.

    <Huawei> system-view
    [Huawei] sysname RouterC
    [RouterC] interface gigabitethernet 1/0/0
    [RouterC-GigabitEthernet1/0/0] ip address 30.1.1.2 255.255.255.0
    [RouterC-GigabitEthernet1/0/0] quit
    [RouterC] interface gigabitethernet 2/0/0
    [RouterC-GigabitEthernet2/0/0] ip address 40.1.1.1 255.255.255.0
    [RouterC-GigabitEthernet2/0/0] quit

    # Configure RouterD.

    <Huawei> system-view
    [Huawei] sysname RouterD
    [RouterD] interface gigabitethernet 1/0/0
    [RouterD-GigabitEthernet1/0/0] ip address 40.1.1.2 255.255.255.0
    [RouterD-GigabitEthernet1/0/0] quit

  2. Run RIP process 1 on devices.

    # Configure RouterA.

    [RouterA] rip 1
    [RouterA-rip-1] version 2
    [RouterA-rip-1] network 20.0.0.0 
    [RouterA-rip-1] quit

    # Configure RouterB.

    [RouterB] rip 1
    [RouterB-rip-1] version 2
    [RouterB-rip-1] network 20.0.0.0
    [RouterB-rip-1] network 30.0.0.0
    [RouterB-rip-1] quit

    # Configure RouterC.

    [RouterC] rip 1
    [RouterC-rip-1] version 2
    [RouterC-rip-1] network 30.0.0.0
    [RouterC-rip-1] quit

    # After the configuration is complete, run the display ip routing-table command on RouterA and RouterC. The command output shows that they have learned the RIP route destined for the network segment of the peer.

    # The command output on RouterA is used as an example.

    [RouterA] display ip routing-table
    <keyword conref="../commonterms/commonterms.xml#commonterms/route-flags"></keyword>
    ------------------------------------------------------------------------------
    Routing Tables: Public
             Destinations : 8        Routes : 8
    
    Destination/Mask    Proto   Pre  Cost      Flags NextHop         Interface
    
           20.1.1.0/24  Direct  0    0           D   20.1.1.1        GigabitEthernet1/0/0
           20.1.1.1/32  Direct  0    0           D   127.0.0.1       GigabitEthernet1/0/0
         20.1.1.255/32  Direct  0    0           D   127.0.0.1       GigabitEthernet1/0/0
           30.1.1.0/24  RIP     100  1           D   20.1.1.2        GigabitEthernet1/0/0
          127.0.0.0/8   Direct  0    0           D   127.0.0.1       InLoopBack0
          127.0.0.1/32  Direct  0    0           D   127.0.0.1       InLoopBack0
    127.255.255.255/32  Direct  0    0           D   127.0.0.1       InLoopBack0
    255.255.255.255/32  Direct  0    0           D   127.0.0.1       InLoopBack0

  3. Configure a tunnel interface.

    # Configure RouterA.

    [RouterA] interface tunnel 0/0/1
    [RouterA-Tunnel0/0/1] tunnel-protocol gre
    [RouterA-Tunnel0/0/1] ip address 50.1.1.1 255.255.255.0
    [RouterA-Tunnel0/0/1] source 20.1.1.1
    [RouterA-Tunnel0/0/1] destination 30.1.1.2
    [RouterA-Tunnel0/0/1] quit

    # Configure RouterC.

    [RouterC] interface tunnel 0/0/1
    [RouterC-Tunnel0/0/1] tunnel-protocol gre
    [RouterC-Tunnel0/0/1] ip address 50.1.1.2 255.255.255.0
    [RouterC-Tunnel0/0/1] source 30.1.1.2
    [RouterC-Tunnel0/0/1] destination 20.1.1.1
    [RouterC-Tunnel0/0/1] quit

    # After the configuration is complete, the tunnel interfaces turn Up and can ping each other.

    # The command output on RouterA is used as an example.

    [RouterA] ping -a 50.1.1.1 50.1.1.2
      PING 50.1.1.2: 56  data bytes, press CTRL_C to break
        Reply from 50.1.1.2: bytes=56 Sequence=1 ttl=255 time=1 ms
        Reply from 50.1.1.2: bytes=56 Sequence=2 ttl=255 time=1 ms
        Reply from 50.1.1.2: bytes=56 Sequence=3 ttl=255 time=1 ms
        Reply from 50.1.1.2: bytes=56 Sequence=4 ttl=255 time=1 ms
        Reply from 50.1.1.2: bytes=56 Sequence=5 ttl=255 time=1 ms
    
