This latest lab requires you to configure a point-to-point GRE tunnel, but with no encryption config. Unless this is your first Config Lab, you know the drill. If not: take 5-10 minutes now, read the lab, and type your answer or write it on paper. Then look for the answer post (which usually follows within a day or two if you happen to read this the day it was posted). Check here for all ICND2 Config Labs.
Requirements
Think of the four routers in this lab design as four enterprise routers. All sit in OSPF area 0. However, that one physical link between routers Edge1 and Edge2, now think of that as the entire Internet. (For simplicity in lab, this lab exercise uses that one link as the entire Internet.) So:
- The link between Edge1 and Edge2 are considered to be using public addresses
- All other links use private address (in private network 10.0.0.0)
From a GRE tunnel perspective, you will use the public IP addresses on the link between Edge1 and Edge2 as the tunnel source and destination. Then, for the tunnel interface itself, you will place the interfaces into a subnet in private network 10.0.0.0, you will use OSPF to exchange routes from private network 10.0.0.0, with all subnets in area 0.
The specific rules for this lab are:
- As the tunnel source, use the IP address on the interfaces connecting the Edge routers. (That is, do not refer to the interfaces as the tunnel source.)
- As the tunnel destination, create a local hostname referencing the other Edge router’s Internet-facing IP address (will be interface G0/1 on each router). Then use that hostname as the tunnel destination.
- Assign the tunnel interfaces private IPv4 addresses from network 10.0.0.0 per the figure.
- Configure OSPFv2 in area 0 on the tunnel interface using interface configuration (that is, do not use OSPF network commands).
- Make sure the new OSPF configuration agrees with the existing configuration.
- Assume all device interfaces shown in the lab are up, working and with correct IP addresses assigned.
Figure 1: Two Enterprise Routers at Acme Corp, with One Link Acting as Entire Internet
Initial Configuration
Examples 1, 2, 3 and 4 show the beginning configuration state of Edge1, Edge2, Acme1 and Acme2.
Example 1: Edge1 Config
hostname Edge1 ! interface GigabitEthernet0/1 ip address 192.0.2.129 255.255.255.252 no shutdown ! interface GigabitEthernet0/2 ip address 10.10.10.1 255.255.255.0 ip ospf 10 area 0 no shutdown ! router ospf 10 router-id 1.1.1.1
Example 2: Edge2 Config
hostname Edge2 ! interface GigabitEthernet0/1 ip address 192.0.2.130 255.255.255.252 no shutdown ! interface GigabitEthernet0/2 ip address 10.10.20.1 255.255.255.0 ip ospf 10 area 0 no shutdown ! router ospf 10 router-id 2.2.2.2
Example 3: Acme1 Config
hostname Acme1 ! interface GigabitEthernet0/1 ip address 10.10.10.2 255.255.255.0 ip ospf 10 area 0 no shutdown ! interface GigabitEthernet0/2 ip address 10.100.100.1 255.255.255.0 ip ospf 10 area 0 no shutdown ! router ospf 10 router-id 3.3.3.3
Example 4: Acme2 Config
hostname Acme2 ! interface GigabitEthernet0/1 ip address 10.10.20.2 255.255.255.0 ip ospf 10 area 0 no shutdown ! interface GigabitEthernet0/2 ip address 10.200.200.1 255.255.255.0 ip ospf 10 area 0 no shutdown ! router ospf 10 router-id 4.4.4.4
Answer on Paper, or Maybe Test in Lab
Next, write your answer on paper. Or if you have some real gear, or other tools, configure the lab with those tools.
To test your solution, if you happen to try it with VIRL or real gear, you can verify the configuration and operation of the tunnel interface by issuing the show interfaces tunnel0 command on routers Edge1 and Edge2. If OSPF is configured correctly it should form a neighborship across the tunnel interface. Also, all four of the routers should learn about all the remote subnets in network 10.0.0.0; for instance, on routers Acme1 and Acme2, a show ip route command should list three subnets learned by OSPF once the lab is completed.
Additionally, look at show ip interface brief, which should show the tunnel interface, it’s IP address, and a state of up/up.
If you do implement this lab, also try a few ping commands. For instance, from router Acme1, the ping 10.200.200.1 source G0/2 command would ping from Acme1’s G0/2 interface address to router Acme2’s G0/2 address (10.200.200.1). That ping would test the routes to subnet 10.100.100.0/24 and back to 10.200.200.0/24.
Do this Lab with Cisco’s VIRL
You can do these labs on paper and still get a lot out of the lab. As an extra help, we have added files for the Virtual Internet Routing Lab (VIRL) software as well. The .VIRL file found here is a file that when used with VIRL will load a lab topology similar to this lab’s topology, with the initial configuration shown in the lab as well. This section lists any differences between the lab exercise and the .VIRL file’s topology and configuration.
Download this lab’s VIRL file!
The VIRL topology matches this lab topology exactly.