Настройка службы frr
Настройка ip tunel
Настройка dhsp
=== R1 ===
sudo
nmtui
edit a connection R3
Routing > Edit > IPv4 0.0.0.0/0 1.1.1.1 100
Routing > Edit > IPv6 ::/0 1110:a::1 100
reboot
=== R2 ===
sudo
nmtui
edit a connection R2-R3
Routing > edit > IPv4 0.0.0.0/0 2.2.2.1 100
Routing > edit > IPv6 ::/0 2220:b::1 100
reboot
=== R1 ===
sudo
nmtui
edit connection R1> Add > IP tunnel
parent ethernet ....
Local IP 1.1.1.100
Remote IP 2.2.2.100
IPv4 > manual > addresses 172.28.14.251/24
IPv6 > manual > addresses 172:28:14::a/64
reboot
=== R2 ===
sudo
nmtui
edit connection R2-R3 > Add > IP tunnel
parent ethernet....
Local IP 2.2.2.100
Remote IP 1.1.1.100
IPv4 > manual > addresses 172.28.14.252/24
IPv6 > manual > addresses 172:28:14::b/64
reboot
=== R1 ===
sudo
nmcli connection modify GRE-1 ip-tunnel.ttl 64
=== R2 ===
sudo
nmcli connection modify GRE-1 ip-tunnel.ttl 64
=== R3 ===
iptables
iptables -A FORWARD -i eht+0,1,2 -o eht3 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i eth3 -o eht+0,1,2 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
iptables -t nat -A POSTROUTING -o eht3 -j MASQUERADE
ip6tables -A FORWARD -i ens+34,36,37 -o ens38 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
ip6tables -A FORWARD -i ens38 -o ens+34,36,37 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
ip6tables -t nat -A POSTROUTING -o ens38 -j MASQUERADE
apt install iptables-persistent -y
После установки служба сама предложит сохранить уже сделанные изменения. Сохраняем правила IPv4 и IPv6
=== R1 ===
iptables -A FORWARD -i ens36 -o ens34 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i ens34 -o ens36 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
iptables -t nat -A POSTROUTING -o ens34 -j MASQUERADE
ip6tables -A FORWARD -i ens36 -o ens34 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
ip6tables -A FORWARD -i ens34 -o ens36 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
ip6tables -t nat -A POSTROUTING -o ens34 -j MASQUERADE
apt install iptables-persistent -y
После установки служба сама предложит сохранить уже сделанные изменения. Сохраняем правила IPv4 и IPv6
=== Виртуальная машина R2 ===
iptables -A FORWARD -i ens36 -o ens34 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i ens34 -o ens36 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
iptables -t nat -A POSTROUTING -o ens34 -j MASQUERADE
ip6tables -A FORWARD -i ens36 -o ens34 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
ip6tables -A FORWARD -i ens34 -o ens36 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
ip6tables -t nat -A POSTROUTING -o ens34 -j MASQUERADE
apt install iptables-persistent -y
После установки служба сама предложит сохранить уже сделанные изменения. Сохраняем правила IPv4 и IPv6
=== R1 ===
sudo
apt install frr -y
nano /etc/frr/daemons
Раскомментировать "ospfd=yes","ospf6d=yes"
ctrl+x > y > enter
systemctl restart frr
systemctl enable - -now frr
vtysh
conf t
router ospf
network 192.168.0.0/26 area 0
network 172.28.14.0/24 area 0
exit
do wr
ospf6
ospf6 router-id 1.1.1.100
ex
int grel
ipv6 ospf6 area 0
ex
int ens36
ipv6 ospf6 area 0
exit
do wr
exit
reboot
=== Виртуальная машина BR-R ===
apt install frr -y
nano /etc/frr/daemons
Раскомментировать "ospfd=yes","ospf6d=yes"
ctrl+x > y > enter
systemctl restart frr
systemctl enable - -now frr
vtysh
conf t
ospf
network 172.16.0.32/28 area 0
network 172.28.14.0/24 area 0
exit
do wr
router ospf6
ospf6 router-id 2.2.2.100
exit
int grel
ipv6 ospf6 area 0
exit
ens36
ipv6 ospf6 area 0
exit
do wr
reboot
=== Виртуальная машина HQ-SRV ===
панель управления > система и безопасность > виндовс дефендер >advanced settings> inbound rules > new rule >custom > all programms > ICMPv4 > any IP adress > allow the connections > domain/private/public > Name: ICMPv4
new rule >custom > all programms > ICMPv6 > any IP adress > allow the connections > domain/private/public > Name: ICMPv6
=== Виртуальная машина BR-SRV ===
панель управления > система и безопасность > виндовс дефендер >advanced settings> inbound rules > new rule >custom > all programms > ICMPv4 > any IP adress > allow the connections > domain/private/public > Name: ICMPv4
new rule >custom > all programms > ICMPv6 > any IP adress > allow the connections > domain/private/public > Name: ICMPv6
=== Настройка DHCPv4 – HQ-R ===
apt install isc-dhcp-server -y
nano /etc/default/isc-dhcp-server
Прописываем " INTERFACESv4="ens36 ", " INTERFACESv6="ens36 "
CTRL+X > Y > enter
nano /etc/dhcp/dhcpd.conf
authoritative;
default-lease-time 600;
max-lease-time 7200;
ignore client-updates;
ddns-update-style interim;
use-host-decl-names on;
subnet 192.168.0.0 netmask 255.255.255.192 {
range 192.168.0.11 192.168.0.61;
option routers 192.168.0.1;
host hq-srv {
hardware ethernet !!INPUT MAC!!;
fixed-address 192.168.0.60;
}
}
CTRL+X > Y > enter
На HQ-SRV > панель управления > сеть > Enthernet > details > смотрим physical address
Нa HQ-R nano /etc/dhcp/dhcpd.conf > дописываем hardware ethernet !!Physical address!!
CTRL+X > Y > enter
=== Настройка DHCPv6 – HQ-R ===
nano /etc/dhcp/dhcpd6.conf
ctrl+k
authoritative;
default-lease-time 600;
max-lease-time 7200;
ignore-client-updates;
ddns-update-style interim;
use-host-decl-names on;
allow leasequery;
subnet6 192:168:d::/122 {
option dhcp6.preference 255;
range6 192:168:d::2 192:168:d::3e;
host hq-srv {
host-identifier option dhcp6.client-id "!!CLIENT-ID!!";
fixed-address6 192:168:d::6;
fixed-prefix6 192:168:d::/122;
}
ctrl+X > Y > etner
=== Получение CLIENT-ID – HQ-SRV ===
нужно закоментировать #host-identifier option dhcp6.client-id "!!CLIENT-ID!!";
ctrl+X > Y > etner
systemctl restart isc-dhcp-server
=== Сброс настроек IPv4 - HQ-SRV ===
Панель управления > сеть > сброс настроек IPv4, IPv6
командная строка > ipconfig /release > ipconfig /renew > перезагрузка