      --- 50.1.1.2 ping statistics ---
        5 packet(s) transmitted
        5 packet(s) received
        0.00% packet loss
        round-trip min/avg/max = 1/1/1 ms
    

  4. Run RIP process 2 on tunnel interfaces.

    # Configure RouterA.

    [RouterA] rip 2
    [RouterA-rip-2] version 2
    [RouterA-rip-2] network 50.0.0.0
    [RouterA-rip-2] quit

    # Configure RouterC.

    [RouterC] rip 2
    [RouterC-rip-2] version 2
    [RouterC-rip-2] network 50.0.0.0
    [RouterC-rip-2] network 40.0.0.0
    [RouterC-rip-2] quit

    # Configure RouterD.

    [RouterD] rip 2
    [RouterD-rip-2] version 2
    [RouterD-rip-2] network 40.0.0.0
    [RouterD-rip-2] quit

  5. Verify the configuration.

    # After the configuration is complete, run the display ip routing-table command on RouterA and RouterD. The command output shows that the cost of the route to the destination address of the peer device is 1.

    # The command output on RouterA is used as an example.

    [RouterA] display ip routing-table
    <keyword conref="../commonterms/commonterms.xml#commonterms/route-flags"></keyword>
    ------------------------------------------------------------------------------
    Routing Tables: Public
             Destinations : 12       Routes : 12
    
    Destination/Mask    Proto   Pre  Cost      Flags NextHop         Interface
    
           20.1.1.0/24  Direct  0    0           D   20.1.1.1        GigabitEthernet1/0/0
           20.1.1.1/32  Direct  0    0           D   127.0.0.1       GigabitEthernet1/0/0
         20.1.1.255/32  Direct  0    0           D   127.0.0.1       GigabitEthernet1/0/0
           30.1.1.0/24  RIP     100  1           D   20.1.1.2        GigabitEthernet1/0/0
           40.1.1.0/24  RIP     100  1           D   50.1.1.2        Tunnel0/0/1
           50.1.1.0/24  Direct  0    0           D   50.1.1.1        Tunnel0/0/1
           50.1.1.1/32  Direct  0    0           D   127.0.0.1       Tunnel0/0/1
         50.1.1.255/32  Direct  0    0           D   127.0.0.1       Tunnel0/0/1
          127.0.0.0/8   Direct  0    0           D   127.0.0.1       InLoopBack0
          127.0.0.1/32  Direct  0    0           D   127.0.0.1       InLoopBack0
    127.255.255.255/32  Direct  0    0           D   127.0.0.1       InLoopBack0
    255.255.255.255/32  Direct  0    0           D   127.0.0.1       InLoopBack0
    

Configuration Files

  • Configuration file of RouterA

    #
     sysname RouterA
    #
    interface GigabitEthernet1/0/0
     ip address 20.1.1.1 255.255.255.0
    #
    interface Tunnel0/0/1
     ip address 50.1.1.1 255.255.255.0
     tunnel-protocol gre
     source 20.1.1.1
     destination 30.1.1.2
    #
    rip 1
     version 2
     network 20.0.0.0
    #
    rip 2
     version 2
     network 50.0.0.0
    #
    return
  • Configuration file of RouterB

    #
     sysname RouterB
    #
    interface GigabitEthernet1/0/0
     ip address 20.1.1.2 255.255.255.0
    #
    interface GigabitEthernet2/0/0
     ip address 30.1.1.1 255.255.255.0
    #
    rip 1
     version 2
     network 20.0.0.0
     network 30.0.0.0
    #
    return
  • Configuration file of RouterC

    #
     sysname RouterC
    #
    interface GigabitEthernet1/0/0
     ip address 30.1.1.2 255.255.255.0
    #
    interface GigabitEthernet2/0/0
     ip address 40.1.1.1 255.255.255.0
    #
    interface Tunnel0/0/1
     ip address 50.1.1.2 255.255.255.0
     tunnel-protocol gre
     source 30.1.1.2
     destination 20.1.1.1
    #
    rip 1
     version 2
     network 30.0.0.0
    #
    rip 2
     version 2
     network 40.0.0.0
     network 50.0.0.0
    #
    return
  • Configuration file of RouterD

    #
     sysname RouterD
    #
    interface GigabitEthernet1/0/0
     ip address 40.1.1.2 255.255.255.0
    #
    rip 2
     version 2
     network 40.0.0.0
    #
    return
Download
Updated: 2019-04-12

Document ID: EDOC1100041799

Views: 31754

Downloads: 45

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next